Jump to content

Completely removing all data from drive

maxse

By maxse
in General Support

Recommended Posts

maxse Enthusiast

maxse

Posted
Posted

Hey guys,

 

I haven't posted in a while as I've never really had issues with my unraid which is fantastic until today. I had a drive red ball. I already replaced it and it is rebuilding the array. However, I have a question

 

Before throwing out the old drive, I would like to make sure to completely remove any traces of day on it so that whatever was on it cannot be recovered if someone finds it. I have an external USB enclosure that I bought a while back. Can someone recommend a software for a mac that can do this before I throw the drive out? What's considered best practices, what do you guys do?

 

Thanks so much!

Link to comment
JonathanM Grand Master

JonathanM

Posted
Posted
19 hours ago, Squid said:

Leave it sitting against my subwoofer for a day.

That by itself won't do anything. A hard drive has MUCH stronger magnets than the speaker does inside its case to position the heads, you have to actually use an industrial degausser coil meant for HDD destruction.

 

Leaving the hard drive spinning while in physical contact with the driver cone while playing house music might do it though. ?

Link to comment
pwm Community Regular

pwm

Posted
Posted
1 hour ago, remotevisitor said:

dd if=/dev/zero of=/dev/sdX bs=1G

 

where X is the drive letter of the drive to clear.    This of course assumes you have removed it from the array.

 

An important note is that it doesn't erase remapped sectors. And the writes are "best effort" - you don't know if the writes did succeed without following up with are read pass.

 

Hardly any corporation accepts this method as a proper data removal because it's so hit and miss - especially when tried on a drive that already have issues.

 

But doing one or two write passes on the drive is the best that can be attempted without physically opening the drive (it's not possible to create strong enough magnetic fields to erase the drive from the outside without access to research-level magnets) or having a drive with encryption and just clearing the encryption key.

Link to comment
John_M Experienced

John_M

Posted
Posted
2 hours ago, maxse said:

LOL, cmon guys. Isn't there a way to just write 0s or 1s to the drive before disposing of it? I've had some personal stuff on there...

 

I gave you a suggestion that specifically meets your it-needs-to-run-on-macos requirement. What's more, it's included - no download required.

 

22 hours ago, John_M said:

Disk Utility:

 

https://support.apple.com/en-gb/guide/disk-utility/erase-a-volume-dskutl14079/mac

 

See section 6.

 

EDIT:

Here's what section 6 says:

 

Quote

If you chose Mac OS Extended (Journaled, Encrypted), to prevent the erased files from being recovered, click Security Options, use the slider to choose how many times to write over the erased data, then click OK.

Writing over the data three times meets the U.S. Department of Energy standard for securely erasing magnetic media. Writing over the data seven times meets the U.S. Department of Defense 5220-22-M standard.

 

Link to comment
pwm Community Regular

pwm

Posted
Posted
3 minutes ago, Frank1940 said:

Open up the drive and take a large hammer to the disk(s)!   Wear googles when doing so.  

 

If opening the drives, then steel wool would work quite well. The surfaces are extremely sensitive to scratches.

Link to comment
maxse Enthusiast

maxse

Posted
  • Author
Posted

Hey guys I think I misspoke.

 

I meant that the application needed to completely erase all data on the drive to the point of being not recoverable needs to run on the mac. 

 

I plan to throw the drive away after, and just want everything completely erased so it would not be possible to recover data from the drive if someone decides to try...

 

Not sure if you guys are kidding about doing physical damage to the drive lol? I just want to run it through an app that can completely wipe out all data on it so that it won't be able to ever be recovered.

Link to comment
maxse Enthusiast

maxse

Posted
  • Author
Posted

Thanks John! I think I just misread what you said.

 

So I'll need to format to macOS extended (journaled encrypted) than select 3 passes and then I can safely throughout the drive?

On 5/11/2018 at 1:30 PM, John_M said:

I gave you a suggestion that specifically meets your it-needs-to-run-on-macos requirement. What's more, it's included - no download required.

 

 

EDIT:

Here's what section 6 says:

 

 

 

Link to comment
maxse Enthusiast

maxse

Posted
  • Author
Posted

So Disk utility has options that says Scheme: GUID Partition Map, Master Boot Record or Apple Partition Map.

 

It defaults to just GUID Partition Map. I'm not sure what these all mean but I've selected 7 passes with GUID Partition Map, encrypted.

 

Any comments? Thanks so much guys!

Link to comment
JonathanM Grand Master

JonathanM

Posted
Posted
1 hour ago, maxse said:

I plan to throw the drive away after, and just want everything completely erased so it would not be possible to recover data from the drive if someone decides to try...

 

Not sure if you guys are kidding about doing physical damage to the drive lol?

Since you are planning to dispose of the drive, physical damage is the MOST effective and efficient way to accomplish what you want.

 

Not kidding at all, that's the way many businesses deal with data security. Recovering data from a drive that has the platters drilled is VERY expensive or impossible depending on the level of damage, so putting a hole or two through the drive that pierces the platters is quick, and nobody is going to even try to recover the data unless a very deep pocket agency has you targeted.

Link to comment
Frank1940 Veteran

Frank1940

Posted
Posted
2 hours ago, maxse said:

Not sure if you guys are kidding about doing physical damage to the drive lol? I just want to run it through an app that can completely wipe out all data on it so that it won't be able to ever be recovered.

 

Recovery of data from  a disk with physical damage is attempted only by people with the resources of a three-letter-agency because it is that expensive and there is no guarantee that anything that is recovered will contain anything of real significance.  Almost any other erasure method (software) leaves some hope of data recovery and the cost of trying is a couple of orders of magnitude less! 

Link to comment
maxse Enthusiast

maxse

Posted
  • Author
Posted

wow interesting. So why does it say that 7 passes is DOD compliant? Why don't they just drill through the platters themselves? I'm just curious. Love learning so much stuff from everyone here. I'm going to tackle encryption next, although I still have unraid 5, but it's been working so well, and I don't really have th eitme to elarn how the new system works, dockers, etc... I've had it running for 4 years with no issues so far with a few plugins!

Link to comment
Zonediver Community Regular

Zonediver

Posted
Posted
On 5/10/2018 at 3:33 AM, maxse said:

Hey guys,

 

I haven't posted in a while as I've never really had issues with my unraid which is fantastic until today. I had a drive red ball. I already replaced it and it is rebuilding the array. However, I have a question

 

Before throwing out the old drive, I would like to make sure to completely remove any traces of day on it so that whatever was on it cannot be recovered if someone finds it. I have an external USB enclosure that I bought a while back. Can someone recommend a software for a mac that can do this before I throw the drive out? What's considered best practices, what do you guys do?

 

Thanks so much!

 

If you plan to take the Disk completely OutOfService, disassemble the whole disk - keep the Disk-Controller for spare things (if you have identical disks).

Dont put all platters together in one bin bag !!!

Scratch all platters and spread the platters in different trash cans on different places (at home, at work or on the way to your work).

Link to comment
pwm Community Regular

pwm

Posted
Posted
1 hour ago, maxse said:

So why does it say that 7 passes is DOD compliant?

 

No one have proven that 7 passes would be meaningful with modern disks with narrow and sometimes even slightly overlapping tracks.

 

The requirement of 7 passes was from old times when the drives used stepper motors to align the head with the track. And because of temperature variations the write head could end up slightly inside or outside of the nominal center of the track - which means that not all of the track got overwritten. And a sensitive head capable of reading from narrower tracks could then extract data. The intention will multiple overwrites would be that the mechanical jitter from mechanical tolerances would reduce the risk that parts of the track wasn't erased. And multiple overwrites would also weaken the magnetic fields just outside of the part covered by the write head.

 

But the use of spare sectors in more modern disks means that a full overwrite may still leave sensitive data in remapped sectors. And a rule about encryption is that you never want someone to see both encrypted and cleartext information of the same data. So even less sensitive data remaining on a remapped sector could be used to attack the security of encrypted data captured through other means.

 

That's why there exists very expensive equipment designed to physically wreck disks in a way that data can't be recovered. And also a reason why enterprises looks at disks with internal encryption where you can just issue a single (and extremely quick) command to erase the encryption key stored inside the drive.

 

That's also why the command hdparm have support for parameters like --security-erase and --security-erase-enhanced

Link to comment
pwm Community Regular

pwm

Posted
Posted
2 minutes ago, Zonediver said:

Spread the platters in different trash cans on different places (at home, at work or on the way to your work).

 

No need for that - that's what a bit of steel wool would take care of.

 

And with glass platters, it's also possible to shatter the platters.

Link to comment
maxse Enthusiast

maxse

Posted
  • Author
Posted

So the formatting failed with disk utility on Mac. Got a error that said "unable to write to the last block of the device!"

Any other suggestions to wipe this drive prior to physical destruction? WD Utilities was not able to see the drive

Link to comment
John_M Experienced

John_M

Posted
Posted
2 hours ago, maxse said:

Got a error that said "unable to write to the last block of the device!"

 

Presumably the reason why you're disposing of the disk is that it's faulty!

 

This is an interesting academic discussion but what do you guys do if a disk fails while still under warranty? I'd have no hesitation in returning it but I wouldn't drill holes in it or attack it with steel wool first, though I would run badblocks on it as a means of testing it if I was able to. But if I wasn't I'd just return it as is. In similar circumstances would you actually forego getting a replacement for fear that someone might try to read your secrets? Serious question.

Link to comment

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...