SoylentNews is people
SoylentNews
From Asahi Shimbun
A man who won an Internet auction for used hard disks soon discovered that he was in the possession of confidential and sensitive government information that he had no business reading.
At first, the man, who owns an information technology company, was puzzled when he found repeated mention in the file names of Kanagawa Prefecture.
But he was in for a greater shock when he used recovery software and found that the files on the hard disks contained mountains of data compiled by the Kanagawa prefectural government.
The data included everything from individuals who were behind on their taxes and the amount; documents considering the seizure of assets; documents related to contract bid amounts; rosters of employees at public schools; and even design blueprints for electric power plants and water supply works.
(Score: 2, Informative) by Anonymous Coward on Tuesday December 10 2019, @08:35PM (3 children)
I think the "standard" for secure erasure is:
1) a zeros pass
2) a ones pass
3-6) random data passes
7) a zeros pass
The "need" for this 7 pass erasure is why "Cryptographic Erasure" drives actually exist. Basically, a CE drive is one that is encrypted, but the key is "under the door mat" so to speak. The idea being that when you erase it, you overwrite that key 7 times (fast) and you have nothing but garbage on the rest of the drive, then a zeros pass and you are done.
(Score: 0) by Anonymous Coward on Wednesday December 11 2019, @02:07PM (1 child)
yeah 'tis is funny. one would assume that HDD manufacturers "know best" and would have a device for sell, that is maybe 3xAAA battery powered sits on the desk and you can slot-in a 3.5" and press the big red "erase" button?
but noooo ... it is nigh impossible (time wise) to erase them, so junk 'em and don't recycle/second-hand 'em.
(Score: 2) by Immerman on Wednesday December 11 2019, @02:37PM
DBAN - Darrel's(?) Boot And Nuke.
Burn it onto a CD, boot the computer off it, and select how secure an erase you want to apply to the hard drives.
Not quite a standalone box, but you can use any old computer you happen to have lying around. There might even be a Raspberry Pi version which would allow for a pocket-sized option.
(Score: 2) by Immerman on Wednesday December 11 2019, @02:22PM
I think you're right that the standard is something like that. My point is that it's a standard that was created when hard drive implementation details were very different than they are now, and data could be readily recovered by inserting the platters in a drive that would read the gaps between tracks.
Cryptographic erasure is a wonderful alternative - but only if the encryption is theoretically unbreakable (which is... almost nothing in the face of emerging quantum computers) and the implementation is perfect. And as we've seen time and again with such drives, the implementation is often deeply flawed.