Date: Thu, 10 Oct 2024 12:22:16 -0700 From: Doug Hardie <bc979@lafn.org> To: questions@freebsd.org Subject: Re: How to zero a failing disk drive before disposal? Message-ID: <2D3640CE-2A76-4BBD-8906-AF7FAE02AA32@sermon-archive.info> In-Reply-To: <7de83c36-7ec5-4cf3-8e8d-4cad98d610b8@app.fastmail.com> References: <5117.1728561469@segfault.tristatelogic.com> <ZwfG1Q0Qtb6IkHCd@pureos> <CAAdA2WNgKoxpb-=p1gMDyZ5XMZEMfz3_1uqPGNz1FhKs_csYnQ@mail.gmail.com> <4592b3d058a5c2c2c5acf752706ade1e4e1ed7ca.camel@riseup.net> <7de83c36-7ec5-4cf3-8e8d-4cad98d610b8@app.fastmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Oct 10, 2024, at 11:34, robert@rrbrussell.com wrote: >=20 > On Thu, Oct 10, 2024, at 10:17, Ralf Mardorf wrote: >>=20 >> On Thu, 2024-10-10 at 08:16 -0500, robert@rrbrussell.com wrote: >>> invoke the ATA Secure Erase feature >>=20 >> ATA Secure Erase or ATA Cryptographic Key Reset are as secure as a = pager >> or walkie-talkie, as it is impossible to know whose fingers were >> involved in their manufacture or in the supply chain. >=20 > Quit spreading FUD. The cost of building a subverted drive isn=E2=80=99t= worth the time or money for general distribution in the economy. You = need a high percentage of the drive=E2=80=99s physical capacity = dedicated to spare space to get a decent chance of catching useable data = in =E2=80=9Creallocated=E2=80=9D space. Of course your competition can = just sell a higher capacity drive and put you out of business. >=20 > The easiest way to destroy information is forgetting the encryption = key but most people don=E2=80=99t use FDE. >=20 Encryption is not the answer. There is always a key that will decrypt = the data. The only issue is to find it. NSA, M4, KGB (or whatever they = are know as now), and possibly several other intel agencies have the = resources to decrypt it. Chances they would be interested in your data = is pretty slim, but I have seen several times where people were able to = guess the key in just a few tries.=20 I believe the easiest approach is to disassemble the unit, remove the = platter and sand it. The information is in the iron oxide (brown = stuff). Sanding it removes it as dust. This is essentially what a head = crash does. It doesn't take a lot of effort to sand it. The head = contacting the disk does a great job. =20 -- Doug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2D3640CE-2A76-4BBD-8906-AF7FAE02AA32>