From nobody Thu Oct 10 19:22:16 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XPflv2jDxz5YVQr for ; Thu, 10 Oct 2024 19:22:35 +0000 (UTC) (envelope-from bc979@lafn.org) Received: from mail.sermon-archive.info (sermon-archive.info [47.181.130.121]) by mx1.freebsd.org (Postfix) with ESMTP id 4XPfls3Dxtz4GBY for ; Thu, 10 Oct 2024 19:22:33 +0000 (UTC) (envelope-from bc979@lafn.org) Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of bc979@lafn.org designates 47.181.130.121 as permitted sender) smtp.mailfrom=bc979@lafn.org; dmarc=none Received: from smtpclient.apple (unknown [10.0.1.251]) by mail.sermon-archive.info (Postfix) with ESMTPSA id 4XPflk68Z5z2g4wd for ; Thu, 10 Oct 2024 12:22:26 -0700 (PDT) From: Doug Hardie Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3776.700.51\)) Subject: Re: How to zero a failing disk drive before disposal? Date: Thu, 10 Oct 2024 12:22:16 -0700 References: <5117.1728561469@segfault.tristatelogic.com> <4592b3d058a5c2c2c5acf752706ade1e4e1ed7ca.camel@riseup.net> <7de83c36-7ec5-4cf3-8e8d-4cad98d610b8@app.fastmail.com> To: questions@freebsd.org In-Reply-To: <7de83c36-7ec5-4cf3-8e8d-4cad98d610b8@app.fastmail.com> Message-Id: <2D3640CE-2A76-4BBD-8906-AF7FAE02AA32@sermon-archive.info> X-Mailer: Apple Mail (2.3776.700.51) X-Virus-Scanned: clamav-milter 1.3.1 at mail X-Virus-Status: Clean X-Spamd-Result: default: False [-1.71 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_LONG(-1.00)[-0.999]; NEURAL_HAM_MEDIUM(-0.99)[-0.990]; NEURAL_HAM_SHORT(-0.62)[-0.618]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; ONCE_RECEIVED(0.10)[]; RCVD_NO_TLS_LAST(0.10)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:5650, ipnet:47.181.128.0/18, country:US]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_ONE(0.00)[1]; APPLE_MAILER_COMMON(0.00)[]; DMARC_NA(0.00)[lafn.org: no valid DMARC record]; TO_DN_NONE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ARC_NA(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; R_DKIM_NA(0.00)[]; FROM_HAS_DN(0.00)[] X-Rspamd-Queue-Id: 4XPfls3Dxtz4GBY X-Spamd-Bar: - > On Oct 10, 2024, at 11:34, robert@rrbrussell.com wrote: >=20 > On Thu, Oct 10, 2024, at 10:17, Ralf Mardorf wrote: >>=20 >> On Thu, 2024-10-10 at 08:16 -0500, robert@rrbrussell.com wrote: >>> invoke the ATA Secure Erase feature >>=20 >> ATA Secure Erase or ATA Cryptographic Key Reset are as secure as a = pager >> or walkie-talkie, as it is impossible to know whose fingers were >> involved in their manufacture or in the supply chain. >=20 > Quit spreading FUD. The cost of building a subverted drive isn=E2=80=99t= worth the time or money for general distribution in the economy. You = need a high percentage of the drive=E2=80=99s physical capacity = dedicated to spare space to get a decent chance of catching useable data = in =E2=80=9Creallocated=E2=80=9D space. Of course your competition can = just sell a higher capacity drive and put you out of business. >=20 > The easiest way to destroy information is forgetting the encryption = key but most people don=E2=80=99t use FDE. >=20 Encryption is not the answer. There is always a key that will decrypt = the data. The only issue is to find it. NSA, M4, KGB (or whatever they = are know as now), and possibly several other intel agencies have the = resources to decrypt it. Chances they would be interested in your data = is pretty slim, but I have seen several times where people were able to = guess the key in just a few tries.=20 I believe the easiest approach is to disassemble the unit, remove the = platter and sand it. The information is in the iron oxide (brown = stuff). Sanding it removes it as dust. This is essentially what a head = crash does. It doesn't take a lot of effort to sand it. The head = contacting the disk does a great job. =20 -- Doug