Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Data Storage IT Technology

Big Tech, Banks, Government Departments Shred Millions of Storage Devices They Could Reuse (ft.com) 80

Companies such as Amazon and Microsoft, as well as banks, police services and government departments, shred millions of data-storing devices each year, the Financial Times has learnt through interviews with more than 30 people who work in and around the decommissioning industry and via dozens of freedom of information requests. From the report: This is despite a growing chorus of industry insiders who say there is another, better option to safely dispose of data: using computer software to securely wipe the devices before selling them on the secondary market. "From a data security perspective, you do not need to shred," says Felice Alfieri, a European Commission official who co-authored a report about how to make data centres more sustainable and is promoting "data deletion" over device destruction. Underpinning the reluctance to move away from shredding is the fear that data could leak, triggering fury from customers and huge fines from regulators.

Last month, the US Securities and Exchange Commission fined Morgan Stanley $35mn for an "astonishing" failure to protect customer data, after the bank's decommissioned servers and hard drives were sold on without being properly wiped by an inexperienced company it had contracted. This was on top of a $60mn fine in 2020 and a $60mn class action settlement reached earlier this year. Some of the hardware containing bank data ended up being auctioned online. While the incident stemmed from a failure to wipe the devices before selling them on, the bank now mandates that every one of its data-storing devices is destroyed -- the vast majority on site. This approach is widespread. One employee at Amazon Web Services, who spoke on condition of anonymity, explained that the company shreds every single data-storing device once it is deemed obsolete, usually after three to five years of use: "If we let one [piece of data] slip through, we lose the trust of our customers." A person with knowledge of Microsoft's data disposal operations says the company shreds everything at its 200-plus Azure data centres.

This discussion has been archived. No new comments can be posted.

Big Tech, Banks, Government Departments Shred Millions of Storage Devices They Could Reuse

Comments Filter:
  • by Anonymous Coward on Thursday October 06, 2022 @01:05PM (#62944185)

    Customer data ends up on "re-used" devices sold to random members of the public. Pandemonium.

    They could wipe, certify the wipe, and then re-sell, but someone will shirk their duties and pandemonium again.

    It's really cheaper for them to just shred the devices and buy new ones. One data breech averted will buy A LOT of hard drives.

    • But did you know the data could be recoverable from the shredded discs? Since they don't wipe them, if reassembled the data would be recoverable with enough forensic knowledge.
      • Sure, if "with enough forensic knowledge" means "either you are literally God, a supernatural being" or "you get extremely lucky and have the resources of a first world nation state".
        • by PPH ( 736903 )

          "you get extremely lucky and have the resources of a first world nation state"

          That's what they thought when they shredded paper documents at the US embassy in Tehran in 1979. Some time later, with the assistance of hundreds of workers and a bunch of Scotch Tape, they were reassembled.

          Soon, a couple of robots equipped with magneto-optical scanners could easily sort through dumpsters of metal chips and scan them. Something akin to genomic sequencing software can match the edges and reassemble a complete disk image. And the Chinese will build them for a fraction of our cost.

          • by tlhIngan ( 30335 ) <slashdot.worf@net> on Thursday October 06, 2022 @02:46PM (#62944469)

            Soon, a couple of robots equipped with magneto-optical scanners could easily sort through dumpsters of metal chips and scan them. Something akin to genomic sequencing software can match the edges and reassemble a complete disk image. And the Chinese will build them for a fraction of our cost.

            No, it won't be magneto optical - on today's hard drives the bits are much too small to be viewed like it was in the paper awhile back.

            Anyhow, one should note the magnetic coating peels off the base metal so just sending it through the shredder tends to rip up the layers quite well. Given we're also crushing very powerful magnets at the same time to bits there's a good chance the surface will be irrecoverable.

            If you want to be sure, send the metal back to a smelter so you can make a new hard drive from it. The high temperatures will raise whatever magnetic domains are left to over the curie temperature and scramble it.

            • I normally use 200g of thermite for a 3.5" spinner.
              It's enough to get inside and slag the platters and it's fun to do.

            • by Anonymous Coward

              I work at a smelter plant, and tossing discarded hard disks into the furnace (1550C/2820F) does the trick... ;-)

          • Nobody will go to that much effort just to retrieve banking data. There are far easier ways to do it, like social engineering. Or in the case of China's CCP, just by using their backdoors that are already embedded in every modern electronic device.

      • by jonathantn ( 6373084 ) on Thursday October 06, 2022 @01:39PM (#62944323)
        I've seen the giblets that come out of a Google data center. Those drives don't leave their secure pod unless they are shredded. Imagine a pallet with cardboard sides (like pumkins are shipped in) rolling out of the pod with nothing but finely shredded drives. Those pallets are then picked up by electronic recyclers that dump them into even more massive bins. I'd imagine that on top of the physical destruction the drives were probably using some FDE as well. So sure you could try and recover data, but it wouldn't be worth your effort.
      • by Anonymous Brave Guy ( 457657 ) on Thursday October 06, 2022 @03:10PM (#62944517)

        I am generally in favour of stronger environmental protections and better reuse and recycling. However, in this case secure destruction of old storage media is often the only way to be sure that nothing sensitive will leak. I've personally helped several friends and family over the years who have had disasters of one kind or another with their data storage: "failed" drives, "erased" files, that kind of thing. Even with only my general geek skills, I managed to recover most of the data for most of the people without needing extra equipment. Real data recovery specialists can do things like physically taking apart or reprogramming a drive and they have much more effective equipment to scan with in some situations too.

        If I could reliably audit that all information ever stored on a drive had been encrypted and that the decryption keys had been thoroughly destroyed so the information really was irretrievable, and then someone ran a secure wiping tool appropriate to the drive type for good measure, maybe I'd trust that as a clean-up process. But how often is that ever really the case?

      • by cayenne8 ( 626475 ) on Thursday October 06, 2022 @03:20PM (#62944543) Homepage Journal

        But did you know the data could be recoverable from the shredded discs? Since they don't wipe them, if reassembled the data would be recoverable with enough forensic knowledge.

        For many, many years, it has been standard procedure to wipe the disks before they are shredded.

    • by Anonymous Coward
      Wipe? You mean, like, with a cloth? [youtube.com]
    • by rudy_wayne ( 414635 ) on Thursday October 06, 2022 @01:44PM (#62944341)

      They could wipe, certify the wipe, and then re-sell, but someone will shirk their duties and pandemonium again.

      It's really cheaper for them to just shred the devices and buy new ones. One data breech averted will buy A LOT of hard drives.

      And ultimately, that's the problem. It is impossible to tell, just by looking at a drive, if it has been properly wiped, and it is impossible to examine millions of drives and guarantee that 100% of them have been properly wiped. If just one drive slips through it could possibly contain sensitive information.

      But it is possible to shred 100% of all drives and it is possible to tell, just by looking at it, that a drive has been shredded.

      • by Ichijo ( 607641 )
        Ok but how do you tell if it's the 8TB drive you asked to be shredded and not an old 500GB drive that someone slipped in so he could take home the 8TB one?
        • by torkus ( 1133985 )

          Ok but how do you tell if it's the 8TB drive you asked to be shredded and not an old 500GB drive that someone slipped in so he could take home the 8TB one?

          You scan serial numbers as they're fed into the shredder which logs it in whatever compliance system. For high security requirements and attestation companies will provide video of each drive's inventory scan and physical destruction. Yes, someone could, in theory, swap out S/N labels and go through all that...but there's a point where every process is vulnerable to a knowledgeable and privileged bad actor.

          Cryptographic erase (i.e. irretrievable deletion/separation from decrypt key) is an option, but that

        • Everything can be subverted with enough effort. The point is that trying to wipe the drives has a possibility of failing by accident, making it much more vulnerable.

    • by Bert64 ( 520050 )

      The resale value of 5 year old storage media that has seen 5 years of heavy use would be virtually nothing in any case.

  • by Mal-2 ( 675116 ) on Thursday October 06, 2022 @01:06PM (#62944191) Homepage Journal

    That's just the cost of physical security. Nobody can ever re-use any of your storage devices -- preferably, not even you, lest data from the previous mission remain in unused space.

    The cost of the used storage is low, and the cost of a data breach is high. Either the priorities need to change (for better reasons than "it's wasteful"), or shredding will probably remain the most cost-effective answer. It's not like a mining GPU where it just has a decreased lifespan -- there is no way to be sure someone won't take apart a device and go after the data with a lab full of gear, if need be.

    • And the cost of labor for the wipe is more than the value of the device on the used market. If it's a hard drive the you can hope for is that they recycle the metal. If is an SSD then it's the landfill, I doubt there is anything worth recycling in there.

      • by torkus ( 1133985 )

        Honestly, they got all this info from "industry insiders" who seem entirely unaware of what's actually involved in securely wiping a drives.

        The fact that the don't mention NIST 800-88 or anything even vaguely referencing it is telling. Are there options? Yes. Are those options more complicated, costly, and likely to have errors preventing data destruction? Also yes.

        In the scheme of doing business, the cost of hard drives is really not even a line item (ok, maybe for blackblaze) especially when compared

      • If it's a hard drive the you can hope for is that they recycle the metal. If is an SSD then it's the landfill, I doubt there is anything worth recycling in there.

        And fixing problems like those might be where the most practical benefits will eventually found. If we had more efficient and cost-effective ways to recycle old electronic devices while still allowing the actual data storage elements to be physically trashed beyond recovery before any further processing, that would be ideal. That might not be economically possible with current devices, but then it looks like a challenge to design new devices with better complete lifecycles to me.

  • "I say we take off and nuke the entire site from orbit. It's the only way to be sure."

    "If we let one [piece of data] slip through, we lose the trust of our customers."

  • by CAIMLAS ( 41445 ) on Thursday October 06, 2022 @01:12PM (#62944219)

    The whole "DoD compliant destructive security" of storage devices was idiotic from the beginning, albeit based largely on a lack of knowledge.

    We've been doing this for 30+ years at this point, and it's never provided more than a token improvement in security. At one point, it could've been excused - there was no scientific study on the matter, and it was based largely on folklore related to magnetic reconstruction from ghost bits, likely based on out-of-date "best practices" founded in the 1960s.

    There have been numerous tests and challenges offering millions for double-zero-overwrite data recovery, as well as forensic analysis saying such test are more than sufficient to assure destruction. But, aside from that... most on-disk data formats today are so complex and difficult to understand that recovery of any meaningful data as-is would only be able to be accomplished by a handful of people. A drive out of a proprietary raid set, with raid keys, or a disk from a ZFS vdev, for instance? Good luck. You're not going to get any actionable data from that.

    I mean, c'mon: this is a standard from the same people who blow up and burn US supplies and materials in-theater when they leave rather than transport it home. "Yeah, sure, we'll just thermite this tank and leave it, nbd". You really don't want to be replicating governmental wartime cost models, do you? Very wasteful.

    • by hazem ( 472289 )

      The whole "DoD compliant destructive security" of storage devices was idiotic from the beginning, albeit based largely on a lack of knowledge.

      I remember decommissioning a system back in the 90s that had these old hard-drives with platters that were about 12 inches in diameter. We had to take them apart then take a belt-sander to both sides of each platter. Then they were sent to a facility to be melted down.

      • by CAIMLAS ( 41445 )

        That's pretty nuts, considering how deep the magnetic field was in those old MFM drives.

    • by Major_Disorder ( 5019363 ) on Thursday October 06, 2022 @01:20PM (#62944257)
      The cost of a data breach is higher. Not just cleaning up the mess, figuring out exactly what got out and exactly how, but checking every damn thing company wide to make sure it didn't also get leaked, Cyber security insurance cost increase. Staff training. Loss of public trust. ETC.

      Cost of destroying drives is a pittance by comparison. I have contracted to companies for cleanup after a breach a couple of times. You can shred a lot of drives for what I charge for even a single day, and it usually takes weeks.
    • by RobinH ( 124750 ) on Thursday October 06, 2022 @01:29PM (#62944277) Homepage
      It's not that wiping a drive doesn't work, it's that it's very hard to audit that it's done correctly. Anyone with two eyes can verify that devices have been shredded. How do you verify that a drive has been securely erased? People's time is expensive, especially technically knowledgeable people.
      • by ebvwfbw ( 864834 )

        I used to do it programmatically. Just plug it in and check blocks beginning, end, middle and say 50 random. If the last pass is all zeros then they should all be zeros. The problem is when you have a big old roll away cart full of them. Some may not even spin up anymore. I had that happen with some old digital Vax blue drives also known as bricks because that's what they looked like. A blue plastic brick. As long as they were running they kept on going. Remove power and we'd lose some. I'm surprised any of

    • by Dracolytch ( 714699 ) on Thursday October 06, 2022 @01:39PM (#62944321) Homepage

      The biggest problem is, by looking at the drive from the outside, there is no way to distinguish which devices have critically sensitive data, and which have been properly wiped. That means there is always room for human error as drives get moved around, or get mixed up, and non-wiped devices could get put back into use (or even worse, sold). That is: It's a human factors problem, not a technical one.

      Shredding doesn't have that ambiguity.

      ~D

    • ... most on-disk data formats today are so complex and difficult to understand that recovery of any meaningful data as-is would only be able to be accomplished by a handful of people. A drive out of a proprietary raid set, with raid keys, or a disk from a ZFS vdev, for instance? Good luck. You're not going to get any actionable data from that.

      Yes, that is 100% correct. Wiping a hard drive is easy. On any drive manufactured in the last 25 years, the data density is so great that a single pass of all zeros will rendered the drive completely "wiped".

      BUT

      How do you examine millions of drives and guarantee that 100% of them were wiped properly? It simply is not possible. Shredding is *VERY* wasteful, but it is the only thing that is 100% guaranteed effective.

    • ""From a data security perspective, you do not need to shred," says Felice Alfieri, a European Commission official"

      If you as an individual will not accept criminal liability for a failure anywhere this non-destructive security is done, then you and Felice are full of hot air.
      As a European Commission official, his statement is ludicrous and should be criminal

    • by Hentes ( 2461350 )

      A software wipe is not reliable because many of those drives probably aren't being disposed of for no reason, many of them will be faulty or won't even start. You could disassemble them and put the disks in a working drive (which is exactly what an attacker will do if you decide to just throw out the bad disks without wiping), but that would require a cleanroom, staff proficient in data recovery and probably more manhours than what those drives are worth.
      Relying on the data on the disk being in formats that

      • by CAIMLAS ( 41445 )

        Filesystem-level encryption has been standard across most operating systems for a decade+ at this point. If you can't figure out how to use your computer properly, you've got no business being in charge of data security.

    • by nester ( 14407 )

      I wrote a file and device wiper, but these days I just set whole-device encryption with an ephemeral key and dd /dev/zero to the encrypted device. It's just as fast, but a little more secure. It's always best to encrypt data in the first place, but there is still risk of a leak, if the keys are leaked as well, so still best to overwrite at least the area were intermediate keys are stored (like freebsd's geli does, to allow master key changes).

      Whether or not slightly misaligned overwrites might allow for rec

    • by cstacy ( 534252 )

      The whole "DoD compliant destructive security" of storage devices was idiotic from the beginning, albeit based largely on a lack of knowledge.

      [...]

      At one point, it could've been excused - there was no scientific study on the matter, and it was based largely on folklore related to magnetic reconstruction from ghost bits, likely based on out-of-date "best practices" founded in the 1960s.

      The "lack of knowledge" is yours, and demonstrated in your speculation about history.

      The technology to recover bits from drives where the data was merely over-written was well studied, and proven, into the 1980s. As technology progressed from the '80s, it did not become physics-ally virtually impossible until much, much later (in "computer years").

      A simple demonstration of data recovery using a SEM was part of a school course (at MIT) in the mid-80s.

      Later on, when storage technology was better, fancy stati

    • So you're certain no improvements will be made in data recovery while the data is still valuable? I think it's unlikely, but I'm in no way certain.

  • Of course. (Score:5, Insightful)

    by Geoffrey.landis ( 926948 ) on Thursday October 06, 2022 @01:12PM (#62944223) Homepage

    Benefit of not-shredding disks: you get maybe a hundred dollars for a used hard disk on the secondary market.

    Cost of not shredding disks: $155 million settlement for failing to erase a hard disk.

    Seems to me the decision is not a hard one. And, as the article says, "If we let one [piece of data] slip through, we lose the trust of our customers."

    By the way, you can only erase a hard disk if it's working. A significant subset of them are going to be excessed because they're not working, but could be made to work if you put enough effort into it (more costly than buying a new one). And those you have to shred anyway.

    • Re:Of course. (Score:4, Informative)

      by SecurityGuy ( 217807 ) on Thursday October 06, 2022 @01:39PM (#62944327)

      Benefit of not-shredding disks: you get maybe a hundred dollars for a used hard disk on the secondary market.

      If that. The whole premise of the article is nutty. An old drive isn't worth much. Shredding disks is fast and cheap. You can have a truck show up and shred them by the thousands. When you add in the overhead of labor to wipe drives, including assurance and testing (if you're reselling them, you're going to want to be damn sure you really wiped them), actually marketing them or contracting with a company to do it, etc, it's not worth it.

      There might be a 3rd party service offering opportunity, but if I'm $BIG_COMPANY, they better have a big enough insurance policy to cover damages when they let a drive slip through, and I get sued over it.

    • "By the way, you can only erase a hard disk if it's working."

      Allow me to introduce you to my friend here, Mr. High Power Degausser.

    • Just pass hdds through giant magnets frying the data irrespective of the disk being working or not
      • by vivian ( 156520 )

        That's going to wipe track indexing marks etc and render the drive unusable too - no different from putting it through a physical shredder.
        It's completely stupid to want to reuse a discarded drive -

        It's being tossed for a reason and the cost of wiping, validating and formatting is not going to be worth whatever little life is left in the drive.

        Would you want to keep your data on a 5 year old drive that's been thrashed in a datacenter for its entire life?
        I thought not.

    • by mjwx ( 966435 )

      Benefit of not-shredding disks: you get maybe a hundred dollars for a used hard disk on the secondary market.

      Cost of not shredding disks: $155 million settlement for failing to erase a hard disk.

      Seems to me the decision is not a hard one. And, as the article says, "If we let one [piece of data] slip through, we lose the trust of our customers."

      By the way, you can only erase a hard disk if it's working. A significant subset of them are going to be excessed because they're not working, but could be made to work if you put enough effort into it (more costly than buying a new one). And those you have to shred anyway.

      This is key, the chances of recovering data from a drive that has been wiped and filled with random 1's and 0's multiple times is miniscule and the cost massive... However the real risk is that Gerald the IT flunkie forgets to wipe a drive at all because he forgot which ones were finished or didn't realise he didn't wipe disk 5 and puts it in with the clean ones.

      Groups of people will be hanging out to buy ex-banking disks on the off chance that this will happen.

      Human error is the serious risk here, sh

  • apple needs an easy way to change the main disk out / make it easy to do an full wipe so you not trashing the full system.
    Do you want to trash an $10K+ mac pro / mac studio or an $400-$1000K apple disk?

    • Why does Apple need to do this? Once you buy their product, it's your problem, not Appe's.

    • by Mal-2 ( 675116 )

      That full wipe better meet DOD standards, or it won't change anything. It might not even then.

      Yes, a bank or a financial institution absolutely will put a $10k Mac Pro in a crusher. If it stores data, it has to be destroyed. There have been cases of destroying input hardware like buckling spring keyboards with no storage at all, just because some keyboards in the company had the ability to record macros.

  • Shredding has one advantage over erasing -- it's trivially verifiable. Was this hard drive erased securely? You can't know without some pretty specialized equipment and thorough testing. Was it shredded securely? Just see if it goes through this sieve.

    I know an IT consultant who offers to securely destroy drives for his customers. When he returns them to the customers with large caliber bullet holes through the platters they're pretty convinced the data is gone. It's not milspec grade destruction; I

    • by Mal-2 ( 675116 )

      I sense a missed business opportunity. He should be charging money to go along with him out to the desert or wherever he goes Office Space on the gear. I bet a lot of clients would happily pay extra to shoot some hardware that has been vexing them for years.

    • by Bert64 ( 520050 )

      Shredding has one advantage over erasing -- it's trivially verifiable.

      If you shred it into small pieces, how do you know that the pile of shredded pieces you can see started out as *your* drives, or as hard drives at all?

      • Verification protects against accidental information leaks, not against insider malice. The only way to protect against insider malice is to decommission the drive yourself. And even then, in the case of erasing a drive, it's hard to verify that the drive you erased was erased completely. It's pretty easy to verify that the pieces you shredded are no larger than whatever your acceptable size is.
  • I once worked at a shop where some jobs would involve having storage devices wiped by overwriting for reuse, or physically destroyed if there were any issues wiping them...but some clients wanted devices wiped and then physically destroyed. Not even military stuff, maybe finance and healthcare at most.

  • Key in BIOS (Score:4, Interesting)

    by bill_mcgonigle ( 4333 ) * on Thursday October 06, 2022 @01:34PM (#62944301) Homepage Journal

    Data on disk is encrypted, key is in BIOS. Pull the drive, it's no good (IT needs to do key management if they want recovery options).

    • that BIOS / TPM key is also likey some where in your AD as well.

    • by DarkOx ( 621550 )

      That is great right up until some bug emerges in the FDE software for a release or two that writes part of the key to the disk, or chooses weak keys, or ...

      Shit like that happens in software. The next thing you know you find out 100s of old drives got e-bay'd that might be recoverable...

      Now I agree that combine that with a wipe (questionable to what degree you can do that some SSD platforms) and the actual risk is vanishingly small. Certainly good enough you me and most SMBs to resell used disk - but I can

      • by torkus ( 1133985 )

        Most of these drives in question are server drives which are typically not encrypted...so while cryptographic erase has it's merits (and issues, see below) it generally won't apply. SED might be a possibility, but that adds expense, complexity, and cannot be erased simply by separating from the system.

        As for client devices/drives - assuming your laptops still have removable drives...ahemappleahem - yes, wiping TPM (or separating from laptop) is a valid cryptographic erase and typically good enough outside

  • by chill ( 34294 ) on Thursday October 06, 2022 @01:41PM (#62944331) Journal

    I can buy 4 Tb enterprise SAS hard drives for $150 - $200 new. How much to do you think they go for used? Now take into account all the labor for tracking, wiping, processing, and shipping them. You'll be losing money.

    Better to just call one of the shredding services that'll shred them on-site in the truck and give you a certificate of destruction with serial numbers to file away for the auditors/lawyers.

    • New 4 TB enterprise drive $50.05 at Newegg, S&H included, about 5 minutes ago. I'm not sure I could find a vendor charging as much as $150 for a measly 4 TB hard drive. Storage is dirt cheap these days.

      • by mjwx ( 966435 )

        New 4 TB enterprise drive $50.05 at Newegg, S&H included, about 5 minutes ago. I'm not sure I could find a vendor charging as much as $150 for a measly 4 TB hard drive. Storage is dirt cheap these days.

        Erm... What enterprise is buying from Newegg?

        Our SAN disks are provided by NetApp or EMC, our server disks by Dell (even though they're just Samsungs/WD/whatever).

        I don't disagree that storage is as cheap as it has ever been and it's definitely not worth the risk of reusing drives that could potentially have PII on them... but lets not pretend the 4TB, consumer grade 5400 RPM drive for £70 is in any way "enterprise". A 4TB consumer grade SSD is still £300, an NVME a bit more than that... h

    • by tlhIngan ( 30335 )

      Yeah, I was wondering what the point of the article is.

      It's your hard drive/SSD/etc. You do whatever you want with it. And often times, the data stored on the drive is far more valuable than the physical value of the drive. It may hurt to shred a $20k SSD, but if you have a use for such a large SSD, the data you put on it is probably worth a ton of money to the company or the loss of it could subject the company to millions in fines.

      I don't really the see the problem here - the shredded materials can be rec

  • Simple test (Score:3, Informative)

    by grasshoppa ( 657393 ) on Thursday October 06, 2022 @01:46PM (#62944345) Homepage

    Put two similar drives side by side, one is security wiped, the other has HIPAA and PCI data on it.

    Which is which?

    If I'm in charge of patient or customer data, what to do with decommissioned drives is an easy choice; destroy it. This is true from the smallest business ( small medical offices ) to the largest corporations, and remains true as long as there's no easy, "at a glance" indicator of drive status.

    • by torkus ( 1133985 )

      Exactly.

      And auditors shown the certified destruction logs (from an ISO xyz-123-abc compliant scrap company) are typically satisfied...there's not much they can what-if-what-if-what-if situations available for them to invent short of theft which is a tangential risk.

      Take those same auditors and say you wiped them (cryptographically or otherwise) and they'll have LOTS of questions about process, ask for confirmations, and generally crawl up your ass until they find something or other to justify their existenc

  • There is too much risk of customer, competitive, trade secret, or other data getting out.

    If there is no possible flow to leak data, then no data will leak. So shredding is the norm.

  • Puh leeze

    I'm majoring in cybersecurity and I know better than most not to trust software alone to do something you can only guarantee through physical means.

    Reusing storage devices is an infosec NIGHTMARE.

    Whoever wrote TFA and thought it would be worthy of slashdot's attention needs to hand in their geek card.

    The closest I'd ever come to reusing a storage device in this context is recycling the raw materials and feeding them back into the supply chain to manufacture new ones.

    I happen to know that

  • Any decent wiping algorithm has to write and rewrite over every bit on the disk multiple times. That uses power, an employee has to spend time baby-sitting the process, and the amount you get on the secondary market for used drives is pennies on the dollar. It is not worth the effort monetarily, and that is not even taking into account the possibility of an inadvertent data breach.
  • This problem is what LUKS/cryptsetup was made for. Without my boot SSD's /etc/key, all my hard drives just contain random numbers. Whenever one fails during warranty, I fearlessly RMA it (yep, sending my "data" or at least an array slice of it) to total strangers without even bothering to wipe it.

    Sure, physical destruction is probably slightly safer, but WD won't credit me for a box full metal shards, and I want my free warranty replacement, dammit.

    Wiping is optional anyway, because for some kinds of drive

    • by ebvwfbw ( 864834 )

      I hope you wrote random out to the drive before you did a crypt on it. Otherwise it could all be zeros and they'd see where you wrote your stuff out. If it's all random to start with they're screwed.

      I also use clevis to give the machine the key when it boots. This is for normal servers. If it's above public data I still type the key in.

  • Apart from all the other really good reasons listed in other comments, full disc overwrite is also really slow. If your process for this involves "take the disc and plug it into the disc eraser" then it's tediously slow compared to "shredder goes BRRRRR".

    If your process involves keeping good enough track of your machines to ensure that you can be 100% (not just 99.99%) sure that you ran the "overwrite media" program on the machine before taking it out of the rack, then it's faster, but how good is your trac

  • The reason these devices are decommissioned is because they are obsolete and worn out. HDDs that old use much more power per unit of storage than more recent ones and require more redundancy due to the ever increasing likelihood of failure. SSDs that are being decommissioned are those that have already used much of their spare sectors.

    The cost to clear them off and resell them (if anyone would even buy them for more than scrap value) is likely greater than the proceeds.

  • Are a thing. Storage device labels include barcodes for the model and serial number. Scripts used to wipe storage devices could log the model and serial of the block device to a central database. Storage devices being removed from the datacenter could then be forced to pass through a conveyorized scanning tunnel that would reject any devices not listed as wiped. Only failed storage devices would have to go to the shredder.

    Even if the storage devices are deemed to be obsolete or worn out, storage devices

  • by gweihir ( 88907 ) on Thursday October 06, 2022 @11:36PM (#62945757)

    Secure deletion of storage is tricky. For solid-state, it is basically impossible except by physical destruction. Sure, you could do encryption, but that also needs to be done right and could still come back to bite you. So, while wasteful, I always recommend physical destruction in addition to regular deletion to customers. The expert time that would otherwise be needed is far more expensive than the residual value of the devices, and that is if you can get a qualified expert for this in the first place.

    Essentially, this story is by somebody that does not understand the problem and that has failed to ask some actual experts.

  • While they are making this big deal about shredding all of these devices so that a "data leak" doesn't occur, yet Google, and many other big tech companies are DATA HUNGRY (for the information. So they can exploit it, but only for themselves or for profit...) Just stockpiling and hoarding all the data they can, for whatever crappy plans they have to use it against us, and with that hackers just need to break in and steal it from the servers. Why are they shredding all these data storage devices when they c
  • You have a disk drive in your hand. Does it have data on it? Hmm.

    You have a shredded disk drive in your hand. Does it have data on it?

    QED.

  • I have it from good authority that shredding may not be enough. As The Grim Reefer wrote here on Slashdot, his method entails much more, and he even keeps remains just in case the need for recovery comes up... I've not been able to dispose of a single drive since I don't own any dogs.

    I typically overwrite all sectors on a HD for a month with random crap, and drill holes in the platters.

    After that it gets spun around inside a 15 Tesla magnet for 2 hours. Then I use thermite to melt it into a pool of slag, grind up the slag into a fine powder and divide that into 5 equal portions.

    I feed one of those portions to my dogs and then set half of their waste on fire and put the other half into the garbage. I use honey to stick another portion to the bird seed I have in a feeder. The third portion I take to a metal recycling place. The fourth portion gets flushed down the toilet. The fifth portion is in a safe deposit box, just in case I need to recover anything.

    If I'm being extra careful, I encrypt the drive with ROT13, twice, before the random writes.

The unfacts, did we have them, are too imprecisely few to warrant our certitude.

Working...