Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
On Tue, May 8, 2018, 2:35 PM m.roth@5-cent.us wrote:
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Most places I know shred them, even if they are not dead.
-----Original Message----- From: CentOS [mailto:centos-bounces@centos.org] On Behalf Of m.roth@5- cent.us Sent: Tuesday, May 08, 2018 3:35 PM To: CentOS centos@centos.org Subject: [CentOS] OT: hardware: sanitizing a dead SSD?
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
A five pound ball-peen hammer. Or if you're feeling adventurous, a few seconds in a microwave oven, but set it up outside, so as not to set off the smoke alarms.
A drive grinding machine would do, but those are less fun for just a single drive.
-- Experience varies directly with equipment ruined.
On 8 May 2018 at 15:34, m.roth@5-cent.us wrote:
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
SSD disks must be shredded as the data has been written over multiple sectors many times to 'even the writes'. This allows for even a 'dead' disk to be disassembled with 'off-the-shelf' equipment to extract items from the dead places. Depending on the data involved, there may be different levels of shredding and destruction of shreds required.
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
On Tue, 2018-05-08 at 15:46 -0400, Stephen John Smoogen wrote:
SSD disks must be shredded as the data has been written over multiple sectors many times to 'even the writes'. This allows for even a 'dead' disk to be disassembled with 'off-the-shelf' equipment to extract items from the dead places. Depending on the data involved, there may be different levels of shredding and destruction of shreds required.
Do SSDs have an inbuilt destroy mechanism, like hard disks do ?
Like the others have mentioned, shredding is the best. Esp. since it is Federal. DoD spec only considers shredded destroyed afaik. SSD or not this was my normal practice for that same reason. HIH. Extreme is smelting the drive to molten but that is extremely sensitive data destruction.
Fred
Am 08.05.2018 um 21:46 schrieb Stephen John Smoogen smooge@gmail.com:
On 8 May 2018 at 15:34, m.roth@5-cent.us wrote:
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
SSD disks must be shredded as the data has been written over multiple sectors many times to 'even the writes'. This allows for even a 'dead' disk to be disassembled with 'off-the-shelf' equipment to extract items from the dead places. Depending on the data involved, there may be different levels of shredding and destruction of shreds required.
What would someone use to do this? An industrial blender, circular saw ...?
-- LF
Am 2018-05-09 13:00, schrieb Leon Fauster:
Am 08.05.2018 um 21:46 schrieb Stephen John Smoogen smooge@gmail.com:
On 8 May 2018 at 15:34, m.roth@5-cent.us wrote:
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
SSD disks must be shredded as the data has been written over multiple sectors many times to 'even the writes'. This allows for even a 'dead' disk to be disassembled with 'off-the-shelf' equipment to extract items from the dead places. Depending on the data involved, there may be different levels of shredding and destruction of shreds required.
What would someone use to do this? An industrial blender, circular saw ...?
Lot's of specialized companies in that field.
Some of our customers require a protocol of destruction for disks, with serial numbers.
On Wed, 2018-05-09 at 13:00 +0200, Leon Fauster wrote:
Am 08.05.2018 um 21:46 schrieb Stephen John Smoogen smooge@gmail.com:
On 8 May 2018 at 15:34, m.roth@5-cent.us wrote:
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
SSD disks must be shredded as the data has been written over multiple sectors many times to 'even the writes'. This allows for even a 'dead' disk to be disassembled with 'off-the-shelf' equipment to extract items from the dead places. Depending on the data involved, there may be different levels of shredding and destruction of shreds required.
What would someone use to do this? An industrial blender, circular saw ...?
https://www.youtube.com/watch?v=aE8kwu3dm3o
https://www.youtube.com/watch?v=YqW4djlQUoE
P.
On 9 May 2018 at 07:18, Pete Biggs pete@biggs.org.uk wrote:
On Wed, 2018-05-09 at 13:00 +0200, Leon Fauster wrote:
Am 08.05.2018 um 21:46 schrieb Stephen John Smoogen smooge@gmail.com:
On 8 May 2018 at 15:34, m.roth@5-cent.us wrote:
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
SSD disks must be shredded as the data has been written over multiple sectors many times to 'even the writes'. This allows for even a 'dead' disk to be disassembled with 'off-the-shelf' equipment to extract items from the dead places. Depending on the data involved, there may be different levels of shredding and destruction of shreds required.
What would someone use to do this? An industrial blender, circular saw ...?
Yes. Depending on the data type, the 'dust' at the other end may need to be ground through another machine so that all parts are less than some specified size ( I think it was below 0.5 cm x 0.5 cm x0.5cm.) Then again depending on the data type, those bits are poured into concrete or taken to a specialized chemical incinerator.
P.
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
On Wed, May 9, 2018 at 9:46 AM, Stephen John Smoogen smooge@gmail.com wrote:
On 9 May 2018 at 07:18, Pete Biggs pete@biggs.org.uk wrote:
On Wed, 2018-05-09 at 13:00 +0200, Leon Fauster wrote:
Am 08.05.2018 um 21:46 schrieb Stephen John Smoogen smooge@gmail.com:
On 8 May 2018 at 15:34, m.roth@5-cent.us wrote:
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
SSD disks must be shredded as the data has been written over multiple sectors many times to 'even the writes'. This allows for even a 'dead' disk to be disassembled with 'off-the-shelf' equipment to extract items from the dead places. Depending on the data involved, there may be different levels of shredding and destruction of shreds required.
What would someone use to do this? An industrial blender, circular saw ...?
Yes. Depending on the data type, the 'dust' at the other end may need to be ground through another machine so that all parts are less than some specified size ( I think it was below 0.5 cm x 0.5 cm x0.5cm.) Then again depending on the data type, those bits are poured into concrete or taken to a specialized chemical incinerator.
Depending on your location, have you considered volcano? =)
P.
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
-- Stephen J Smoogen. _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
On Wed, May 09, 2018 at 09:46:30AM -0400, Stephen John Smoogen wrote:
On 9 May 2018 at 07:18, Pete Biggs pete@biggs.org.uk wrote:
On Wed, 2018-05-09 at 13:00 +0200, Leon Fauster wrote:
Am 08.05.2018 um 21:46 schrieb Stephen John Smoogen smooge@gmail.com:
On 8 May 2018 at 15:34, m.roth@5-cent.us wrote:
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
SSD disks must be shredded as the data has been written over multiple sectors many times to 'even the writes'. This allows for even a 'dead' disk to be disassembled with 'off-the-shelf' equipment to extract items from the dead places. Depending on the data involved, there may be different levels of shredding and destruction of shreds required.
What would someone use to do this? An industrial blender, circular saw ...?
Yes. Depending on the data type, the 'dust' at the other end may need to be ground through another machine so that all parts are less than some specified size ( I think it was below 0.5 cm x 0.5 cm x0.5cm.) Then again depending on the data type, those bits are poured into concrete or taken to a specialized chemical incinerator.
Makes sense. I was thinking that some of the flash chips in the SSD could have survived that machine and would need to be further processed for some certainty of security.
Am 08.05.2018 um 21:34 schrieb m.roth@5-cent.us:
Anyone have any clues about how to sanitize a dead SSD? We haven't had it yet, but we're sure it's coming. Esp. since I'm a federal contractor, a dead disk gets deGaussed, but what the hell do you do with a SSD?
If you don’t want to shred, use full-disk-encryption (laptop/pc).
In a server, shredding is probably the sanest option.
Disclaimer: My $dayjob is with a government contractor, but I am speaking as private citizen.
Talk to your organization's computer security people. They will have a standard procedure for getting rid of dead disks. We on the internet can't know what they are. I'm betting it involves some degree of paperwork.
Around here, I give the disks to my local computer support who in turn give them the institutional disk destruction team. I also zero-fill the disk if possible, but that's not an official requirement. The disk remains sensitive until the process is complete.
Jim
James Szinger wrote:
Disclaimer: My $dayjob is with a government contractor, but I am speaking as private citizen.
Talk to your organization's computer security people. They will have a standard procedure for getting rid of dead disks. We on the internet can't > know what they are. I'm betting it involves some degree of
paperwork.
Around here, I give the disks to my local computer support who in turn give them the institutional disk destruction team. I also zero-fill the
disk
if possible, but that's not an official requirement. The disk remains sensitive until the process is complete.
Federal contractor here, too. (I'm the OP). For disks that work, shred or DBAN is what we use. For dead disks, we do the paperwork, and get them deGaussed. SSD's are a brand new issue. We haven't had to deal with them yet, but it's surely coming, so we might as well figure it out now.
mark
On Wed, 9 May 2018, m.roth@5-cent.us wrote:
Federal contractor here, too. (I'm the OP). For disks that work, shred or DBAN is what we use. For dead disks, we do the paperwork, and get them deGaussed. SSD's are a brand new issue. We haven't had to deal with them yet, but it's surely coming, so we might as well figure it out now.
Does anyone use hdparm's enhanced security erase feature for wiping working drives?
Sounds more secure than DBAN/shred, and potentially faster too. It's not something I've used.
jh
On 9 May 2018 at 11:52, John Hodrien J.H.Hodrien@leeds.ac.uk wrote:
On Wed, 9 May 2018, m.roth@5-cent.us wrote:
Federal contractor here, too. (I'm the OP). For disks that work, shred or DBAN is what we use. For dead disks, we do the paperwork, and get them deGaussed. SSD's are a brand new issue. We haven't had to deal with them yet, but it's surely coming, so we might as well figure it out now.
Does anyone use hdparm's enhanced security erase feature for wiping working drives?
Sounds more secure than DBAN/shred, and potentially faster too. It's not something I've used.
It really depends on if the drive actually does what the commands say it does. Most modern drives should do the reset/erase of sectors/cells.. but if the drive manufacturer decides "well we could short cut this by having it just read every sector as 0 until written" and you think you have wiped the data, but it is still there for physical audit. And we have all seen enough dodgy "well this is the lowest end drive we are losing money on if we sell it.. unless we cut corners" to know someone somewhere is going to do that. Which then will make it probably just an additional step everyone has to do.
1. secure wipe drive 2. run dban/shred for 3-4 wipes. 3. fill out paperwork that you did 1 and 2. 4. secure wipe drive 5. send to industrial shredder.
jh
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
-
Albert McCann -
Always Learning -
fred roller -
Fred Smith -
James Szinger -
John Hodrien -
Leon Fauster -
m.roth@5-cent.us -
Mauricio Tavares -
Pete Biggs -
Rainer Duffner -
rainer@ultra-secure.de
-
Stephen John Smoogen -
Tom Bishop