Re: [tlug] Dealing with a possibly busted external HD

[Claus Aranha <caranha@example.com>]

First, thank you for all the replies, this was a great learning experience.

Regarding backups/disaster recovery, Indeed so far I only had a
amateurish plan for the second
(I have my data mirrored across two computers on different buildings
in campus, plus a third
one off campus). I had "create a proper backup procedure" as a wish
list item for a while, and finding this
drive drove me to put that item on the top of the pile. I guess it
will have to wait for the next fiscal year.

Regarding disposing of the broken drive, I guess I'll go through the
disassembly and hammer route
some weekend (would love to get myself some new strong magnets). Any
safety tips are
appreciated! Will post some goreware pics if there is interest.

Thanks again,



On Tue, Mar 21, 2017 at 7:28 PM, Kalin KOZHUHAROV <me.kalin@example.com> wrote:
> On Tue, Mar 21, 2017 at 9:59 AM, Curt Sampson <cjs@example.com> wrote:
>>> Smash the platters with a hammer or big screwdriver hit with a hammer.
>>
>> That's ok if your attackers are not very motivated (read: "downright
>> lazy"), but doing that in a business that's dealing with things like
>> 個人情報 puts you at risk of a lawsuit. NIST SP 800.88 is your friend
>> here. Table 5-1 gives you your options.
>>
>
> Disclaimer: I work with a data recovery company, though not employee.
> Disclaimer: I was until recently PCI DSS QSA professional, PCI DSS
> standard specifically refers to quite a few NIST SPs.
>
> While NIST SP 800.88 is fine for government and some selected
> entities, it talks a lot more about what is right and verifiable than
> what is practical.
>
> The problem with "broken drives" is that it cannot be (reasonably
> easy) verified whether they contain data or not, so only option is
> physical destruction (including degaussing), to render them
> non-operational. "using a certified degauss method/contractor or
> shredder" meant it was verified/audited by a 3rd party to work right.
>
> Modern (>400GB, multi-platter) drives are built to very fine
> tolerances and later calibrated in factory once assembled. There is no
> way to disassemble a platter packet and then put it back together,
> even for the best equipped DR labs (unless held by a special clamp, as
> a packet from the beginning). A bent/warped/broken platter cannot be
> recovered, since it has to spin a few thousand RPM to be read.
>
> So, the bottom line is: If you hammer a relatively blunt object
> through your platters (sharpened minus driver), you both punch and
> warp the platters, introducing sharp edges and particles. Anyone will
> to invest a few million US to be able to recover some tiny bits fo
> information (talking bytes, not even kilobytes) of those hundreds of
> GB. If they are really lucky (and you not) they may recover a password
> of some kind, a secret in other words. But hey, they'll need time and
> you DO change tour passwords regularly, right?
>
> Cheers,
> Kalin.
>
> --
> To unsubscribe from this mailing list,
> please see the instructions at http://lists.tlug.jp/list.html
>
> The TLUG mailing list is hosted by ASAHI Net, provider of mobile and
> fixed broadband Internet services to individuals and corporations.
> Visit ASAHI Net's English-language Web page: http://asahi-net.jp/en/



-- 
Claus Aranha
http://claus.castelodelego.org