Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Dealing with a possibly busted external HD
- Date: Tue, 21 Mar 2017 11:28:08 +0100
- From: Kalin KOZHUHAROV <me.kalin@example.com>
- Subject: Re: [tlug] Dealing with a possibly busted external HD
- References: <20170317083905.36bde6b3.jep200404@columbus.rr.com> <CACX149=Ox1+j7OqsN_cdA25Onp0j5UpcnAr9hiUtykcRX8H6tA@mail.gmail.com> <20170321085953.GA10841@quadratic.cynic.net>
On Tue, Mar 21, 2017 at 9:59 AM, Curt Sampson <cjs@example.com> wrote: >> Smash the platters with a hammer or big screwdriver hit with a hammer. > > That's ok if your attackers are not very motivated (read: "downright > lazy"), but doing that in a business that's dealing with things like > 個人情報 puts you at risk of a lawsuit. NIST SP 800.88 is your friend > here. Table 5-1 gives you your options. > Disclaimer: I work with a data recovery company, though not employee. Disclaimer: I was until recently PCI DSS QSA professional, PCI DSS standard specifically refers to quite a few NIST SPs. While NIST SP 800.88 is fine for government and some selected entities, it talks a lot more about what is right and verifiable than what is practical. The problem with "broken drives" is that it cannot be (reasonably easy) verified whether they contain data or not, so only option is physical destruction (including degaussing), to render them non-operational. "using a certified degauss method/contractor or shredder" meant it was verified/audited by a 3rd party to work right. Modern (>400GB, multi-platter) drives are built to very fine tolerances and later calibrated in factory once assembled. There is no way to disassemble a platter packet and then put it back together, even for the best equipped DR labs (unless held by a special clamp, as a packet from the beginning). A bent/warped/broken platter cannot be recovered, since it has to spin a few thousand RPM to be read. So, the bottom line is: If you hammer a relatively blunt object through your platters (sharpened minus driver), you both punch and warp the platters, introducing sharp edges and particles. Anyone will to invest a few million US to be able to recover some tiny bits fo information (talking bytes, not even kilobytes) of those hundreds of GB. If they are really lucky (and you not) they may recover a password of some kind, a secret in other words. But hey, they'll need time and you DO change tour passwords regularly, right? Cheers, Kalin.
- Follow-Ups:
- Re: [tlug] Dealing with a possibly busted external HD
- From: Claus Aranha
- Re: [tlug] Dealing with a possibly busted external HD
- From: Curt Sampson
- Re: [tlug] Dealing with a possibly busted external HD
- References:
- Re: [tlug] Dealing with a possibly busted external HD
- From: jep200404
- [tlug] Dealing with a possibly busted external HD
- From: Claus Aranha
- Re: [tlug] Dealing with a possibly busted external HD
- From: Curt Sampson
- Re: [tlug] Dealing with a possibly busted external HD
- Prev by Date: Re: [tlug] Dealing with a possibly busted external HD
- Next by Date: Re: [tlug] Dealing with a possibly busted external HD
- Previous by thread: Re: [tlug] Dealing with a possibly busted external HD
- Next by thread: Re: [tlug] Dealing with a possibly busted external HD
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |