Well we are currently having a heated debate at work with my team around hard disk scrubbing.

My team members all of who are still rather green in the IT industry are taking the perspective that all drives from servers need to be smashed with a hammer and thrown in the

My perspective after working inside one of the large banks for many years, reviewing data recovery techniques and speaking to computer forensics people is that you can erase a drive so data cannot be recovered, in fact he pointed out you are more likely to be able to get data off a smashed drive than one that has had multiple scrubs (every block rewritten on the drive).  Apparently after one rewrite you need to be removing platters and getting out a microscope to inspect each of the bits on the drive for its residual state.

US DOD standards up until 2007 specified that seven rewrites was sufficient, they have now changed their position to requiring a degauss which as well as erasing the drive effectively renders it useless.  The perspective here is they are concerned with well funded foreign governments getting their data.

In this era of corporate responsibility we are all told to be green and not throw out e-waste in the bin.  In our organisation we donate old gear to a charitable trust who specialises in its redeployment.  At the moment we are looking at letting them have old servers, however possibly with no disks.  Apparently this is not an issue as disks are cheap and not a problem to replace, this may be the case for desktops but as you are all aware servers use mainly more expensive less readily available SCSI drives (and more recently SAS).

So how about a hypothetical scenario.  Lets say we have a drive that had some data, this drive has been erased to the old DOD (DoD 5220.22-M) standard prior to Jun 07 where the drive has been rewritten seven times.  This data if recovered is worth over a million dollars.  Is there anyone out there who has the resources to attempt a successful recovery.  BTW lets make the data set around 2GB in size, a database so a partial recovery still may be useful.

Well not sure but the past few places I've worked for simply used zero filling the whole drive a few times in a row and that was done.  If the drives are part of say a raid5 set then we used to dispose of the drives at different times so the whole raid set wasnt available anyway.


Never had any problems :) but then doubt we ever had a really determinted individual (ie someone who would say pay $20k for a proper data recovery place to attempt a restore).

I know someone that was prepared to spend more then that when a stuff up happened when bringing a mirror back online that was running on a borrowed disc for a few weeks, it cloned the old one that went away in the spare server while something was developed with the old data onto the one that was running. This was only noticed after the spare drive was put back into the spare server and had its empty OS install mirrored onto it - ooops.

Anyway, it was stopping invoicing and all sorts of things till the data got re-entered, the recovery places all said no way to it, despite all their fancy promises.

The issue with drives becomes the spare sectors that replace faulty ones. there is still data on the faulty sector, and no way to overwrite it by addressing the drive normally since its being mapped out.

Other then that, if the data was recoverable then they could use that technology to pack more data in. It was explained to me that the residual traces of tracks etc became a non issue after about 80 meg drives.

Normaly if your selling HD or PC then using a tool that dose 'zerofill' is usally enough, more security paranoiod would run the tool 2,3, or 4 times. Some HD manufactures offer these tools and there are also freeware (microsoft offers 1 that i've used with vista (but can't remember the name).

additionly you could look it this DBAN

BUT there are ways to recover even overwitten data - you just need the right equipment (goverment agencies will have it).

So the safest method is to swap out the HD and physically destroy it, litterly, Hack-chop-burn...

Make sure that all the individual plates are destryed grind em, burn em, break em ....

Yeah but if traces of the data is still there then physical destruction wont do much.

Bear in mind that for most people just whacking it a few times with a hammer is sufficient for them to "think" its destroyed.

Physically Destroying a drive completely would require taking it completely apart smashing every bit of down to microscopic pieces and scattering the parts in several different locations (like destorying a vampire lol).

Way too much effort when a simple software tool to write zeros over each sector several times would do.

EDIT : Actually if you had a strong acid you could completely destory it no problems :) ...but then you would have enviromental issues :(

A big pool of molten metal like the one in Terminator 2 should do it :)

It comes down to how much certainty one wishs to ensure that the data is unrecoverable.

Zerofilling then reusing as a normal user would, will be fine.

absolute certainty requires excesive measures to be taken.

NOTE: previous post mentained desroying the plates- meaning the HardDrive disc plates that look like 2.5 inch diameter cd/dvd disc's (they did in my 80 gig HD) 



[edit] typos

i just did a drive scrub a few weeks ago using a bootable programe that gave the options to use seeral diferent types US DOD and russian KGB seem to be the best but can take an awefull long time to complete a 250GB drive took all nite to do using the KGB type it writes 1's then 0's then a combo of both then use's a diferent bit patern and i only set it for 10 runs

None of those methods can touch the mapped out defective sectors, which in the case of a laptop can be considerable.

I worked on the Westpac tech refresh project (basically upgraded all of their new stuff incl servers).

For branch servers we did a DOD scub and then crushed them into one big cube.

I have heard of people taking those steps + running over them with a big magnet too:P

My personal policy is to overwite any sensitive data with a 35 pass Gutmann scrub, the rest of the drive with a 7 pass DOD scrub.

For damaged drives where you cant read the drive, I simply grab my torx bits, and strip the drive down into all its component parts, then throw the parts into a box and take it down to the local scrap metal merchants to be melted down. It's eco friendly(ish) recycling and gives me beer money. Epic Win!

Some movies use MICROWAVE oven's to prevent data recovery

I've not tested this method

If for nothing else, that would at least be entertaining

I recommend Active Kill Disk, it has several options including DOD 5220.22 M, Russian GOST p50739-95, and the 35 pass Gutmann method, we use that here at work for banks and other sensitive information.

I always find it quite amusing some of the lenghts people go to technically to secure data, when human factors and processes are usually some of the biggest weaknesses...not to say that being prudent technically isnt importent too.

Interesting competition here, basically a prize if you are able to recover data from the hard-drive they have erased:



and it continues...