I want a Model 22 HDD Hard Drive Disintegrator

Maybe hardware is cooler than software after all

Steve Riley on Security — Thu, 28 May 2009 04:48:20 GMT

A while back, if you recall, I wrote about the Model 22 HDD Hard Drive Disintegrator (check the link

re: I want a Model 22 HDD Hard Drive Disintegrator

Drew — Thu, 16 Apr 2009 05:15:04 GMT

HDDErase is much faster and thorough than using cipher.exe.

http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml

From the Readme:

"HDDerase.exe is a DOS-based utility that securely erases "sanitizes" all data on ATA hard disk drives in Intel architecture computers (PCs). It offers the option to run the drive internal secure erase command, security erase unit, based on the ATA specification by the T13 technical committee."

re: I want a Model 22 HDD Hard Drive Disintegrator

mats — Fri, 20 Mar 2009 23:24:12 GMT

Diego: IBAS has recoverd such disks.

about 250 grams of C4 will give you very very very small fragmensts left. Unfortunally they choised to melt their drives instead

re: I want a Model 22 HDD Hard Drive Disintegrator

Chris.Knight — Thu, 26 Feb 2009 06:37:00 GMT

Add a zinc sacrificial anode to your tub as well. It doesn't matter how well you prime/paint the arm, water will get in!

re: I want a Model 22 HDD Hard Drive Disintegrator

Morgan Storey — Wed, 28 Jan 2009 09:04:41 GMT

Zdnet actually did an article on this recently using one of their sponsors to try and recover data, it ended badly because the company couldn't get data back from the drive that they just hit with a hammer for 30min.

That being said I usually do 9+ wipes on high value stuff, then open the hard drive, rip out the platters and scratch them with a screw driver before breaking the disk with pliers into 1cm X 1cm peices, then sort them into 4 piles, one goes to the secure recycling at work, another to the secure recycling at another site and the other two piles do the same thing a month later. I reacon that is enough for my envrionment. But I do agree with the confetti then burn/melt approach, but a dedicated machine seems a bit wasteful.

re: I want a Model 22 HDD Hard Drive Disintegrator

Diego — Mon, 26 Jan 2009 02:12:13 GMT

I just take the top off the drive and drill some holes in the platters. Leaves me feeling confident that nothing will come off that drive.

re: I want a Model 22 HDD Hard Drive Disintegrator

Andrew — Sat, 24 Jan 2009 09:22:01 GMT

Indeed - The pieces being ejected from that disintegration would be considered too big for highly classified data. The disintegrators I've seen (which are at least 4-6 times bigger than this unit with a higher capacity) eject pieces no bigger than about 3-4mm. Impressive - And incredibly noisy - stuff.

re: I want a Model 22 HDD Hard Drive Disintegrator

DMackie1968 — Thu, 22 Jan 2009 01:05:56 GMT

Those pieces look pretty big Steve, although it may well be security theatre, I have been in the room when the idea of tumbling drives (similar to this shredder in end result) was questioned due to the amount of data on a piece could be several documents (in TB Sized Drives). So the policy of that org was to tumble then smelt like Pete suggests.

re: I want a Model 22 HDD Hard Drive Disintegrator

gbromage — Wed, 21 Jan 2009 23:13:31 GMT

" I’ve always thought the notion that bits will somehow “soak” down into the disk and could be recovered by “shaving off” the disk’s top layer is silly"

It's not that silly - same principle (or rather, the opposite principle) to a noise cancelling microphone.

With the microphone, you record the the background noise with one mic, and the speaker with another. Feed both parts into an op-amp and effectively "subtract" the background noise from the speaker's mic, to give a clearer voice signal.

With hard disks, you read the magnetic resonance at a more raw level. The strongest signal (the one most recently written) is what the disk head interprets as the current data, so you feed that (what you expect the disk to say, or what the disk controller says that it says) and the raw signal in, and subtract the clean feed, and what you're left with is the background noise. Faint, but because it's digital, sometimes readable.

But, because you can realistically only read the write-before-last this way, it's most effective when the bit patterns change, then two wipes with reasonable random data is perfectly sufficient.

"If that were really true, then it would be a fairly simple operation to “wash” away encryption, no?"

Yes. So if you have pre-existing data on a hard disk, then just encrypt it sector by sector, it would be possible to remove that and read the unencrypted data below.

Of course, if you're overwriting encrypted data with other encrypted data, you're quite safe - this sort of recovery isn't an exact science, and a few corrupted bits here and there will make all the difference to whether it could be decrypted even if you had the key.

Still, I recommend my clients encrypt the disk BEFORE placing any data of consequence on there. Which, for USB disks or secondary disks is fine. For the boot volume, if you encrypt straight after install then the most the attacker would get is the base OS image.

And I figure that if the attacker has enough money to own the equipment to be able to do this sort of attack, they probably have enough money to buy the OS install media. Even at the price of Vista Ultimate. ;-)

re: I want a Model 22 HDD Hard Drive Disintegrator

Pete — Wed, 21 Jan 2009 20:27:13 GMT

When I worked for a DoD contractor w/ classified systems, we developed a good relationship with the local steal company and used their furnace to destroy everything from Hard Drives to Tapes to boxes of classified documents. The heat and power was amazing…now those hard drives are probably sitting in some steal beam…..