Solved Certified hard drive blanking

a59303

Active Member

Reaction score: 6
Messages: 128

Hi,

Not sure how to phrase the title. I am curious if anyone knows about certification for cleaning a hard drive. I am thinking about this because when I go to the local dump I see piles of computers that are being thrown away. It strikes me as a waste. In talking to the organizer of a recent e-waste recycling event, I was told that these items are contracted to be recycled and the hazardous materials will be removed in a official (permanent) way.

I think the major hurdle to using these computers again is that people may fear their data may be stolen. I wonder if there is an official way to clear a hard drive, some sort of certification? In the U.S.?

Thanks,

a5'
 
OP
A

a59303

Active Member

Reaction score: 6
Messages: 128

Thanks for the reply,

I thought of that, but I wasn't going to use them my self, and with the price of computers fairly low, the hard drive may be a valuable part. Of course the price of certifying the cleaning of it could be expensive as well. Also the task of taking out the hard drives is not what the people at the recycling center are employed to do.


I think more what I was wondering was is there some sort of a body, or entity, that will certify that one is taking the proper steps to destroy the data? I did see that maybe National Institutes of Standards and Technology (NIST) might do something like that though.

a5'
 

asteriskRoss

Well-Known Member

Reaction score: 161
Messages: 447

a59303, You have hit upon a topic close to my heart :)

In addition to the already mentioned NIST Special Publication 800-88 "Guidelines for Media Sanitization", there is guidance in ISO/IEC 27040 "Information technology -- Security techniques -- Storage security", which also includes guidance on resetting devices for reuse (that is, not in a forensically secure manner) and physical destruction (breaking it into pieces, melting it etc).

In terms of physical destruction, for trade certification there is the US trade organisation NAID that offers their own certification scheme as well as ADISA, which operates out of the UK and offers similar.

For physical destruction standards, the European standards body CEN publishes a code of practice, EN 15713 "Secure destruction of confidential material - Code of practice", though it is a bit limited and also now dated. Germany's standards body offers DIN 66399-2, snappily titled "Office machines - Destruction of data carriers - Part 2: Requirements for equipment for destruction of data carriers", which is popular with shredder manufacturers, particularly relating to paper. In the UK the Centre for the Protection of National Infrastructure (CPNI) have their own standard "Secure destruction of senstive items". A new Publicly Available Specification (PAS), PAS 7010, is about to be launched (September 2016 I believe, title yet to be publicly announced) by the UK standards organisation, the British Standards Institute (BSI) that is likely to start gaining traction, at least in the UK but potentially worldwide.
 
OP
A

a59303

Active Member

Reaction score: 6
Messages: 128

Thanks for the reply,

I thought of that, but I wasn't going to use them my self, and with the price of computers fairly low, the hard drive may be a valuable part. Of course the price of certifying the cleaning of it could be expensive as well. Also the task of taking out the hard drives is not what the people at the recycling center are employed to do.



I think more what I was wondering was is there some sort of a body, or entity, that will certify that one is taking the proper steps to destroy the data? I did see that maybe National Institutes of Standards and Technology (NIST) might do something like that though.

a5'

I should clarify what I said. Above I said that the recycling employees are not hired to remove hard drives. What I meant is that: At the recycling center they will not allow me to take a computer once they have it, and I assume (maybe wrongly) that is because people think that these computers are thrown away, that is, gone. So I further assume that I would need someone at the recycling center to take out the hard drives. That is almost certainly wrong now that I think about it because the center has a contract with a company to recycle these items, so they could not give them to me then. I think.

a59303, You have hit upon a topic close to my heart :)

In addition to the already mentioned NIST Special Publication 800-88 "Guidelines for Media Sanitization", there is guidance in ISO/IEC 27040 "Information technology -- Security techniques -- Storage security", which also includes guidance on resetting devices for reuse (that is, not in a forensically secure manner) and physical destruction (breaking it into pieces, melting it etc).

In terms of physical destruction, for trade certification there is the US trade organisation NAID that offers their own certification scheme as well as ADISA, which operates out of the UK and offers similar.

For physical destruction standards, the European standards body CEN publishes a code of practice, EN 15713 "Secure destruction of confidential material - Code of practice", though it is a bit limited and also now dated. Germany's standards body offers DIN 66399-2, snappily titled "Office machines - Destruction of data carriers - Part 2: Requirements for equipment for destruction of data carriers", which is popular with shredder manufacturers, particularly relating to paper. In the UK the Centre for the Protection of National Infrastructure (CPNI) have their own standard "Secure destruction of senstive items". A new Publicly Available Specification (PAS), PAS 7010, is about to be launched (September 2016 I believe, title yet to be publicly announced) by the UK standards organisation, the British Standards Institute (BSI) that is likely to start gaining traction, at least in the UK but potentially worldwide.

NAID looks to be what I was hoping for. Their 'Shred School' offers promise and as a quote on the page says "Training is everything" by Twain... Mark Twain. Thanks. What part is close to your heart, the absolute obliteration of every trace of human data storage, or the lighter side, recycling old hardware?

I will have to look at that further,
a5'
 
OP
A

a59303

Active Member

Reaction score: 6
Messages: 128

For DoD in some situations it means turning it into dust.

Yeah, it looks like often the emphasis is on destruction of the medium not re-use. I get this impression from looking quickly at some of the resources people in this thread have pointed me to.

Thanks,

a5'
 

fossette

Active Member

Reaction score: 35
Messages: 122

the center has a contract with a company to recycle these items, so they could not give them to me then. I think.
I think that those store policies show a little hypocrisy on their part. If they gave you the used computer, they wouldn't have the opportunity to sell you a new one...

Dominique.
 
OP
A

a59303

Active Member

Reaction score: 6
Messages: 128

I think that those store policies show a little hypocrisy on their part. If they gave you the used computer, they wouldn't have the opportunity to sell you a new one...

Dominique.

The center I visited was at the local dump, so that isn't the case here. Although they are contracting with a large company to recycle the computers so they couldn't give them to me because they already have a contract to give the computers to the company which they have contracted with.

a5'
 

Murph

Well-Known Member

Reaction score: 183
Messages: 297

If I was professionally refurbishing a desktop or laptop system for resale, the hard drive is pretty much the one component I would not want to keep (unless I could identify it as being no more than about 12 months old based on the manufacturing codes and serial numbers, and it was a better than average drive). That's assuming a standard cheap desktop/laptop drive. The basic cheap drives have a fairly short expected life, and are usually the first major component to go, so can be a good ideal to just replace them as part of remanufacturing/refurbishment.

For professional disposal of corporate drives, degaussing, drill press, or industrial shredder is pretty much the norm; unless the drives are for a very high end storage system with significant resale value. It's much less time consuming than pattern wiping. Degaussing will brick ATA drives, as it will clear the low level format and drive firmware, which you generally can't reinstate on them without manufacturing tools.

To just safely wipe a drive beyond any possibility of recover, it's just a very time consuming pattern wipe. It involves writing the entire drive multiple times, with different specific bit patterns, to fully destroy magnetic artefacts (essentially ghosts of the previous data if you just zero it). There should be plenty of tools out there, and papers written on the theory of the sequence of precise bit patterns needed to fully destroy the previous magnetic signatures and the theory of recovering data from magnetic media which has simply been overwritten with zeroes. Expect it to take 12–24 hours per drive, depending on transfer rates and drive sizes (maybe a little less on a smaller very fast drive).

Pattern wiping is also a standard technique for reliably finding bad sectors, and can find more bad sectors than just zeroing, so it's a dual benefit if reuse is planned. When administering large numbers of Sun workstations, I used to always do a pattern soak test on them (a feature of the Solaris format tool) as a standard part of redeployment / reinstallation, to check drive health and find any new bad sectors, leaving them on a bench for a day to do that.

According to the Solaris 11.3 format(1M) docs, this is the current incarnation of that process, which gives you a pointer towards what DoD consider secure (although I'm quite certain that they will just vaporise drives at higher levels of classification):
The NCSC-TG-025 algorithm for overwriting meets the DoD 5200.28-M (ADP Security Manual) Eraser Procedures specification. The NIST Guidelines for Media Sanitization (NIST SP 800-88) also reference this algorithm.
 

forquare

Well-Known Member

Reaction score: 186
Messages: 335

At the recycling center they will not allow me to take a computer once they have it, and I assume (maybe wrongly) that is because people think that these computers are thrown away, that is, gone. So I further assume that I would need someone at the recycling center to take out the hard drives. That is almost certainly wrong now that I think about it because the center has a contract with a company to recycle these items, so they could not give them to me then. I think.

Over in the UK, my understanding is that it's a liability thing. If you take a thing (e.g. a PC) from the recycling centre and it causes damage (e.g. gives electric shocks to the operator/ignites and burns house down/etc) then the recycling centre could be liable unless you've signed some kind of waiver.
Because the centres don't want to be bogged down with paperwork, and people will often just try and take things, it's easier to simply state that things may not be removed from the recycling centre.

At work we deal with some sensitive data, but we also do drive reuse. I'll see if I can find out some more information.
 

ronaldlees

Aspiring Daemon

Reaction score: 333
Messages: 767

Probably your best bet is to intercept the drive before it gets to the landfill. Run an ad on Craigslist or something that you collect computers for rehab, and you have a way to destroy the data (in their presence) - or just take the drive out and give it to them.
 
OP
A

a59303

Active Member

Reaction score: 6
Messages: 128

I also meant to mention that the NSA offers guidance and a list of products. In the UK, CESG, which is part of GCHQ (UK equivalent of NSA) offers something similar and has a category specifically for hard disk erase tools (that is, wipe it and reuse it, not mash it into pieces).

Yes. On further inspection I see that there is quite a lot of info on the re-use end. Although looking at the NAID page at people that one can hire to do the job it seems there is much more emphasis on destruction. I might be hasty in that observation though.

If I was professionally refurbishing a desktop or laptop system for resale, the hard drive is pretty much the one component I would not want to keep (unless I could identify it as being no more than about 12 months old based on the manufacturing codes and serial numbers, and it was a better than average drive). That's assuming a standard cheap desktop/laptop drive. The basic cheap drives have a fairly short expected life, and are usually the first major component to go, so can be a good ideal to just replace them as part of remanufacturing/refurbishment.:

So you seem to think that hard drive lifetime on consumer products coincides pretty closely with computer lifetime, that is; How long someone will have the computer?

According to the Solaris 11.3 format(1M) docs, this is the current incarnation of that process, which gives you a pointer towards what DoD consider secure (although I'm quite certain that they will just vaporise drives at higher levels of classification):

I am thinking this command is similar to dd and that things of this nature are referred to in the documents pointed out earlier. What they mentioned in that document was that you cannot actually get at the entire drive, through what I think you called Pattern Wiping and they seem to refer to as Cryptographic Erase. Which I hadn't realized. I think this is where something like dd would come in, or in the case of Solaris format?

Guidlines for Media Sanitation
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf
2.4 Trends in Sanitization

For storage devices containing magnetic media, a single overwrite pass with a fixed pattern such
as binary zeros typically hinders recovery of data even if state of the art laboratory techniques are
applied to attempt to retrieve the data. One major drawback of relying solely upon the native
Read and Write interface for performing the overwrite procedure is that areas not currently
mapped to active Logical Block Addressing (LBA) addresses (e.g., defect areas and currently
unallocated space) are not addressed. Dedicated sanitize commands support addressing these
areas more effectively. The use of such commands results in a tradeoff because although they
should more thoroughly address all areas of the media, using these commands also requires trust
and assurance from the vendor that the commands have been implemented as expected.

Over in the UK, my understanding is that it's a liability thing. If you take a thing (e.g. a PC) from the recycling centre and it causes damage (e.g. gives electric shocks to the operator/ignites and burns house down/etc) then the recycling centre could be liable unless you've signed some kind of waiver.
Because the centres don't want to be bogged down with paperwork, and people will often just try and take things, it's easier to simply state that things may not be removed from the recycling centre.

At work we deal with some sensitive data, but we also do drive reuse. I'll see if I can find out some more information.

I think this is the case with many municipal, and infrastructure entities. People want the issue dealt with in a predictable and official way. Of course that is something to think about if one is trying to dependably make a re-useable computer.


Thanks for all the replies,

a5'
 
OP
A

a59303

Active Member

Reaction score: 6
Messages: 128

Probably your best bet is to intercept the drive before it gets to the landfill. Run an ad on Craigslist or something that you collect computers for rehab, and you have a way to destroy the data (in their presence) - or just take the drive out and give it to them.

Yes. That is what I had thought maybe. There is a place https://www.freecycle.org/ on which people can advertise to receive and give stuff. That is probably what I would do. As far as I understand freecycle is a international organization, but one can go to the persons residence (arrange to meet them) and pick up the item. In which case there would be an opportunity to take out the drive, in their presence. Unfortunately I would have to buy a new drive then though. Thinking out loud.

Thanks,
a5'
 

Murph

Well-Known Member

Reaction score: 183
Messages: 297

So you seem to think that hard drive lifetime on consumer products coincides pretty closely with computer lifetime, that is; How long someone will have the computer?

Typical cheap consumer drives have a much shorter lifespan than the remainder of the system, assuming there's no physical abuse or extremes involved (e.g. exposure to vibration or extremes of temperature and humidity). The solid state electronics are often mostly capable of lasting for decades as long as they don't experience a catastrophic event (such as cooling failure), unless they were either junk quality or had a design / manufacturing defect. A traditional hard drive which is built cheaply will die in around 3–5 years, typically. The big capacitors in the power supply will probably die at around 6–10 years. With good thermal conditions and a kind environment, the low voltage electronics will outlast everything else. Frequent power cycling, and/or constant thermal cycling will shorten the life of everything.

So, yes, the cheap consumer hard drives will pretty much be towards the end of their expected service life in many consumer systems at the point where the system is replaced.

A good electronics repair shop can replace the big capacitors relatively cheaply when they die.

I am thinking this command is similar to dd and that things of this nature are referred to in the documents pointed out earlier. What they mentioned in that document was that you cannot actually get at the entire drive, through what I think you called Pattern Wiping and they seem to refer to as Cryptographic Erase. Which I hadn't realized. I think this is where something like dd would come in, or in the case of Solaris format?

Crypto erase in the NIST document is for cases where the magnetic bits are actually encrypted, and is a case of resetting or destroying the crypto keys to render the data unrecoverable without breaking the encryption.

Pattern wiping is an old technique to scrub the residual magnetic signature from unencrypted magnetic media. It involves repeatedly filling the media with some specific bit patterns which are designed to flip the magnetic bits back and forth in a way that makes the residual magnetic signature unrecoverable even for a state of the art forensics lab. Just zeroing the drive in a single pass (or a single pass of random data) makes it very hard to recover data, but is not necessarily sufficient to prevent a state of the art lab from recovering something.

Here is the actual text about overwriting from the NSA/NCSC book (NCSC-TG-025, version 2, 1991):
5.1.1 OVERWRITING

Overwriting is a process whereby unclassified data are written to storage locations that previously held sensitive data. To satisfy the DoD clearing requirement, it is sufficient to write any character to all data locations in question. To purge the AIS storage media, the DoD requires overwriting with a pattern, then its complement, and finally with another pattern; e.g., overwrite first with 0011 0101, followed by 1100 1010, then 1001 0111. The number of times an overwrite must be accomplished depends on the storage media, sometimes on its sensitivity, and sometimes on differing DoD component requirements. In any case, a purge is not complete until a final overwrite is made using unclassified data.

Here are the actual patterns used to implement the above by Solaris 10 / Illumos format(1M):
Code:
/*
* These are the data patterns from the SunFed requirements document.
*/
static unsigned int purge_patterns[] = {    /* patterns to be written */
    0xaaaaaaaa,        /* 10101010... */
    0x55555555,        /* 01010101...  == UUUU... */
    0xaaaaaaaa,        /* 10101010... */
    0xaaaaaaaa,        /* 10101010... */
};

static unsigned int alpha_pattern =  0x40404040;   /* 10000000...  == @@@@... */

You might find something similar somewhere in OS X / Darwin source, as Apple's Disk Utility offers the following:
Writing over the data three times meets the U.S. Department of Energy standard for securely erasing magnetic media. Writing over the data seven times meets the U.S. Department of Defense 5220-22-M standard.

FreeBSD dd(1) can't do that type of pattern wipe on its own. It can, however, be used to zero a drive, e.g. dd if=/dev/zero of=/dev/ada0 bs=1m.

Yes, all of the above only wipes the currently addressable blocks of a drive, so the bad blocks and spare blocks are untouched. For many non-NSA/DoD purposes, sanitising the currently addressable blocks is sufficient. The spare blocks should not be a problem on a traditional spinning drive, as they will never have been used for user data, but the bad blocks which went bad after leaving the factory will contain some tiny remnants of user data.

On drives that correctly implement the options, FreeBSD's camcontrol(8) has a variety of drive erase options.
 
OP
A

a59303

Active Member

Reaction score: 6
Messages: 128

Typical cheap consumer drives have a much shorter lifespan than the remainder of the system, assuming there's no physical abuse or extremes involved (e.g. exposure to vibration or extremes of temperature and humidity). The solid state electronics are often mostly capable of lasting for decades as long as they don't experience a catastrophic event (such as cooling failure), unless they were either junk quality or had a design / manufacturing defect. A traditional hard drive which is built cheaply will die in around 3–5 years, typically. The big capacitors in the power supply will probably die at around 6–10 years. With good thermal conditions and a kind environment, the low voltage electronics will outlast everything else. Frequent power cycling, and/or constant thermal cycling will shorten the life of everything.

So, yes, the cheap consumer hard drives will pretty much be towards the end of their expected service life in many consumer systems at the point where the system is replaced.

Yeah, just to be thorough, I was more alluding to the idea that many of these computers had Windows of some sort and it seems to me (with very little actual experience) that they may reach the end of their useable time span every time a new version comes out, thereby provoking the consumer to buy a new one.

The rest of the post though is very interesting and may take a little time to absorb.

Thanks,

a5'
 

asteriskRoss

Well-Known Member

Reaction score: 161
Messages: 447

What part is close to your heart, the absolute obliteration of every trace of human data storage, or the lighter side, recycling old hardware?
I find a lot of organisations spend a lot of money securing information whilst it is sitting on a server somewhere and then tend to forget that putting unencrypted hard disks, USB flash disks, paper etc straight in the trash puts their information at risk. I am definitely all for recycling old hardware though. FreeBSD flies along on older machines that wouldn't be viable for a recent version of Windows.

Yeah, it looks like often the emphasis is on destruction of the medium not re-use. I get this impression from looking quickly at some of the resources people in this thread have pointed me to.
I suspect that was my fault for posting so many links to physical destruction resources. I think some people like physical destruction because it is apparent that something has happened, unlike overwriting or degaussing. I have seen equipment disposal be the responsibility of someone running a guard force (that is, not someone technical) rather than someone who is responsible for securing IT systems. I also wonder if an industry that started out shredding paper has just progressed to shredding everything else too.

Do look at the annex in ISO 27040 for disk erasure though. It is quite detailed, particularly for hard disk erasure, which terms "purge" rather than its other options "clear" (factory reset) or "destruct" (physically destroy). It is also recently published (2015). Although it wouldn't be possible to gain a certification (technically it is a guidance document not a specification though for implementation this makes little difference), you could declare that you implement a process following the guidance in ISO 27040 and a client could audit you if they wanted.

For equipment recycling, in the UK there is a procedural standard PAS 141 "Reuse of used and waste electrical and electronic equipment (UEEE and WEEE). Process management. Specification" that might be of interest, though it does have a focus on European legislation. It does include a specification for hard disk erasure but unhelpfully only refers to a UK government document that isn't in the public domain, the equivalent from any other government or the manufacturer's instructions.

Although looking at the NAID page at people that one can hire to do the job it seems there is much more emphasis on destruction. I might be hasty in that observation though.
NAID has a focus on physical destruction. If you want a hamburger, don't go to a fish restaurant :)

Pattern wiping [...] makes the residual magnetic signature unrecoverable even for a state of the art forensics lab. Just zeroing the drive in a single pass (or a single pass of random data) makes it very hard to recover data, but is not necessarily sufficient to prevent a state of the art lab from recovering something.
Murph: Is there any published research to indicate that meaningful data is recoverable after a single pass overwrite? I am aware that there are areas marked as bad by the hard disk itself that retain some data and aren't externally accessible except with specialist kit. But for a track that has been overwritten has data been shown to be recoverable?
 

Murph

Well-Known Member

Reaction score: 183
Messages: 297

Murph: Is there any published research to indicate that meaningful data is recoverable after a single pass overwrite? I am aware that there are areas marked as bad by the hard disk itself that retain some data and aren't externally accessible except with specialist kit. But for a track that has been overwritten has data been shown to be recoverable?
Well, the DoD/NCSC/NSA requirement for multiple passes of overwriting, with specific bit manipulation, has been around for quite a long time. The NCSC book on it is 1991, but I believe it dates back to at least the 1970s. It is a real enough concern that several major commercial OS vendors have implementations of the multiple pass purge as part of their base OS (probably so that they can bid for government contracts).

Bruce Schneier recognised the issue and wrote about it, including describing a 7-pass overwriting method. The Russian GOST standards recognise it. Basically, pretty much everyone that deals with classified data has recognised it at some point in time and created their standard for multiple pass overwriting.

In recent years, it has been suggested that the bit density of modern media would prevent any recovery. The problem with that theory is that we have the heads and precision actuators to perform normal reads at that density, so if the concern was previously valid it's not a big stretch to assume that the technique would also have scaled up.

It's certainly not easily done, is probably very costly to do it, might even be currently impossible on today's drives (but what about today's drives and tomorrow's technology?); but it has been very widely recognised as a risk for a long time, and the recognition is from significant people/agencies/bodies.

A single pass of zeroes will certainly make it very difficult to recover anything, and impossible through normal methods of accessing a normal drive. The additional passes address a potential risk for cases where even a theoretical recovery must be prevented (but reuse of the media is desired, and destruction via degaussing and/or physical shredding are not preferred).
 
OP
A

a59303

Active Member

Reaction score: 6
Messages: 128

I find a lot of organisations spend a lot of money securing information whilst it is sitting on a server somewhere and then tend to forget that putting unencrypted hard disks, USB flash disks, paper etc straight in the trash puts their information at risk. I am definitely all for recycling old hardware though. FreeBSD flies along on older machines that wouldn't be viable for a recent version of Windows.


I suspect that was my fault for posting so many links to physical destruction resources. I think some people like physical destruction because it is apparent that something has happened, unlike overwriting or degaussing. I have seen equipment disposal be the responsibility of someone running a guard force (that is, not someone technical) rather than someone who is responsible for securing IT systems. I also wonder if an industry that started out shredding paper has just progressed to shredding everything else too.

I think this is common with a large organization, although I have never worked in any real IT role at a corporation or organization. What I mean to say is that it seems difficult to homogeneously delegate resources and or protocols in a large group of people, and security, while being important, may not be paramount. Although I was surprised by the sentiment there appeared to be about corporate/organizational recycling. I hadn't initially realized it was common or a least, out there. As far as physical destruction resources; I think it may be harder to find that sort of niche effort. Definitely because people want it done, and destruction makes it gone. The Service Provider's referenced on the NAID page do seem to be more of a shredding company that progressed into that market; more below.

Yeah, FreeBSD and many resource aware OS's are capable if not excel on that sort of hardware. They can definitely be useful.

Do look at the annex in ISO 27040 for disk erasure though. It is quite detailed, particularly for hard disk erasure, which terms "purge" rather than its other options "clear" (factory reset) or "destruct" (physically destroy). It is also recently published (2015). Although it wouldn't be possible to gain a certification (technically it is a guidance document not a specification though for implementation this makes little difference), you could declare that you implement a process following the guidance in ISO 27040 and a client could audit you if they wanted.

For equipment recycling, in the UK there is a procedural standard PAS 141 "Reuse of used and waste electrical and electronic equipment (UEEE and WEEE). Process management. Specification" that might be of interest, though it does have a focus on European legislation. It does include a specification for hard disk erasure but unhelpfully only refers to a UK government document that isn't in the public domain, the equivalent from any other government or the manufacturer's instructions.


NAID has a focus on physical destruction. If you want a hamburger, don't go to a fish restaurant :)

As the name says National Association for Information Destruction, although as was said the emphasis falls on brute force, simple techniques it seems. These may or may not be more effective but may be final, or emphatic. The drives though may be expensive to re-use in a secure way though. I think you would need a place to do it, a certification to do it (audit for said), time to do it, a person to do it, and then a market for drives that only run a viable OS on these consumer grade drives. I am guessing that also the person/people that do the audit will have to get paid as well. The application fee for 2016 NAID AAA Certification, 25_cert-app-us-1.pdf found here (http://www.naidonline.org/nitl/en/cert/documents/single.html) as Certification Application - US & Canada, is $965 for a Mobile or Plant-based operation, and comes with a healthy amount of paper work. So it is not the kind of casual way I was thinking about it, but this is a certification organization, who will do the audits, and will verify your work. I think there is mention of recorded CCTV footage and drug tests that have to be performed.

Contrast this to the 2016 NAID Sanitization Certification Application (Certification of Computer Hard Drive Sanitization Packet, on the same page) wherein a fee of $2830 for a Sanitization OR Deguasing Operation is expected. Deguasing, from what I saw before, makes the drive unusable. Sanitization, with the added confidence that is expected, must require even more thorough certification.

So it does appear that this is intended for an ongoing, established organization that is considered ligitimate. If your system or organization is not ligitimate then they will aid you in that.

I will look at the references you provided. I did notice in some of the previously mentioned documentation some finer distinctions in information destruction. Actually I think it was in the first response I got. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf


Have a good night,

a5'
 

ronaldlees

Aspiring Daemon

Reaction score: 333
Messages: 767

I'm not a hard-drive guru, but I seem to remember that the forensics guys did not necessarily use the drive "as is" - but would do things to pick up slightly off-track residuals by modifying the head alignment, or removing the platter and running it on a special head jig. But, it's been years and year ago, and I'd be hard pressed to re-find the source of that ...
 

cyrano

Member

Reaction score: 6
Messages: 22

And how about SSD storage, in this context?

Usually, data recovery of a failed SSD is impossible. Anyone know anything about advanced methods for SSD's?
 

Murph

Well-Known Member

Reaction score: 183
Messages: 297

And how about SSD storage, in this context?

Usually, data recovery of a failed SSD is impossible. Anyone know anything about advanced methods for SSD's?

That will depend on exactly what has failed. In theory any of the individual flash elements which have not failed could be connected to an alternate power source and interface. If the failure was confined to either the power or host interfaces, potentially the entire drive could be recovered. Other than a self-encrypting drive, recovery should be quite possible from all of the non-failed components (not necessarily simple or low cost, just possible).

In terms of blanking, the manufacturers provide reset procedures for SSDs which should be relatively secure.
 

TiberiusDuval

Member

Reaction score: 6
Messages: 71

For DoD in some situations it means turning it into dust.

Some years ago guy in my shooting club brought couple of old HDD's to shooting range and encouraged us all to shoot them. He worked on data rescue&destruction company and they had little wager could they recover anything usable from drives. And they had access to somewhat expensive and exotic technology. Well after tens of 7.62mm and 5.56mm holes those harddrives looked very very dead. Don't know if they ever got any data from those HDD's, I'd think not much, and certainly they needed to read plates some other way than spinning them. As platters were shattered and had casing shards embedded in them.
 
Top