So the baddies can't get at your data
The age of privacy appears to be coming to an end, but that doesn’t mean you should willingly give up all your information. Yet that’s what thousands of people do everyday when they throw out an old computer.
That hard drive, even if you don’t think it still works, can have all the data harvested off of it.
What can you do to make sure your tax returns, social security number, and all that banking information is unusable to the baddie scrounging at the electronics recycling depot? That’s what we’re going to look at today.
Back It Up First
We’ll preach it until the whole world is converted. Make sure you back up all the data you need from that old hard drive if at all possible.
We’ve got articles on how to retrieve files from dead hard drives using Linux rescue disks. We’ve got an article on how to use an external hard drive dock to recover data from a dead hard drive. We’ve even got an article on how to recover accidentally deleted files.
There’s no excuse. Back up your data.
Doing It Department Of Defense Style
If anyone is going to know how to render something completely useless, it’s going to be the people that use ordinance as part of their toolkit. Yes, the good old military.
Like anything in the military there is a standard for data destruction as well as a decision-making flowchart.
The Department of Defense (DoD) did have their own standard at one time, but they have deferred to the standard set out by the National Institute of Science and Technology (NIST).
The DoD, and countless other government organizations, follow NIST Special Publication 800-88, Revision 1, Guidelines for Media Sanitization.
The guidelines lay out three levels of data destruction or sanitization as they call it.
Clear
To clear the data means to use logical methods to render the data hard to recover. Simply put, it means using some sort of program to erase the data on the hard drive.
The Clear Method – from the guidelines –
“Overwrite media by using organizationally approved and validated overwriting technologies/methods/tools. The Clear procedure should consist of at least one pass of writes with a fixed data value, such as all zeros. Multiple passes or more complex values may optionally be used.”
You could do something like this by performing a zero fill using a Linux live disk.
Purge
Purging is a step up from clearing. It includes using logical methods, like above, and physical methods to make it hard to recover data. It has to make it hard for even someone with a data recovery lab with all the fancy equipment.
The Purge Method: The guidelines are a bit wordy, so we’ll summarize.
Do the Clear method. Then do a cryptographic erase, which overwrites with all zeros or a pseudorandom pattern. Do this several times. Then hit it with a very strong electromagnet, also known as a degausser.
Or take the hard drive apart and run the strong magnet over each of the platters, or disks, inside. Honestly, this is more work than it’s worth. At this point, you may as well go full destroy.
Destroy
Yes, this is the level where the data is obliterated and the hard drive is rendered completely useless for anything but scrap metal and modern art projects.
The Destroy Method – from the guidelines –
“Shred, Disintegrate, Pulverize, or Incinerate by burning the device in a licensed incinerator.”
So how do we safely “Shred, Disintegrate, Pulverize, or Incinerate…” a hard drive?
The safest way is to take it to a company that specializes in data destruction. The cost to have the hard drive destroyed varies by company and method, but somewhere around $70 is not unreasonable. It’s cheap insurance if you can imagine what the bad guy could do with your identity.
Reputable companies will have full chain of custody documentation to ensure that your hard drive was destroyed. But still, we’ve seen to many CSI episodes so we know that sometimes evidence just goes missing.
We recommend that you ask to see it be destroyed so that you can be completely certain it is gone. Plus, it’s really entertaining!
Data destruction professionals use a variety of methods. Puncturing, crushing, shearing, and actual shredding are the most popular methods. Incineration or destruction via acid are far less popular as they have their own hazards, both to people and the environment.
Can I Destroy a Hard Drive Myself?
Pay attention, we do NOT recommend destroying a hard drive yourself. Even with proper personal protective equipment (PPE) and good home tools, the risk of injury to yourself is too much.
Do NOT attempt to destroy a hard drive yourself. It is too dangerous.
However, some people have done it by putting on PPE like a face shield and goggles, a protective shop apron, gloves, and maybe even some ear defenders and then destroyed the hard drive.
Drilling The Hard Drive
Some people have taken a high quality power drill or drill press, and a high-speed-steel or cobalt drill bit and made multiple punctures right through the hard drive casing and the platters inside.
It could be very noisy, and pieces could go flying. It’s possible to break the drill bit and have that go flying too. People have done it, but you should not.
Even riskier, some have taken large nails and driven them through the hard drive with a hammer. That would do the trick too. Completely unsafe, though.
Crushing The Hard Drive
Driving over the hard drive with a car is not an effective way to crush it. Driving over it with a steamroller is. But who has a steamroller at home?
People who have crushed a hard drive at home have done so using hydraulic presses capable of generating tons of force. Not everyone has one of these but if they had a friend who works on cars a lot, they might have used their press.
If a press isn’t available, a good old 5 pound sledge hammer has been used as well. This causes lots of sharp things to go flying. To help prevent that, some people have put the hard drive in a sturdy cloth bag, before pretending to be Thor.
Incinerating The Hard Drive
It’s not unheard of for a hard drive to get tossed into a bonfire that’s been burning a long time with a bed of white hot coals. It is not wise or safe to do this. There’s toxic materials in a hard drive, so you don’t want that being released into the atmosphere. We implore you, do not do this.
Possibly even riskier is using a blow torch to incinerate the hard drive. This requires you to directly handle a torch and the hard drive. This is not safe at all and should never be done.
Take The Hard Drive Apart & Smash The Platters
There are folks who have a T7x50mm screwdriver and used that to remove the screws from the hard drive case. Then, using a hammer and a small pry bar, they have tapped the pry bar into gaps in the case and pried it open.
Once the case is open, they would remove the platters and hammer them or step on them and scuff them around a hard surface, scraping the platters to the point of uselessness. Again, do not do this.
It is interesting to see the insides of a hard drive though, and there are some powerful rare earth magnets inside that are fun, but unsafe, to play with.
The Takeaway
If you get nothing else from this, take this wisdom with you.
- Backup data from hard drives you are disposing of.
- Make sure the hard drive is completely and utterly rendered inoperable to anyone by using a professional data destruction company.
- Do not try to physically destroy the hard drive yourself, but do watch videos of people destroying hard drives on YouTube. They are very entertaining!