Kaydol

Flood göndermek, insanların floodlarını okumak ve diğer insanlarla bağlantı kurmak için sosyal Floodlar ve Flood Yanıtları Motorumuza kaydolun.

Oturum aç

Flood göndermek, insanların floodlarını okumak ve diğer insanlarla bağlantı kurmak için sosyal Floodlar ve Flood Yanıtları Motorumuza giriş yapın.

Şifremi hatırlamıyorum

Şifreni mi unuttun? Lütfen e-mail adresinizi giriniz. Bir bağlantı alacaksınız ve e-posta yoluyla yeni bir şifre oluşturacaksınız.

3 ve kadim dostu 1 olan sj'yi rakamla giriniz. ( 31 )

Üzgünüz, Flood yazma yetkiniz yok, Flood girmek için giriş yapmalısınız.

Lütfen bu Floodun neden bildirilmesi gerektiğini düşündüğünüzü kısaca açıklayın.

Lütfen bu cevabın neden bildirilmesi gerektiğini kısaca açıklayın.

Please briefly explain why you feel this user should be reported.

How do you erase old hard drives ? You know, before recycling them ? (Gif for attention)

How do you erase old hard drives ? You know, before recycling them ? (Gif for attention)

Benzer Yazılar

Yorum eklemek için giriş yapmalısınız.

33 Yorumları

  1. Dban if software preferred, otherwise I do the smashie smash.

  2. why would i erase a drive ?

    someone might need my old credit card and bank info.

  3. If you have room and the equipment, multiple 9mm/.45ACP/5.7mm/etc rounds through them render them unusable. If you don’t have that kind of environment, 4 holes evenly spaced around the platter with a drill press will suffice—but IMO is much less fun than the .45ACP option 🙂

  4. Whoa, i did not expect to find one of my old videos in this sub.

    The objective of this video was… just to make a video. In reality i just recycle the drives after a few secure erase operations. The data my lab produced at the time was sensitive, but nothing super-high-security so we didn’t require anything special.

    I had some time and a few leftover drives and i was allowed to make a video on chemically destroying one.

  5. So, some key things to remember about zeroing/dban and spinning rust drives: this process generally can’t get at [reallocated sectors](https://readynas.sphardy.com/2011/04/what-are-reallocated-sectors/). So if a drive has been well-worn, there could be some remnants of data still on the drive even after you’ve zeroed/dbanned the drive.

    I use:

    * FDE on all volumes, except those where the data is transient, being shared with others AND not of any security importance, anyway.
    * Zero out all drives when the data must be wiped.
    * Then, when a drive has outlived its usefulness, I [send projectiles through it](https://imgur.com/a/RnNFOFs) to make sure the hardware and platters – and any remaining data on those platters – are completely disabled and inaccessible. Also, it’s fun!

    9mm works great for 2.5inch laptop hard drives, especially if they have glass platters… it just shatter them into tiny bits. 3.5 inch drives with metal platters usually need higher velocity .223/5.56 mm projectiles for the process to be effective.

  6. Ideally LUKS in use, then `dd if=/dev/zero` (or urandom)

    DBAN is nice too.

    If it’s a failed drive, a 9mm hole punch works well.

  7. I usually erase mine with 5.56, although if it’s particularly sensitive data I’ll break out the 7.62

  8. Does nobody here use the Firearms Solution? I take my dead drives out to the quarry and use them for target practice. It’s great fun!

  9. I once crunched over 2,000 drives with a shredder. That was fun. These days the storage frames have built-in functionality to wipe themselves. I think the last lease return was like 10 petabytes and it took about 5 days.

  10. salvage any potentially useful parts (magnets and boards, mostly) and take what’s left to the range. if all that’s left is shrapnel even the nsa would have one hell of a time recovering it

  11. I believe large companies simply put their hard drives in a machine that punches a hole in the center which deforms the disks and circuit board. Assuming that you encrypted the drives in the first place, no one is going to get the data back.

    Video of one in action:

  12. Dropping or shredding crypto keys is usually the best option if you set it up from the beginning. If the disk supports FDE natively, then the keys are probably stored in flash or EEPROM, which means you aren’t relying on the ability to write to the disk (e.g., if you’re sending a faulty drive for RMA).

    If you decide to use online erasure, it seems that no single approach “just works.” There are two aspects:

    * Physical versus logical blocks.
    * Quality of implementation.

    Typically, only the drive firmware can access *physical* blocks, while “shredding” software can only access *logical* blocks. This difference can be substantial. However, for any approach, a bad implementation can fail to do the job.

    **Secure Erase is a good first option, since it’s the only way to actually erase 100% of the platters.**
    This is part of the ATA standard, so any reasonably-recent drive should support it.

    Modern hard drives are expected to remap blocks during their lifetime, which means that some physical blocks cannot be reached by writing normally to the logical blocks. In other words, the host computer/OS can only ever “see” most of the actual data that has been written; only the drive’s internal firmware can see 100%. These remapped blocks might have data that you wrote, but were later remapped. In this case, they can still be “read” by the drive’s firmware, or by some other physical investigation. SE was developed in part to prevent attacks on remapped blocks by overwriting the entire physical dimensions of the platters, not just the logical dimensions that the computer/OS sees. SE algorithm implementations will vary, though, across manufacturers, drive models, and firmware versions, so not all are equal.

    **If you’re paranoid, `badblocks` (or some similar “shredding” algorithm) may be a good *second* line option.** The `badblocks` program writes different patterns of data to the drive in multiple iterations. As the name implies, this is an attempt to eagerly force the drive to remap any near-failing blocks by permuting the data pattern to try to force a failure (e.g., writing zeros may be fine, but a 1 bit in a particular position may trigger an error, or similarly for some other specific pattern). This was much more relevant in older drives, since modern drives will often do similar remapping internally on-the-fly. In context of drive erasure, however, this is basically the same as what “shredding” algorithms do. The specific patterns and permutations might differ, but for modern drives, the specifics are far less important than just writing different data several times.

    If you’re just lazy, you can try zeroing with tools like `ddrescue`, but (a) it won’t overwrite the entire drive, and (b) in my experience, it’s quite a bit slower than using the native Secure Erase command. And, again, it can only affect the logical blocks.

    **So, in order, these are the things that seem to cover the majority of cases:**

    1. Run the drive’s Secure Erase ATA command. ([Linux instructions here](https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase).)
    2. *After* doing the Secure Erase command, if you’re paranoid, run `badblocks` or a similar shredding algorithm.

    Also, some interesting reading:

    * [Hughes 2002](https://www.researchgate.net/publication/228740643_Secure_erase_of_disk_drive_data) explains a lot of the “why” of Secure Erase, especially in context of commercial programs that cannot reach 100% of the disk (because only the disk firmware can). It also has some neat explanations of how data can be recovered after zeroing, but that’s not quite as relevant to more modern drives.
    * [Wei 2011](https://www.usenix.org/legacy/events/fast11/tech/full_papers/Wei.pdf) evaluates the options for SSDs, and has novel work to validate erasure by reading the physical flash chips directly.

  13. When I was in the business of storing sensitive data, we would write a single pass of zeros to the drive, then sell them as surplus. If it wouldn’t spin up or got write errors, we would use the drill press.

    Certain kinds of proprietary data (IBM was particular about this) went to a contractor who did who knows what. I hope they ended up in a vat of acid.

  14. If you really want to destroy them oil well perforators seem the way to go


  15. I bury them in a box with my spent nuclear fuel rods and a few different Ebola strains.

  16. or you could just do what i do
    >!take apart the drive piece by piece and rub the platters together!<

  17. you know what’s free that doesn’t require dangerous chemicals? The pavement. Smash em’.

  18. Nobody cares about recovering a bunch of pirated movies.

    Just single pass zero and craigslist it.

  19. Fill it with zeros.

    ddrescue –force /dev/zero /dev/<device> output.log

    `ddrescue` will be better than `dd` at handling drives that give errors on writes.

  20. I zero my drives a few times and move on. Super sensitive data is encrypted at rest, so anything else would suck to get out in to the world, but would not be a show stopper.

    Zeroing is fast, and quite frankly if anyone has the resources to restore my data, then I already have far bigger problems.

    Relevant xkcd [https://xkcd.com/538/](https://xkcd.com/538/)

  21. I don’t have an answer, but for those just suggesting DBAN or encryption – a chemical or physical solution could be handy for when the drive craps out due to a mechanical error, and is inaccessible, but the platters are still in tact (and when you didn’t have the foresight to encrypt it before use………. like me……).

    It’ll be cool if someone does have a chemical solution for this – but if not, I’ll probably just take a hammer to them.

  22. Man you’d have to have done something horribly illegal or incredibly proprietary to warrant this. But cool nonetheless!

  23. Haven’t yet had the chance to do so, but power drill is my planned method for when a drive with any sensitive info (i.e. not simply my Plex library) dies.

    Alternative approach: [Thermite!](https://www.youtube.com/watch?v=-bpX8YvNg6Y)

  24. This is what I use encryption for. None of my storage device in last decade was used without dm crypt LUKS, so I just shred LUKS header and one-time zero disk, and that’s all. Works wonder when you need to send to RMA dead device, no worries about the data being accessible again.

  25. Seems a tad excessive unless you work at MI5… But a cool gif!