Kunal Shah wrote: > I wouldn't argue about methods discussed here to destroy the disk. > However one consideration is, what data we are talking about. In my > CISSP course, I was not taught to *destroy* data or protect it. I was > just taught to make it so difficult for hacker to access it so that > compare to the amount of time spent on recovery and resource it is > worthless.
Sure you were. You were taught -- or should have been taught -- to discover the facts, and to develop your security implementation in light of both your policy and the facts. Fact: there is no effective and reliable way to nondestructively scrub data from a modern PRML/EPRML hard drive. (If you could definitely say "yes, I'm writing data to this particular spot on the hard drive", then you probably could; but that's kind of a fantasy.) Imagine you have a one sentence security policy: "hard drives must not leave traces of old files visible to forensic examiners." Imagine you have a one sentence security implementation: "hard drives will scrubbed every week." Well -- crap. You just discovered that your implementation is bogus, because it's at odds with the facts. You have to head this off at the pass. How do you do it? One option is to use full volume encryption. Okay, fine: your implementation, version 2.0, is "hard drives will use full volume encryption." Now you have to figure out how the policy changeover will work... which is to say, how to move from version 1.0 to version 2.0 in a way that will still uphold your security policy. You copy all the information from the old drives to the new drives. Congratulations: the new drives never need to be scrubbed. The old drives, however... you know people can make forensic recovery from them, because you know they can't be scrubbed. So after making sure that you have a correct copy of the data from the old drives, you thermite them, you shred the disk platters, you etch the platter surfaces with sulfuric acid... whatever. You utterly destroy them, putting the drive permanently beyond use. I can only speak for myself here, but I strongly suspect Werner, David, Mark and everyone else who's been chiming in will agree -- we are not talking about total destruction of hard drives as something you should want to do. We're talking about total destruction of hard drives as the _only realistic way to scrub data._ If you need your data scrubbed, you're going to have to nuke your hard drive. It's that simple. On your new hard drive, you should probably use some technique to make sure you never need to scrub data -- not unless you like thermiting hard drives. ObWarning: many of the techniques we've discussed for destroying hard drives are really quite dangerous. Thermite is _not_ a friendly chemical. Neither is sulfuric acid. Even an approach as low-tech as hammering the platters into oblivion can be dangerous -- see Werner's statement about all the shards that hit his safety glasses. Before destroying a hard drive, learn how to do it safely. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
