3 years ago 2 years ago Stealth Share

The Absolute Most Secure Way to Delete Hard Drive Data?

I read this once and thought it was vwey interesting. This is the method (apparently) used at the top levels of the US government to dispose of hard drives when they really want to be sure the information is erased. I don't know how true it is, though I did read it on the internet, and it was from a source (which I don't remember now) that sounded credible.

First the drives are software-wiped using some standard wiping algorithm that writes random data over the whole drive several times.

Then, the drives are physically dis-assembled and the platters (i.e. the actual "disks" with the magnetic data on them) are removed from the drives.

Then, the platters are physically sawn in half.

Then, the two halves of each platter are transported by some secured vehicle, to facilities far away from each other geographically.

Then, finally, the individual halves of the platters from each drive (at the different locations) are fully melted down to slag.

I was really impressed with this, as it seems to indicate the level to which is deemed needed to permanently erase data on a hard drive.

But Why?

I was wondering about the deemed need to go to all the effort of sawing them in half, like just melting them down totally into liquid metal wasn't regarded as secure enough.

My guess would be that, if the drives (or platters) are being melted down to nothing, leaving no real trace of them, then it would be potentially possible for some drives or platters to "disappear" (e.g. into the hands of an enemy agent), since there would be no possible way to record the existence of the drives after they were completely melted/destroyed into a large pool of liquid metal.

While, conversely, if they were sawn in half, then they could be counted (at each end of the journey), and then each individual half-platter accounted for (in the form of half a platter), before they were destroyed. So that even if there was a double agent working at the destruction facility, they could only ever access half a platter without creating a detectable breach of auditing.

Would that be the reason for the sawing in half?

 

Permalink Show parent Reply Picture of Michael Vibert In reply to Simon Beer Re: The Absolute Most Permanent Way to Delete Hard Drive Data? by Michael Vibert - Tuesday, 21 September 2021, 10:05 AM I like the thought that you have put into this and the whole thing does seem a bit elaborate. It would make it better for accounting for all pieces of the drives. The question that jumps to mind for me is 'what is stopping the double agent from just slipping in a replacement half/swapping them with another one and keeping the valuable one?' I guess this is a very difficult problem to solve but somewhere along the line they would just have to trust some individuals to do it properly. Hopefully they have good encryption.. Permalink Show parent Reply Picture of Simon Beer In reply to Michael Vibert Re: The Absolute Most Permanent Way to Delete Hard Drive Data? by Simon Beer - Thursday, 23 September 2021, 5:42 PM Thanks, I'd guess there would be a lot of auditing of the halves, and even more so the pre-sliced whole ones, and there could be multiple witnesses of everything (and on cam prob also) before the platters are split in half(?) Permalink Show parent Reply Picture of Imran Shahid In reply to Simon Beer Re: The Absolute Most Permanent Way to Delete Hard Drive Data? by Imran Shahid - Tuesday, 21 September 2021, 2:05 PM What if the file data someone could recover from one half of the disk platters is enough to reveal some of the secrets? I mean a file can be, in theory, written on one half of the disk platter. :) Permalink Show parent Reply Picture of Heinrich Lombard In reply to Imran Shahid Re: The Absolute Most Permanent Way to Delete Hard Drive Data? by Heinrich Lombard - Tuesday, 21 September 2021, 3:29 PM Seems it's not only HDDs that's an issue but other devices as well. https://www.kaspersky.com/blog/data-on-used-devices/38610/ There is also an ISO on this https://advisera.com/27001academy/what-is-iso-27001/ Permalink Show parent Reply Picture of Simon Beer In reply to Imran Shahid Re: The Absolute Most Permanent Way to Delete Hard Drive Data? by Simon Beer - Thursday, 23 September 2021, 5:44 PM I was thinking that too... I guess the drives would also have v strong encryption on them, so presumably half a platter wouldn't be enough to recover anything useful(?) since not only would the encryption have to be cracked, but there would only ever be partial bit streams ? Permalink Show parent Reply Picture of Kyle Genner In reply to Simon Beer Re: The Absolute Most Permanent Way to Delete Hard Drive Data? by Kyle Genner - Tuesday, 21 September 2021, 8:54 PM G'day, I've seen some ways to dispose of secure hard drives - into the shredder, very satisfying! The Government guidelines, the Information Security Manual, are always a good resource to check out to see what needs to be done to with regards to anything information security related, they are all made public. Check the destruction guidelines. Furnace, hammer mill, disintegrator, all on the list of approved destruction methods!

Cover image by Shutterstock

Categories Stealth,Hardening,Skills
Byte.Yoga Homepage - Australian Cyber Security Web Magazine

Share This Page

If you liked this page, please share it with others! You can use the links to share on Facebook, Twitter, LinkedIn, Pinterest, and Email. Ther is also an RSS feed to get updates for the website.