Melting Hard Drives to Protect Data
Over the course of many projects, we’ve been entrusted with the safekeeping of a lot of sensitive data: trade secrets, proprietary software, credit card data, business records, phone recordings, etc. When projects complete and this data is no longer required, we still need to safely and securely dispose of it.
These days, there are many options for encrypted file systems, therefore destroying data is as simple as destroying the keys… but we accumulated a dozen or so drives before encryption was commonplace. Many of the drives mechanically failed, therefore disposal by multiple overwrites was not possible.
In the past we’ve used shredding services with giant machines that turn drives into confetti. This is considered a pretty good way to destroy data and it’s very hard to recover data from the residue. As data storage density increases, though, I’ve wondered if determined criminals might be able to read little bits of data from the little bits of hard drive. Surely some pieces have whole credit card numbers, passwords, small files, etc.
Demagnetizing drives would probably do the trick; but it’s hard to verify that the data really is gone.
A local hacker space allowed us to use their aluminum forge to melt the drive platters. Not only does the heat cause a loss of magnetic data, but melting the drives is essentially shredding at the molecular level. The aluminum drops and muffins also made nice gifts to our customers.
There are a bunch of web sites and videos on building an aluminum forge. The forge we used was handcrafted in similar way. Aluminum melts fairly easily – about twice the heat of a regular oven.
What if you don’t need such extreme destruction?
Whacking the drive a few times with a sledge hammer will probably do the trick for most purposes. Once the discs cannot spin, an attacker can no longer read data easily – it would be a serious effort to read data from the surface slowly. It would certainly have data loss on parts of the disc.
I’m also told that when hard drive recovery companies need to move the disc platters to another drive, it is critical that the alignment of the drives remain the same… and a real pain if they get out of alignment. So, open the drive and remove the discs… enjoy how smoothly they glide across each other – a product of the precision machining that is necessary for the discs to spin smoothly at 10,000 rpm or faster. Bend them or fold them for good measure.
Some hard drive experts suggest drilling a hole in the drive as the holes prevent the disc from spinning smoothly and will clobber the read heads. I’ve tried this and warn that if the drive seizes up on the drill bit that your drill will spin the big metal drive very quickly. It could hit you like a baseball bat and cause a lot of injury; but if you take the right precautions, it could be a fast and cheap way to disable drives.
Computer recyclers often have a hydraulic machine that can punch a hole in the drives or bend them in half. Sometimes they will do it for free or for just a few bucks.
I’ve used SEMSHRED to shred drives. It’s a little expensive, but the cost is part of owning computing equipment and using it for sensitive operations.
What about SSDs?
Most SSDs on the market are “self encrypting,” though you need to check carefully for this feature. A special program or firmware option allows you to rekey the encryption chip and loose the original encryption key – essentially rendering the data gibberish.
The best option is to encrypt your file systems to start with; though there is a performance hit and this may not be suitable for all applications. RAID striping will not speed up that type of encryption.
It’s also possible that the controller on the drive could fail, leaving you unable to rekey the drive.
We haven’t had an SSD die on us yet, but certainly older drives will be decommissioned at some point and some will fail. Crushing the chips seems to be a pretty good method of destruction… but we’ll probably get a Blendtec.