Jump to content

Best way to destroy HDD?

IDNeon

By IDNeon
in Everything Else

 Share

Recommended Posts

IDNeon Newbie

IDNeon

Posted
Posted (edited)

I don't know if I made a thread about this before, but this has always been a pet peeve of mine that I've never tested or built but kinda wish soooooommmmeonnneee else would (long lazy sigh).

We all ought to know that Force Microscopy can be used to examine a disk at its atomic scale and basically rebuild data that has been overwritten.  Therefore there's some debate as to how many "passes" are enough, and to whether or not degaussing is sufficient.  And you can buy degaussers for such a purpose.  I believe the evidence suggests degaussing is sufficient but we CAN GO FURTHER!

I give to you the Induction Heater!  https://youtu.be/VydPQuLyEns  Behold!  Aluminum being melted in about 1 minute.

Imagine the FBI raiding your apt and you flip the switch and that puppy already installed around your external drives (or whatever set-up) turns on and just melts your harddrive.

The first nano-second is going to blast the harddrive in a powerful alternating magnetic field anyway, but just to be sure.  Ya know...melted slag in 1 minute tops.

Hillary Clinton's Bleach Bit theoretically has nothing on this.

In all seriousness though, induction heaters are easy to build, easier to buy, run on about 3kw, and will degauss AND physically destroy your harddrives at the same time.  Not sure what its effect would be on a SSD other than that it would most certainly melt those too (if they are using any kind of metallic case).

Induction heaters work on any metal as far as I am aware, magnetic properties of metals come from the ability to align all the magnetic fields in that metal, which non-magnetic metals are resistant to but are not themselves "without" magnetism.  Induction heaters simply oscillate between polarities so that these fields are constantly shifting creating friction and thus heat.  So would work on any substance that responds to magnetism, not just magnetic materials.

Edited by IDNeon
Link to comment
Share on other sites
b0N3z Rookie

b0N3z

Posted
Posted (edited)

Shoot it, I like the M855 green tips in 5.56 ;)  Also there is a Defcon talk about this topic on youtube.  If I find it later I will post it.

Edited by b0N3z
Link to comment
Share on other sites
Struthian Newbie

Struthian

Posted
Posted

Even shards of a smashed platter can yield data in an advanced lab.    Services that destroy drives shred them on site and then take the shreddings and  burn them or destroy them chemically.   If you want to dIY, burning is necessary to completely obliterate the data.  In shredding, the smaller the shards, the less likely the recovery.   Obviously the more the shards are mixed from other shreddings the more deterred the data recovery specialists will be.

You can also obliterate the data and keep the drive by using the appropriate software.  That will rewrite the drive many times with random patterns.  Repeated random rewrites are crucial if the drive data is to be not recoverable in a suitable lab.

Link to comment
Share on other sites
Foxtrot Grand Master

Foxtrot

Posted
Posted
4 hours ago, Struthian said:

Even shards of a smashed platter can yield data in an advanced lab.    Services that destroy drives shred them on site and then take the shreddings and  burn them or destroy them chemically.   If you want to dIY, burning is necessary to completely obliterate the data.  In shredding, the smaller the shards, the less likely the recovery.   Obviously the more the shards are mixed from other shreddings the more deterred the data recovery specialists will be.

You can also obliterate the data and keep the drive by using the appropriate software.  That will rewrite the drive many times with random patterns.  Repeated random rewrites are crucial if the drive data is to be not recoverable in a suitable lab.

I think the standard DBAN 3-pass is enough...

Link to comment
Share on other sites
barry99705 Veteran

barry99705

Posted
Posted

No one is going to use an electron microscope to "rebuild" the data on a drive.  You're talking about billions to trillions of bits of data, that any mistake between a dot or a dash will render the whole thing useless.  A single zero pass on a "current" hard drive is enough to render it practically impossible to recover anything.  Really, call up a recovery place and tell them that a drive got zero wiped with dban or something.  They'll laugh at you, then hang up.   "Current" being 500gb or larger.  Though probably anything that's sata will be current enough.  The only reason the electron microscope thing used to work was because the bits on the drive were larger, and there weren't as many.  Though I've never seen actual proof it's ever been done.

 

Here we go.

https://www.vidarholen.net/~vidar/overwriting_hard_drive_data.pdf

And a quote from the paper, emphasis is mine.

4 Conclusion

The purpose of this paper was a categorical settlement to the controversy surrounding the misconceptions involving the belief that data can be recovered following a wipe procedure. This study has demonstrated that correctly wiped data cannot reasonably be retrieved even if it is of a small size or found only over small parts of the hard drive. Not even with the use of a MFM or other known methods. The belief that a tool can be developed to retrieve gigabytes or terabytes of information from a wiped drive is in error. Although there is a good chance of recovery for any individual bit from a drive, the chances of recovery of any amount of data from a drive using an electron microscope are negligible. Even speculating on the possible recovery of an old drive, there is no likelihood that any data would be recoverable from the drive. The forensic recovery of data using electron microscopy is infeasible. This was true both on old drives and has become more difficult over time. Further, there is a need for the data to have been written and then wiped on a raw unused drive for there to be any hope of any level of recovery even at the bit level, which does not reflect real situations. It is unlikely that a recovered drive will have not been used for a period of time and the interaction of defragmentation, file copies and general use that overwrites data areas negates any chance of data recovery. The fallacy that data can be forensically recovered using an electron microscope or related means needs to be put to rest.

 

Still, if you really want to go all medieval on a drive, fire is best.

 

Link to comment
Share on other sites
Dave-ee Jones Newbie

Dave-ee Jones

Posted
Posted

It's quite funny to think that people go so far as to take HDDs to a recovery lab, fully knowing that the HDD is just some random HDD they found in the rubbish bin put there by some random guy who is chucking out their old PC. The trouble you go through just to see a few installed programs, images and videos..

 

Link to comment
Share on other sites
Zylla Newbie

Zylla

Posted
Posted (edited)

If we're talking about something that's "reasonable": i'm suggesting a microwave, or as we used on my old workplace: this insane magnet, built for destroying data on HDDs.

We need to consider the time you have to react when your house is being raided by feds. (If they know your "1337 haxer skillz" they might be ready for you to pull something like this off.)
It's seconds!
So, either a microwave next to your computer, ready to go.
Or some custom rig with a trigger that will ignite some thermite around the HDDs. (Saw this in a video a long time ago)

If you have time on your hands the 3-pass should be fine.

Edited by Zylla
Link to comment
Share on other sites
Mr-Protocol Grand Master

Mr-Protocol

Posted
Posted

You only need 1 overwrite anymore to render data unreadable. Disks are so dense that if there was a lab that busted out the electron microscope (I have never heard of one ever existing) they wouldn't be able to read any "residual" magnetic fields.

Same goes for "shard of a platter". I have never heard of any lab doing such things.

Even if there was a lab, there is more than just your pictures of cats on drives platters. There is a ton of other data that only the drive controller sees. Differentiating between the two is impossible if you were to look at it in a magnetic level like you are suggesting. Plus rebuilding any partial data at the bit level would be such a time consuming process, it's not practical. Aside from all that, the drive does CRC checks on every sector it reads. You can actually have somewhere around 7-10 bad bits (can't remember exact numbers) in a sector and it rebuilds the data on the fly using the CRC (oversimplified explanation). When the drive controller determines that there are too many bad bits, it will rebuild it and then write it to a different sector, flagging the original as "bad".

image.png

image.png

Per NIST SP 800-88 r1

http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...