Question on shredding a terebyte drive

Rick Stevens ricks at nerd.com
Wed Sep 2 22:32:33 UTC 2009 

Bruno Wolff III wrote:
> On Wed, Sep 02, 2009 at 13:32:32 -0700,
>   "Dean S. Messing" <deanm at sharplabs.com> wrote:
>> I have a terebyte sata drive that I need to securely wipe clean.  It
> 
> How securely? (I.e. what order of magnitude is the budget an adversary is
> assumed to have?)
> 
>> The drive is capable of about 60MB/sec, but shred is only "shredding"
>> about 25MB every 5 seconds according to its output.  Since the default
>> number of passes is 25, this works out to about 5 days.
> 
> For many definitions of secure, one pass writing zeros will make the cost
> of recovering any data beyond the benefit to your assumed adversaries.
> Your biggest risk is probably going to be that you thought you overwrote
> the disk but made a mistake and didn't (or only partially did).
> 
> Note that in most cases where the adversary is assumed to be able to afford
> to try to recover spare blocks or use electron microscopes to try to figure
> out what may have been written previously, you should be physically destroying
> the drive (after wiping) rather than save a few bucks repurposing or selling
> it.

That's just it.  What is "secure"?  It's a rather nebulous term and
depends on your level of paranoia rather than a fixed definition.

Unless you physically destroy the drive in a manner where it cannot
possibly be reassembled (e.g. sanding the oxide off the platters into
dust and ensuring the dust spreads to the four corners of the world),
then there is a possibility that some data can be recovered.

We do an 8-pass shred on all drives that may have seen sensitive data.
Yes, someone with the resources of the NSA could probably recover the
data at that point, but there are very few groups with that kind of
firepower available to them and would they even bother?

To make everyone happy, though, we then give them to a certified company
which puts the drives through a giant degaussing coil (appropriated from
an old MRI scanner) before they're physically ground up by a big
shredder that also eats cars for a living.  The remnants get mingled
with the chunks of countless Chevy Cavaliers, Ford Pintos and Chrysler
K-cars and probably end up as part of someone's refrigerator.  It's
overkill in my opinion, but I've been wrong before.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer                      ricks at nerd.com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-              Never eat anything larger than your head              -
----------------------------------------------------------------------

More information about the fedora-list mailing list