From nobody Thu Oct 10 13:04:32 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XPVMq52HBz5Z1k2 for ; Thu, 10 Oct 2024 13:04:39 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [IPv6:2607:f3e0:0:1::12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smarthost1.sentex.ca", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XPVMp2gJLz4Skf for ; Thu, 10 Oct 2024 13:04:38 +0000 (UTC) (envelope-from mike@sentex.net) Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of mike@sentex.net designates 2607:f3e0:0:1::12 as permitted sender) smtp.mailfrom=mike@sentex.net; dmarc=none Received: from pyroxene2a.sentex.ca (pyroxene19.sentex.ca [199.212.134.19]) by smarthost1.sentex.ca (8.18.1/8.18.1) with ESMTPS id 49AD4WnS087722 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=FAIL); Thu, 10 Oct 2024 09:04:32 -0400 (EDT) (envelope-from mike@sentex.net) Received: from [IPV6:2607:f3e0:0:4:9551:e8d3:8d0:4668] ([IPv6:2607:f3e0:0:4:9551:e8d3:8d0:4668]) by pyroxene2a.sentex.ca (8.18.1/8.15.2) with ESMTPS id 49AD4Vkj078469 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Thu, 10 Oct 2024 09:04:31 -0400 (EDT) (envelope-from mike@sentex.net) Content-Type: multipart/alternative; boundary="------------QZauI1oxGGVzC6dR3gFFe4MQ" Message-ID: <4043e4c9-3365-4b91-ba7e-2004beeaa7ac@sentex.net> Date: Thu, 10 Oct 2024 09:04:32 -0400 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: How to zero a failing disk drive before disposal? To: "Ronald F. Guilmette" Cc: questions@freebsd.org References: <5117.1728561469@segfault.tristatelogic.com> Content-Language: en-US From: mike tancsa Autocrypt: addr=mike@sentex.net; keydata= xsBNBFywzOMBCACoNFpwi5MeyEREiCeHtbm6pZJI/HnO+wXdCAWtZkS49weOoVyUj5BEXRZP xflV2ib2hflX4nXqhenaNiia4iaZ9ft3I1ebd7GEbGnsWCvAnob5MvDZyStDAuRxPJK1ya/s +6rOvr+eQiXYNVvfBhrCfrtR/esSkitBGxhUkBjOti8QwzD71JVF5YaOjBAs7jZUKyLGj0kW yDg4jUndudWU7G2yc9GwpHJ9aRSUN8e/mWdIogK0v+QBHfv/dsI6zVB7YuxCC9Fx8WPwfhDH VZC4kdYCQWKXrm7yb4TiVdBh5kgvlO9q3js1yYdfR1x8mjK2bH2RSv4bV3zkNmsDCIxjABEB AAHNHW1pa2UgdGFuY3NhIDxtaWtlQHNlbnRleC5uZXQ+wsCOBBMBCAA4FiEEmuvCXT0aY6hs 4SbWeVOEFl5WrMgFAl+pQfkCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQeVOEFl5W rMiN6ggAk3H5vk8QnbvGbb4sinxZt/wDetgk0AOR9NRmtTnPaW+sIJEfGBOz47Xih+f7uWJS j+uvc9Ewn2Z7n8z3ZHJlLAByLVLtcNXGoRIGJ27tevfOaNqgJHBPbFOcXCBBFTx4MYMM4iAZ cDT5vsBTSaM36JZFtHZBKkuFEItbA/N8ZQSHKdTYMIA7A3OCLGbJBqloQ8SlW4MkTzKX4u7R yefAYQ0h20x9IqC5Ju8IsYRFacVZconT16KS81IBceO42vXTN0VexbVF2rZIx3v/NT75r6Vw 0FlXVB1lXOHKydRA2NeleS4NEG2vWqy/9Boj0itMfNDlOhkrA/0DcCurMpnpbM7ATQRcsMzk AQgA1Dpo/xWS66MaOJLwA28sKNMwkEk1Yjs+okOXDOu1F+0qvgE8sVmrOOPvvWr4axtKRSG1 t2QUiZ/ZkW/x/+t0nrM39EANV1VncuQZ1ceIiwTJFqGZQ8kb0+BNkwuNVFHRgXm1qzAJweEt RdsCMohB+H7BL5LGCVG5JaU0lqFU9pFP40HxEbyzxjsZgSE8LwkI6wcu0BLv6K6cLm0EiHPO l5G8kgRi38PS7/6s3R8QDsEtbGsYy6O82k3zSLIjuDBwA9GRaeigGppTxzAHVjf5o9KKu4O7 gC2KKVHPegbXS+GK7DU0fjzX57H5bZ6komE5eY4p3oWT/CwVPSGfPs8jOwARAQABwsB2BBgB CAAgFiEEmuvCXT0aY6hs4SbWeVOEFl5WrMgFAl+pQfkCGwwACgkQeVOEFl5WrMiVqwf9GwU8 c6cylknZX8QwlsVudTC8xr/L17JA84wf03k3d4wxP7bqy5AYy7jboZMbgWXngAE/HPQU95NM aukysSnknzoIpC96XZJ0okLBXVS6Y0ylZQ+HrbIhMpuQPoDweoF5F9wKrsHRoDaUK1VR706X rwm4HUzh7Jk+auuMYfuCh0FVlFBEuiJWMLhg/5WCmcRfiuB6F59ZcUQrwLEZeNhF2XJV4KwB Tlg7HCWO/sy1foE5noaMyACjAtAQE9p5kGYaj+DuRhPdWUTsHNuqrhikzIZd2rrcMid+ktb0 NvtvswzMO059z1YGMtGSqQ4srCArju+XHIdTFdiIYbd7+jeehg== In-Reply-To: X-Scanned-By: MIMEDefang 2.86 X-Spamd-Result: default: False [-2.39 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.998]; R_SPF_ALLOW(-0.20)[+ip6:2607:f3e0::/32]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[199.212.134.19:received]; XM_UA_NO_VERSION(0.01)[]; ASN(0.00)[asn:11647, ipnet:2607:f3e0::/32, country:CA]; TO_DN_SOME(0.00)[]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEFALL_USER(0.00)[mike]; RCPT_COUNT_TWO(0.00)[2]; R_DKIM_NA(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; DMARC_NA(0.00)[sentex.net]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_TLS_ALL(0.00)[] X-Rspamd-Queue-Id: 4XPVMp2gJLz4Skf X-Spamd-Bar: -- This is a multi-part message in MIME format. --------------QZauI1oxGGVzC6dR3gFFe4MQ Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit On 10/10/2024 8:46 AM, Michael Sierchio wrote: > > On Thu, Oct 10, 2024 at 7:58 AM Ronald F. Guilmette > wrote: > > I have a pretty ancient 4TB spinning rust drive (WD4001FAEX) that > is unambiguously at > death's door: > > Any suggestions?  If worse comes to worse I guess I will end up > writing my own tiny > little C program to just write 4KB blocks to a designated output > file while ignoring > all output errors, but I don't want to reinvent the wheel if > somebody else already > created something I can use in this context. > > > There is no method of writing to a disk that can reliably delete or > obscure all data – modern disk drives silently remap sectors, making > them unavailable to the host for writes.  If the data on the drive is > particularly sensitive, physical destruction of the media is the best > approach.  The DOD method is crush, then burn. ;-) We do both for disks.  We do a dd if=/dev/urandom first. Regardless if that fails/passes, we then physically destroy the disk.  The idea being if for some reason step 2 is missed, low effort prying eyes will not find anything.    Depends on your situation and sensitivity of the data.     ---Mike --------------QZauI1oxGGVzC6dR3gFFe4MQ Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit
On 10/10/2024 8:46 AM, Michael Sierchio wrote:

On Thu, Oct 10, 2024 at 7:58 AM Ronald F. Guilmette <rfg@tristatelogic.com> wrote:
I have a pretty ancient 4TB spinning rust drive (WD4001FAEX) that is unambiguously at
death's door:
 
Any suggestions?  If worse comes to worse I guess I will end up writing my own tiny
little C program to just write 4KB blocks to a designated output file while ignoring
all output errors, but I don't want to reinvent the wheel if somebody else already
created something I can use in this context.

There is no method of writing to a disk that can reliably delete or obscure all data – modern disk drives silently remap sectors, making them unavailable to the host for writes.  If the data on the drive is particularly sensitive, physical destruction of the media is the best approach.  The DOD method is crush, then burn. ;-)

We do both for disks.  We do a dd if=/dev/urandom first. Regardless if that fails/passes, we then physically destroy the disk.  The idea being if for some reason step 2 is missed, low effort prying eyes will not find anything.    Depends on your situation and sensitivity of the data.

    ---Mike


--------------QZauI1oxGGVzC6dR3gFFe4MQ--