Re: [tlug] Dealing with a possibly busted external HD

[Curt Sampson <cjs@example.com>]

On 2017-03-21 11:28 +0100 (Tue), Kalin KOZHUHAROV wrote:

> Disclaimer: I was until recently PCI DSS QSA professional, PCI DSS
> standard specifically refers to quite a few NIST SPs.

I'm pretty familiar with PCI-DSS, too; I don't consider it to be a
particularly good standard or certification for serious security,
especially if it includes availability. It's essentially designed to
try to limit how poorly people can secure stuff, not to help people do
well, and the audit process can even fail at that.

> While NIST SP 800.88 is fine for government and some selected
> entities, it talks a lot more about what is right and verifiable than
> what is practical.

I disagree. I don't think they have any suggestions that cost more
than a couple of hundred dollars (shredding a drive), which is
eminently practial for any business, and much of what they suggest
(such as encrypting the drive from the start and merely wiping keys to
render the drive unreadable) is available to ordinary Linux users at
no cost beyond a bit of their time; the marginal cost of that time is
a few minutes given that encrypting a drive is something that many
security-conscious people would be doing anyway.

> A bent/warped/broken platter cannot be recovered, since it has to
> spin a few thousand RPM to be read.

No, it clearly does not. As just a simple thought example, holding the
platter still and moving a head across it would likely be
indistinguishable for most purposes. But I'm not convinced that even
now a minimum speed between a sensor and the media is necessary to
read a bit, and I am less convinced that that would always be the case
in the future.

> If they are really lucky (and you not) they may recover a password
> of some kind, a secret in other words. But hey, they'll need time
> and you DO change tour passwords regularly, right?

How many hundreds of passwords do you change every year?

Regardless, this is a very typical example of defining "security" in
terms of one problem. It could be that you couldn't care less if
passwords or other authentication tokens are on that drive and you
might still be interested in spending $200 to have the drive properly
destroyed. (There are companies that will do 25 drives for $200[1],
which works out to $8 a drive; as I said, we're not talking about huge
costs here.)

The important point is to figure out how much money you're really
saving and what you're losing by that.

[1]: http://www.shredharddrive.com/ship-and-shred/

cjs
-- 
Curt Sampson         <cjs@example.com>         +81 90 7737 2974

To iterate is human, to recurse divine.
    - L Peter Deutsch