Data Destruction and Recovery


When you look up 'data destruction'on the WWW, changes are you find nothing but links to sites and forums about data recovery : how to salvage a crashed hard disk, how to recover erased or lost data, how to get your data back when you formatted your hard disk by accident ... The opposite problem is just as interesting : when you want to get rid of old computers, hard disks, or other media, how do you ensure that you don't give away your data as well ?

The problem is obvious : There are tools to recover 'lost' data, and companies that specialize in recovery of lost data in case the do-it-yourself tools don't help, so if your hard disk crashed and you don't have data backups, or you formatted or otherwise erased a partition or a hard disk, there are still means of recovering the data. It is clear that this will also work if the 'data loss' wasn't an accident. Say you want to get rid of some old computers, or throw away a hard disk or a bunch of tapes, ... and you take them to the second hand shop, a refurbishing company, or the junk yard. What's to keep the guy that acquires your old computer (or picks it up at the junk yard) from having a go at some data recovery ?

There's more to this than meets the eye. Your hard disk can contain more information than you're aware of. Obviously, there's the data that you knowingly stored on the disk. There may be also sensitive information in the form of certificates and private keys, cached credentials or password files, data in the 'virtual memory' (the swap file / swap partition) on the disk, a memory dump to disk or a hibernation file, all sorts of temporary files / auto-repair files / printer spools / ...

This Decommissioning Magnetic Media - white paper discusses these in detail and goes in to some other aspects as well : companies and institutions (often) have a legal obligation to protect the privacy of the people that they've collected information about. You may not want your medical record or your bank account history to be found on a second hand hard disk on eBay, especially not if it's not you that is selling the disk, but the doctor, the bank, your medical insurance company, ...

Destroying Magnetic Data

There are a number of methods to destroy data :

erase and overwrite the data.
Overwriting the erased data with random data, or 'all ones' makes it harder to recover the data, although it is still possible (apparently, on magnetic media, a "1 that was 0 before" is less magnetic than a "1 that was 1 already", or a "0 that was 1 before" still has some residue magnetism left, and it is possible (though difficult and thus expensive) to reconstruct the underlying data.
overwriting the disk several times reduces the chances of recovery. 1 random write and 3 times "all ones" is usually sufficient : the effort (and cost) of recovering any data will be huge. However, it is still possible, and maybe worth the effort in some cases.
magnetic destruction ("degaussing")
exposing a magnetic medium to a strong magnetic field will erase the data on it. Again, several passes may be necessary to render the media utterly unrecoverable - depending on the strength of the magnetic field. Strong magnetic fields can be dangerous to magnetic and electronic equipment such as credit cards and pacemakers.
While this method is supposedly effective for media such as tape and floppy disks, high density media such as hard disks are harder to deal with : the casing protects the platters to at least some of the magnetism, the layered structure leaves the inner platters less exposed, and the higher density requires a longer exposure time.
Tools to erase magnetic media can be quite expensive. The Handy Harry home user could attempt to build something out of anything with (electro-)magnets in it : the electromotors of old power tools or washing machines, transfo's, alternators, ...
physical destruction
cut up a tape, smash a disk to pieces with a hammer (easier when you make it brittle by freezing it with liquid gas), drill holes trough it, use it for target practice, grind it, melt it, ....
chemical destruction
corrode the disk so the magnetic layer is destroyed. Acid or salt water will do.

All of these methods have one thing in common : they take lots of time (overwriting a disk several times can take hours) or lots of efforts (melting, magnetizing, ...) or both. That's OK if you only have to do 1 or 2 disks every once in a while, but if you have to get rid of hundreds or thousands of decommissioned computers, that's a whole different ball game

Solutions

For hard disks, "wiping" the disk (i.e. overwriting it a number of times) seems the only workable solution, other than physically destroying it. Physical destruction has the disadvantage that the disk can not be reused in case you want to sell or donate old computers. It also requires guaranties that the disks don't get stolen during transport or storage on the destruction premises.

Daryll's Boot and Nuke (DBAN) is an open source tool that boots of a floppy or a CD/DVD. It has a simple menu to choose which partitions and disks to secure erase, and by which method, ranging from an "n times overwrite" (3 times being sufficient for every day use) to (time consuming) methods that meet the requirements of the US Ministry of Defense. Obviously, you can use DBAN yourself to destroy the data on your decommissioned hard disks - if you have the time to setup all your old machines or install the disks in question to one or more dedicated machines, boot them of the DBAN diskette one by one (or create a lot of DBAN disks), etc.

Good refurbishing companies will also take care of data destruction and offer guarantees that your data will not be accessible after the system has been refurbished. To make it all worth their while, they need to be able to re-sell the equipment, so they'll refuse to take really old stuff.

A Test Case

Test Case : Erasing disks with DBAN :


Koen Noens
December 2005