"Smash Your Hard Drive" To Fight Identity Theft 527
Will Do This For Free writes "BBC News has a story about the only fireproof way of safeguarding your personal information when dumping your old computer: 'It sounds extreme, but the only way to be 100% safe is to smash your hard drive into smithereens. [...] The more thoroughly the better.'
This sounds like so much fun that I almost feel like doing it right now. Let me press Submit Story first."
Stupid (Score:2, Insightful)
Or you could, you know, overwrite the bits with new garbage data.
At work, we've had dealings with data recovery labs and they've never, ever been able to retrieve anything useful.
Article or Ontrack Promotional Video? (Score:5, Insightful)
The whole discussion is made pointless when Ontrack says, "Oh, we can't restore a zero'd drives either."
Re:saveguarding, eh? (Score:5, Insightful)
Re:I find a Magnet Works (Score:5, Insightful)
NO! It does NOT make it completely useless. Someone with a scanning-tunneling microscope could still retrieve portions of your data! The thing that makes this article retarded isn't the difficulty of permanently destroying data, which is best done with intense heat (as in, burn the disk to the point it melts) but the fact that no one cares about your identity OR your porn collection. Just zero the disk once and odds are that will be more than good enough for any of your personal data, unless you are the fucking president or something. Zero the disk or if you must, run a secure formatter, and put it on freecycle if it's too old to sell.
Re:Whats the problem with... (Score:3, Insightful)
Put it this way ... if it could then your drive would have double the capacity.
Drive makers aren't stupid.
http://en.wikipedia.org/wiki/Data_recovery#Recovering_overwritten_data [wikipedia.org]
Re:saveguarding, eh? (Score:3, Insightful)
What about having it fully encripted at all times?
If your computer is stolen it's quite hard to convince the thief to store it in an acid bath till it stops bubbling.
Re:I find a Magnet Works (Score:3, Insightful)
TFA makes the point that for most of us, a wipe or a hammer job is adequate to deter the schmoogs. The web is full of various tests of redox reactions to destroy the platters, if your data is in a glowing puddle of molten aluminium, it's probably secure.
This message (Score:3, Insightful)
...but the only way to be 100% safe is to smash your hard drive into smithereens. [...]
This message brought to you by the Hard Drive Manufacturers Association.
Re:Environmentally criminal! (Score:1, Insightful)
It's environmentally criminal to be suggesting the best way to wipe a disk is to smash it.
It's also *extremely dangerous* for someone who's not used to tools and their safety precautions to be smashing a metal/glass object like this. Lots of people might have (say) a hammer and screwdriver around the house but no goggles. What do the 'Which' people think is preferable? - having your identity stolen or losing an eye?
They'd be much better off giving a simple sequence of instructions for running a boot-and-nuke CD. Or telling people just to take the HD out and put it in a safe place. Or just stick the old PC in the damn attic! Anything but this.
When's the first lawsuit coming? "I followed Which's advice and now I'm blind!"
Re:In other news (Score:4, Insightful)
1 pass of zeroes we got around,sorry but it has been awhile, but we got around 80% IIRC.
OK, I'm impressed. Would you care to explain in more detail how you did that? From your description, you used "every piece of freeware and trialware that we could get our little hands on". I haven't heard of any software solution that can recover overwritten data.
Comment removed (Score:5, Insightful)
Re:I find a Magnet Works (Score:2, Insightful)
You should probably tell that to hard drive manufacturers. They could use that knowledge to store twice as much data on the disk.
Mod Parent up (Score:4, Insightful)
I haven't heard of any software solution that can recover overwritten data.
Likewise. Barring actually disassembling the drive, I think GP's post is bullshit.
How can software get past the fact that the hard disk controller will be handing the OS all 0's?
Re:In other news (Score:1, Insightful)
In other news: people still stupid. Has anyone here actually TRIED to get stuff back off a Guttmann wiped drive? Or even a DoD 7 wiped drive?
Or simply zeroed out drive. I'm relatively certain you can read just about as little out of that as from one that's been properly wiped 473 times over and over with maximally uncorrelated patterns of various kinds.
What you are overlooking however, is that copies of important sectors might not get overwritten AT ALL. Your totally secure 256-bit random AES key to all things confidential might just have been laying around on a "bad" sector that the drive helpfully relocated somewhere else and refuses to overwrite no matter what.
No you don't. (Score:5, Insightful)
Disassemble the drive and remove the platters. Take sandpaper and sand off the oxide. There's no way in hell any data will be recovered after that.
Not everyone has access to a furnace hot anough to melt the whole thing.
Re:I find a Magnet Works (Score:3, Insightful)
but the fact that no one cares about your identity OR your porn collection. Just zero the disk once and odds are that will be more than good enough for any of your personal data, unless you are the fucking president or something.
I agree completely. No one is going to bother with a few weeks of work taking apart the drive to get access to you're $371.39 bank account when they can spend 1 hour and simply find that the next disk in line is fully formatted and has all the information they need.
The whole article is a little sensationalist and ridiculous to me. I'm surprised to see such shoddy reporting from the BBC.
Re:In other news (Score:2, Insightful)
Your not doing it correctly:
Hint: Use an O Scope.
Your college free wares tools are probably 2 generations behind the NSA; which is to be expected due to your limited computer power.
Remove platters, breaks mix with magnets.
You can put off pieces from a broken disk..even a shattered disk. it only takes time, and some governments would be more then happy top spend resource reconstructing a different nations disk for a chance it might be valuable.
Security is not a door, it's a fence. You need to determine how high of a fence you want someone to climb in order to get in.
DoD sanitization (Score:5, Insightful)
Depends on the value of the information. Are you willing to spend $500-$10000 on a professional recovery service, or is your information not worth that much? Can it be reconstructed through different means?
The DoD has to worry about enemies getting ahold of the disk and sending it to a multi-million dollar clean-lab with stuff like electron microscopes and post-doc engineers to recover the information.
Something properly classified 'Top Secret' is done so on the basis of it being possible for it to cause 'exceptionally grave damage'. IE lives lost, cities nuked, embarrasing the POTUS, etc...
The reason you destroy the information in so many different ways is in case one of the ways fail. For example, degaussing is often possible in-house, but what if the degausser doesn't work well enough? On the other hand, sending it to a facility capable of smelting it down requires transporting it - an opportunity for it to be lost. So you degauss it first to make it harder to retrieve data in the facility, then send it to the smelter 'to make sure'.
Re:In other news (Score:3, Insightful)
Unlikely. Your HDD has a metal case that would keep the microwaves from penetrating to the platters. If you were to put it in the microwave, you would likely get some sparking/smoking from the controller board, but the acutal platters likely wouldn't even get warm.
But dont take my word for it, try it! Your work has a microwave, no? Or just watch this crappy video on YouTube: http://www.youtube.com/watch?v=hRU7yEEgRaw [youtube.com]
Not cheap if computer is free (Score:5, Insightful)
Hard drives are NOT cheap if your goal turn the computer around for use by someone with low income. I rebuild computers and give them away for free to people who need them. Spending even $20 to replace the hard drive would increase the cost of the computer enough to make it unusable for my purposes.
Is it really possible to recover data from a disk that has been wiped with DBAN? I highly doubt it -- I've never heard of data being recovered after wiping with DBAN.
If you want to be friendly to the environment and spread the availability of low-cost computing, don't destroy the disk, use DBAN instead.
Re:I find a Magnet Works (Score:2, Insightful)
Uh, your knowledge is several decades out of date. Hard drives record a complex analog signal that is just at the limit of being readable and they use complex Viterbi PRML decoders to guess the data. It has to be at the densities we are at now.
Re:I find a Magnet Works (Score:3, Insightful)
It's really surprising to see a comment like this get moderated informative on slashdot.
Re:DOD Guidlines. Re:"The only fireproof (Score:5, Insightful)
Am I crazy when I think that when one gets to the point where one is overwriting with random data 10+ times and degaussing afterwards, the chance of some enemy recovering your data is pretty much zero, and the money such a recovery would require would be enough to buy a hundred spies? No point in destroying your data to the point where only divine intervention could restore it when it is several orders of magnitude easier to steal the data before it is destroyed, right?
Re:In other news (Score:2, Insightful)
1 pass of zeroes we got around, but we got around 80% IIRC. 3 pass was lower(0,1,random), somewhere in the 10-20% range, depending on the software used, but most of the "recovered" data was garbled beyond use
I call BS, how exactly were you able to recover OVERWRITTEN data with a software only solution?
Comment removed (Score:4, Insightful)
Re:DOD Guidlines. Re:"The only fireproof (Score:2, Insightful)
Has anyone ever gone to Mars or brought peace to the middle east? Surely if this has been possible for a long time it must be possible for you to point to two or three reliable articles where someone has done this.
'Freely available on Google' isn't anything like an equivalent set to 'possible', and things that are merely theoretical now may well be trivial a decade from now. Data that needs to stay secure for the long term can't depend on it being unrecoverable due to current technical limitations; that died with DES. I doubt it would be hard at all to lift data off a 30 year old drive; sure, credit card numbers from the 1970s aren't too useful now, but some things might be.
Re:DOD Guidlines. Re:"The only fireproof (Score:4, Insightful)
> Has anyone ever gone to Mars or brought peace to the middle east? Surely if this has been possible for a long time it must be possible for you to point to two or three reliable articles where someone has done this.
This Gutmann guy tells us how overwritten data could be recovered. Reading his paper makes one suspect this would all be very easy for one with access to scanning probe microscopy, and he suggests a scanning probe microscope could be built for as little as $1400. The paper has been 'in the wild' for over 10 years now. Why can't I find any articles wherein his techniques have been used to recover just a single sector that has been overwritten 5 times? By the looks of it such an experiment could be performed for relatively little money, and any university who would do such an experiment would gain much publicity. Either nobody has ever tried this very cheap and easy thing that would make that person very famous, or it is impossible.
Which makes it, off course, completely different from going to Mars or bringing peace to the middle east. The former is extremely expensive, and nobody knows an acceptable way to solve the latter. Neither of these problems apply to the paper you mentioned, or so the writer suggests.