Reply
 
Thread Tools Display Modes
  #1  
Old 02-10-2019, 10:11 PM
Hari Seldon Hari Seldon is offline
Member
 
Join Date: Mar 2002
Location: Trantor
Posts: 12,425
When discarding an old computer?

I am about to take on old Win-XP computer (yes it is that old) to a recycling centre. The computer still runs and of course contains a lot of personal stuff on it as well as old passwords. For example it automatically connected to my home Wi-Fi. What should I do to wipe the disk?
  #2  
Old 02-10-2019, 10:13 PM
Garak Garak is offline
Guest
 
Join Date: Dec 2018
Posts: 18
take the hard drive out and melt it with thermite, recycle the rest
  #3  
Old 02-10-2019, 10:20 PM
Dewey Finn Dewey Finn is offline
Charter Member
 
Join Date: Apr 2003
Posts: 27,216
Or you could wipe the hard drive using a free program like DBAN before recycling it.
  #4  
Old 02-10-2019, 10:23 PM
Garak Garak is offline
Guest
 
Join Date: Dec 2018
Posts: 18
The free programs don't make it completely unrecoverable but unless you have the NSA digging through the recycling center using all their tech to get your data you're probably fine. You can change some passwords if you're really worried.
  #5  
Old 02-10-2019, 10:33 PM
Sicks Ate Sicks Ate is online now
Guest
 
Join Date: Feb 2011
Location: KS, US
Posts: 6,171
I sold a couple old computers at a garage sale one time, MINUS the hard drives. Marked them appropriately, of course. There was a guy interested in them who was disturbingly insistent that he wanted to also buy the drives that I removed from them.

I always keep my old HDs for a while, I've never figured out why. I have yet to try to pull anything off of them. Anyway, when I run across one I feel like I've held on to long enough, I put the claw of a framing hammer through it and chuck it. 28 oz. encryption.

Last edited by Sicks Ate; 02-10-2019 at 10:35 PM.
  #6  
Old 02-10-2019, 10:41 PM
galen ubal galen ubal is offline
Guest
 
Join Date: Jan 2001
Location: Central VIC Australia
Posts: 2,460
Lots of answers, depending on the age of the computer, what tools you have, and how handy with computer innards you are.
Simplest, brute force - open the computer, unscrew and unplug the hard drive (probably looks something like this. If you've got a torx head screwddriver (usually they have that kind of screw), you can take it apart and "destroy" the platters within. You can wipe over the surface with a strong magnet, or take it apart further and physically break the platters.
CAUTION! Those platters are hard, but very brittle - wear protective goggles and gloves!
I'm assuming you have an IDE mechanical hard drive in there, by the way, and that you're certain you've recovered everything off of it. It may be a SATA hard drive, which just has smaller cables.

Alternatively, you can remove the hard drive, and take it to a trusted computer shop (or computer-savvy friend), and ask them to wipe it. It's easy to do, if you have the tools - say, an external enclosure that handles that particular drive's interface cables.
  #7  
Old 02-10-2019, 10:50 PM
DPRK DPRK is offline
Guest
 
Join Date: May 2016
Posts: 2,662
Unless this is performance art, I am seconding DBAN. No need to remove anything or take anything apart.
  #8  
Old 02-10-2019, 10:50 PM
kunilou's Avatar
kunilou kunilou is offline
Charter Member
 
Join Date: Apr 1999
Posts: 24,659
I take the hard drive out and smash it with a 5 lb. hammer. I figure the recycling center can salvage something from it, just not my old files.
  #9  
Old 02-10-2019, 10:53 PM
galen ubal galen ubal is offline
Guest
 
Join Date: Jan 2001
Location: Central VIC Australia
Posts: 2,460
Quote:
Originally Posted by DPRK View Post
Unless this is performance art, I am seconding DBAN. No need to remove anything or take anything apart.
True, but the smashing is fun! That, and you can recover some wicked strong magnets.

Haven't used DBAN myself, but here's a guide from Lifewire.
  #10  
Old 02-10-2019, 11:13 PM
echoreply's Avatar
echoreply echoreply is offline
Guest
 
Join Date: Dec 2003
Location: Boulder, CO
Posts: 738
Quote:
Originally Posted by Dewey Finn View Post
Or you could wipe the hard drive using a free program like DBAN before recycling it.
Third or fourth DBAN. As long as the computer is functioning this is by far the best way to destroy the data on a spinning hard disk (solid state drives require different techniques). Sure, all the physical destruction stuff is fun to talk about, but isn't really necessary.

Quote:
Originally Posted by Garak View Post
The free programs don't make it completely unrecoverable but unless you have the NSA digging through the recycling center using all their tech to get your data you're probably fine. You can change some passwords if you're really worried.
This is a bit of a myth, unless you're talking about wiping old MFM drives from the 80s. Once a modern, and that includes 15 year old, drive has been overwritten, there is nothing to recover. You also have to consider who is attacking you. In this case, it's the guy who buys the old computer and runs a program to recover deleted files on it. One pass will make that method of recovery completely ineffective. If the government has it out for you, and they don't get anything from your old computer, they'll move on to other methods not available to guys shopping for recycled computers.
  #11  
Old 02-11-2019, 10:11 AM
Jophiel's Avatar
Jophiel Jophiel is online now
Guest
 
Join Date: Mar 1999
Location: Chicago suburbia
Posts: 18,726
I just pull the hard drive, whack it a few times with a hammer and throw it in the kitchen trash. The chance that a master hacker will be going through my moldy leftovers and wet paper towels, find the drive, open and physically repair it is low enough that I'm willing to take the risk.
  #12  
Old 02-11-2019, 11:22 AM
SigMan SigMan is offline
Guest
 
Join Date: Aug 2015
Location: Texas
Posts: 915
Heat (hot fire) and strong magnetism are two sure fire methods of destroying the drives completely.

Last edited by SigMan; 02-11-2019 at 11:23 AM.
  #13  
Old 02-11-2019, 12:25 PM
Malden Capell Malden Capell is online now
Guest
 
Join Date: Nov 2011
Location: London
Posts: 2,222
'That old' bless. I have my Windows 98 and Apple IIe machines upstairs right now

Last edited by Malden Capell; 02-11-2019 at 12:25 PM.
  #14  
Old 02-11-2019, 01:56 PM
Alpha Twit's Avatar
Alpha Twit Alpha Twit is online now
Guest
 
Join Date: Jun 2009
Location: Somewhere south of normal
Posts: 1,913
Quote:
Originally Posted by SigMan View Post
Heat (hot fire) and strong magnetism are two sure fire methods of destroying the drives completely.
My preferred method is to use a chop saw to cut them into 1cm wide strips.

I dare the F.B.I. to find my goat porn now!
__________________
"A society grows great when old men plant trees whose shade they know they shall never sit in."
  #15  
Old 02-11-2019, 02:00 PM
carrps carrps is offline
Guest
 
Join Date: Apr 2014
Location: Los Angeles
Posts: 395
Sounds like me! I just got a new desktop a few months ago, and I just chucked my old pc into my storage closet off my upstairs balcony. Kept meaning to check out how to make it recyclable, so this is timely for me.

Thanks all!
  #16  
Old 02-11-2019, 02:12 PM
SigMan SigMan is offline
Guest
 
Join Date: Aug 2015
Location: Texas
Posts: 915
Quote:
Originally Posted by Alpha Twit View Post
My preferred method is to use a chop saw to cut them into 1cm wide strips.

I dare the F.B.I. to find my goat porn now!
Sounds fun.
  #17  
Old 02-11-2019, 02:14 PM
bump bump is offline
Guest
 
Join Date: Jun 2000
Location: Dallas, TX
Posts: 16,779
Quote:
Originally Posted by kunilou View Post
I take the hard drive out and smash it with a 5 lb. hammer. I figure the recycling center can salvage something from it, just not my old files.
I'd probably do that if I felt like I just had to make sure, but I usually just use one of those programs that writes ones and zeros to it repeatedly.

While something *could* be recoverable theoretically, the likelihood of anyone spending the kind of cash to do that is essentially nil, especially on some random hard drive they found in a recycling bin or at the Goodwill store.

FWIW- back when I worked in computer forensics, we could recover all sorts of bits and pieces of files that hadn't been overwritten, but we were pretty much out of luck when it came to files that had been deleted and then overwritten. It took specialized hardware to try and figure out what was under those 1s and 0s that had been written to the drive, and from what I understand even then, it wasn't a particularly reliable procedure.

Last edited by bump; 02-11-2019 at 02:15 PM.
  #18  
Old 02-11-2019, 02:35 PM
needscoffee needscoffee is offline
Member
 
Join Date: Oct 2009
Posts: 6,889
I always disassemble the hard drives so I can retrieve the super-magnets inside.

If I ever decide I have enough of those, I'd use a triple-rewrite program as we did when I volunteered at a computer refurbishing nonprofit.

Or hammer it.
  #19  
Old 02-11-2019, 05:26 PM
Hari Seldon Hari Seldon is offline
Member
 
Join Date: Mar 2002
Location: Trantor
Posts: 12,425
Unfortunately, although the internet appears to work and I can search for dban, the connection "resets" every time I actually try to download anything. I guess more drastic measures will be needed.
  #20  
Old 02-11-2019, 05:28 PM
Dewey Finn Dewey Finn is offline
Charter Member
 
Join Date: Apr 2003
Posts: 27,216
Can you download DBAN on a different computer? Normally, you run the program by booting from a USB stick or CD-ROM.

Last edited by Dewey Finn; 02-11-2019 at 05:30 PM.
  #21  
Old 02-11-2019, 08:13 PM
Hari Seldon Hari Seldon is offline
Member
 
Join Date: Mar 2002
Location: Trantor
Posts: 12,425
Quote:
Originally Posted by Dewey Finn View Post
Can you download DBAN on a different computer? Normally, you run the program by booting from a USB stick or CD-ROM.
There's a thought.
  #22  
Old 02-11-2019, 08:32 PM
Defensive Indifference Defensive Indifference is offline
Guest
 
Join Date: Jul 2007
Location: St. Louis, MO
Posts: 6,653
Quote:
Originally Posted by echoreply View Post
Third or fourth DBAN. As long as the computer is functioning this is by far the best way to destroy the data on a spinning hard disk (solid state drives require different techniques). Sure, all the physical destruction stuff is fun to talk about, but isn't really necessary.



This is a bit of a myth, unless you're talking about wiping old MFM drives from the 80s. Once a modern, and that includes 15 year old, drive has been overwritten, there is nothing to recover. You also have to consider who is attacking you. In this case, it's the guy who buys the old computer and runs a program to recover deleted files on it. One pass will make that method of recovery completely ineffective. If the government has it out for you, and they don't get anything from your old computer, they'll move on to other methods not available to guys shopping for recycled computers.
Thank you for typing this before I had to.

DBAN or a similar tool, one pass overwrite, is all you need. The latest guidance from NIST agrees that's effective for magnetic media (SSDs get a little tricky due to how they handle storage [some have slightly more storage than the posted size, and it can be hard to access that through normal tools], but even then a pass or two is good enough for the vast majority of use cases).

I'm a computer forensics consultant and a professor of cybersecurity.
  #23  
Old 02-11-2019, 09:00 PM
echoreply's Avatar
echoreply echoreply is offline
Guest
 
Join Date: Dec 2003
Location: Boulder, CO
Posts: 738
Quote:
Originally Posted by Dewey Finn View Post
Can you download DBAN on a different computer? Normally, you run the program by booting from a USB stick or CD-ROM.
nwipe is a fork of dwipe, the program in DBAN that does the actual wiping of the disk. DBAN itself is a small Linux distribution that boots and runs the dwipe. nwipe is available in Debian, and probably other Linux distributions. My most common method of wiping disks is to attach them to my desktop using a dock like this and then run nwipe on them.

There are certainly stand alone wiping programs available for Windows and Mac, but I don't have any experience with them. MacOS does have the a secure erase/wipe option in Disk Utility. I've used that when wiping Mac laptops.
  #24  
Old 02-11-2019, 09:58 PM
Chronos's Avatar
Chronos Chronos is online now
Charter Member
Moderator
 
Join Date: Jan 2000
Location: The Land of Cleves
Posts: 81,355
Quote:
I am about to take on old Win-XP computer (yes it is that old)
Nah, that's young. I'd have expected you to keep a computer around for at least a millennium or so.
  #25  
Old 02-12-2019, 10:17 AM
DesertDog DesertDog is offline
Charter Member
 
Join Date: Oct 2002
Location: Mesa, Ariz.
Posts: 5,032
Quote:
Originally Posted by echoreply View Post
Third or fourth DBAN. As long as the computer is functioning this is by far the best way to destroy the data on a spinning hard disk (solid state drives require different techniques). Sure, all the physical destruction stuff is fun to talk about, but isn't really necessary.
Awww.
Quote:
If the government has it out for you, and they don't get anything from your old computer, they'll move on to other methods not available to guys shopping for recycled computers.
This is known in the trade as rubber hose decryption.
  #26  
Old 02-12-2019, 10:33 AM
aceplace57 aceplace57 is online now
Guest
 
Join Date: Oct 2009
Location: CentralArkansas
Posts: 24,965
I used to get pc's, recondition them and sell.

I boot off a CD and wipe the drive with low level format software.

Then reinstall the original OS using the orig serial number. That repartitions the drive.

The pc is ready to sell.

I'm sure the CIA could recover data. The normal customer can't.

Last edited by aceplace57; 02-12-2019 at 10:36 AM.
  #27  
Old 02-12-2019, 11:29 AM
Atamasama's Avatar
Atamasama Atamasama is online now
Member
 
Join Date: Sep 2009
Posts: 2,817
Dont try to erase an HDD with magnets. It’s incredibly difficult to, and it’s unlikely you have access to a magnet strong enough to.
https://www.kjmagnetics.com/blog.asp...ve-destruction

Maybe a junk yard that has one of those magnets that can pick up a car? That might work. Though I still wouldn’t put money on it.
  #28  
Old 02-12-2019, 11:42 AM
lingyi lingyi is offline
Guest
 
Join Date: Mar 2017
Posts: 1,392
Download Ultimate Boot CD (UBCD) https://www.ultimatebootcd.com/ which includes DBAN as well as a lot of other useful utilities.
  #29  
Old 02-12-2019, 01:17 PM
Atamasama's Avatar
Atamasama Atamasama is online now
Member
 
Join Date: Sep 2009
Posts: 2,817
Quote:
Originally Posted by lingyi View Post
Download Ultimate Boot CD (UBCD) https://www.ultimatebootcd.com/ which includes DBAN as well as a lot of other useful utilities.
Iíve used that myself many times. A great Swiss Army knife of free software.
  #30  
Old 02-12-2019, 03:34 PM
dorvann dorvann is offline
Guest
 
Join Date: Oct 2005
Location: New Hampshire
Posts: 495
For those of you talking about recovering data from hard drives how hard is it recovering deleted data on a solid state drive(SSD) compared traditional hard disk drive? Do you have to overwrite a SSD to secure your data?
  #31  
Old 02-12-2019, 03:45 PM
Hari Seldon Hari Seldon is offline
Member
 
Join Date: Mar 2002
Location: Trantor
Posts: 12,425
I downloaded dban and got an .iso program. I am leery of doing anything with it as long as it was on my mail computer so I moved it to a usb stick. I then clicked on it (on the stick which comes up as d and it created an e: drive with a bunch of files, mostly .txt and one .bzi. I have no idea where this e: drive is, probably a new partition on the c: drive. It shows no space left on e: and calls it a cd drive, although I have no physical cd drive. What next? I am at a total loss. No instructions. The text files are essentially useless.
  #32  
Old 02-12-2019, 03:53 PM
Chimera Chimera is offline
Member
 
Join Date: Sep 2002
Location: In the Dreaming
Posts: 24,183
I just yank every hard disk out of my old computers, open them up and physically destroy the disk, discarding it separately.

Not that I have any mind bending secrets on mine, but I don't tend to want to put easily retrieved data out there for the next person to pull up.
__________________
Tentatively and lightly dipping my toes back in the water.
  #33  
Old 02-12-2019, 03:58 PM
DPRK DPRK is offline
Guest
 
Join Date: May 2016
Posts: 2,662
Quote:
Originally Posted by Hari Seldon View Post
I downloaded dban and got an .iso program. I am leery of doing anything with it as long as it was on my mail computer so I moved it to a usb stick. I then clicked on it (on the stick which comes up as d and it created an e: drive with a bunch of files, mostly .txt and one .bzi. I have no idea where this e: drive is, probably a new partition on the c: drive. It shows no space left on e: and calls it a cd drive, although I have no physical cd drive. What next? I am at a total loss. No instructions. The text files are essentially useless.
It won't work like that. (The e: drive is probably just a virtual drive, whereas you need to be able to boot off the stick.) Follow (for instance) the directions here: download the Universal USB Installer mentioned there and use it to turn the .iso into a properly formatted USB stick. (You can also use a different utility to prepare the stick if you prefer.) Then reboot the computer with the stick inserted, hitting a special key to select the USB stick as the boot device instead of the hard disk.
  #34  
Old 02-12-2019, 04:01 PM
DPRK DPRK is offline
Guest
 
Join Date: May 2016
Posts: 2,662
Quote:
Originally Posted by Chimera View Post
I just yank every hard disk out of my old computers, open them up and physically destroy the disk, discarding it separately.

Not that I have any mind bending secrets on mine, but I don't tend to want to put easily retrieved data out there for the next person to pull up.
See the replies above- it's not even worth the trouble doing that; all you have to do is erase the disk, and then there is no more data for anybody to pull up.
  #35  
Old 02-12-2019, 04:01 PM
SigMan SigMan is offline
Guest
 
Join Date: Aug 2015
Location: Texas
Posts: 915
Quote:
Originally Posted by Hari Seldon View Post
I downloaded dban and got an .iso program. I am leery of doing anything with it as long as it was on my mail computer so I moved it to a usb stick. I then clicked on it (on the stick which comes up as d and it created an e: drive with a bunch of files, mostly .txt and one .bzi. I have no idea where this e: drive is, probably a new partition on the c: drive. It shows no space left on e: and calls it a cd drive, although I have no physical cd drive. What next? I am at a total loss. No instructions. The text files are essentially useless.
I doubt your HDD was partition to E:/. Look at the flash drive with a file manager. I'll bet it's there. You should run it on your PC and create the program on the flash drive.

Last edited by SigMan; 02-12-2019 at 04:03 PM.
  #36  
Old 02-12-2019, 04:35 PM
DPRK DPRK is offline
Guest
 
Join Date: May 2016
Posts: 2,662
Quote:
Originally Posted by dorvann View Post
For those of you talking about recovering data from hard drives how hard is it recovering deleted data on a solid state drive(SSD) compared traditional hard disk drive? Do you have to overwrite a SSD to secure your data?
An interesting question best left to the forensic hardware hackers who have actually messed around with different variants of flash memory in a lab setting (are the erased cells really erased?)

What you are supposed to do is run software that sends a low-level block erase command to the SSD, thus ensuring all the cells are physically erased, after which you can overwrite the drive with 1's and block-erase again. Also, if your data is stored in encrypted form that adds an additional layer of security.
  #37  
Old 02-12-2019, 04:37 PM
Dewey Finn Dewey Finn is offline
Charter Member
 
Join Date: Apr 2003
Posts: 27,216
So what does a program like DBAN do on an SSD? Does it just wipe it the same way it would have wiped a HDD?
  #38  
Old 02-12-2019, 04:42 PM
Scumpup Scumpup is offline
Guest
 
Join Date: Mar 2003
Posts: 13,939
I put my old hard drives down with a full magazine from an AR-15. Fun, thorough, and valuable marksmanship practice.
  #39  
Old 02-12-2019, 05:22 PM
Lukeinva Lukeinva is offline
Guest
 
Join Date: Mar 2009
Location: NW Fairfax County
Posts: 2,648
Quote:
Originally Posted by Hari Seldon View Post
I am about to take on old Win-XP computer (yes it is that old) to a recycling centre. The computer still runs and of course contains a lot of personal stuff on it as well as old passwords. For example it automatically connected to my home Wi-Fi. What should I do to wipe the disk?
Is it a desktop? If yes unplug it unscrew the panels, and remove the disk. You can then put the disk in your new desktop where it will automatically become drive I, or J or some such. Now you can retrieve your old data and pictures, videos etc.

Other option is to buy an exterior disk connector and hook it directly to a USB port on your new desktop.
  #40  
Old 02-12-2019, 06:53 PM
moes lotion moes lotion is offline
Guest
 
Join Date: Nov 2002
Location: North of a Great Lake
Posts: 215
Quote:
Originally Posted by DPRK View Post
See the replies above- it's not even worth the trouble doing that; all you have to do is erase the disk, and then there is no more data for anybody to pull up.
Whether it's too much trouble is a matter of personal taste, I have disposed of a number of computer hard drives over the years by disassembling them, removing the read head drive magnet and platter (or platters). As mentioned up-thread the drive magnets are quite powerful, they are almost too strong to use as fridge magnets because they can be hard to pull off if there's nothing underneath. As for the platters, if you have a propane torch you can create some beautiful oxidation patterns on them and then use them to make gentle wind chimes, or drinks coasters.
  #41  
Old 02-12-2019, 06:58 PM
Chronos's Avatar
Chronos Chronos is online now
Charter Member
Moderator
 
Join Date: Jan 2000
Location: The Land of Cleves
Posts: 81,355
Writing over the data once, with anything, is enough. It can be all 1s, or all 0s, or all random data. It doesn't matter. If it were possible to recover old data after an overwrite, then they would use that technology to make drives with higher capacity.
  #42  
Old 02-12-2019, 09:30 PM
echoreply's Avatar
echoreply echoreply is offline
Guest
 
Join Date: Dec 2003
Location: Boulder, CO
Posts: 738
Quote:
Originally Posted by dorvann View Post
For those of you talking about recovering data from hard drives how hard is it recovering deleted data on a solid state drive(SSD) compared traditional hard disk drive? Do you have to overwrite a SSD to secure your data?
Hopefully somebody who understands more than me will be along soon to explain it.

An important difference between the way HDD and SSD work is that on an HDD when new data has to be written old date can be overwritten without erasing it first. On an SSD the storage cells have to be erased in order for new data to be written. On an HDD when a file is deleted, usually all that happens is the files entry on the filesystem is removed, but the actual data in the file is still on disk. This is how undelete programs can scan a disk and recover deleted files. On an SSD when a file is deleted the entry in the file system is removed, but the disk or operating system know the space used by the file has been deleted, so when idle the SSD will erase the blocks occupied by the deleted file, so they are ready to be written to when needed.

So, because SSDs will actively clear unused space it may be more difficult to recover deleted files. However, I'm not sure if that is true, because I've never had to investigate it.

Running something like DBAN on an SSD may not be effective because of the way SSDs try to balance writes to all of the different memory cells that makeup the device. The cells can wear out if changed too many times, so the drive keeps a record of how often they have been used and will try to use them evenly. So, when DBAN says, "write to 0x00, now to 0x01, now to 0x02" a HDD will just move along the disk writing, because the drive writes where it's told (let's ignore error remapping). An SSD might say 0x00 goes in spot 0x55, 0x01 goes in spot 0x68, 0x02 goes back in spot 0x55 (because it's recorded as empty). So, you might not actually overwrite the whole drive using something like DBAN.

My method for wiping an SSD is to use the SSD's security erase function, if it is available. This can often be accessed using utility programs from the manufacturer, or some third party tools like hdparm. This should erase all of the cells on the drive, so no old data remains. The other technique I use is to put a filesystem on the drive, and then create a single (or multiple) files which fill the entire disk. Because the drive has to hold all of the data, the whole thing is eventually written to. Then I'll delete the files and use a trim/discard command to tell the drive to clear all of the now free memory cells.

It's possible both methods may allow some data to leak, because the security erase feature may not work as intended. The filling with files method may still leave some cells with old data if they are not overwritten for some reason.

By far the best method to wipe an SSD is to only ever write encrypted data to it. Then all that has to happen is the encryption keys are wiped, and the rest of the data on the drive is rendered meaningless. Do not trust SSD's builtin encryption, which also means don't trust Window's Bitlocker, unless you've gone to the trouble to tell Bitlocker not to use the drive's builtin encryption, which it will do if available.

That's a lot of stuff. I invite any real computer security experts to come along and fight my ignorance if anything I said is wrong (not just simplified).
  #43  
Old 02-12-2019, 09:44 PM
Defensive Indifference Defensive Indifference is offline
Guest
 
Join Date: Jul 2007
Location: St. Louis, MO
Posts: 6,653
I'd have to refresh my memory on SSD wipes, but I think echoreply pretty much nailed it. I would only add that some SSDs pad the storage to compensate for the limited number of writes each block can take over its life. So the drive is labeled as 256GB, but there's really more physical storage space there, which is visible to the drive's firmware but not to an OS. At least, that's my somewhat hazy memory of it. Anyway it goes back to who you're worried about. Are you worried that a common criminal is going to try to recover data from it? One pass is enough even on SSDs. Are you worried about the NSA? They might go to the trouble to dig into the drive to get that little but of data, but probably not even them.

And, yeah, the problem goes away if you use full disk encryption. Well, unless you're at risk of Rubber Hose Cryptanalysis. Or the Evil Maid attack, but that's a real edge case.

Last edited by Defensive Indifference; 02-12-2019 at 09:45 PM.
  #44  
Old 02-13-2019, 08:03 AM
BigT's Avatar
BigT BigT is offline
Guest
 
Join Date: Aug 2008
Location: "Hicksville", Ark.
Posts: 35,703
Quote:
Originally Posted by Defensive Indifference View Post
I'd have to refresh my memory on SSD wipes, but I think echoreply pretty much nailed it. I would only add that some SSDs pad the storage to compensate for the limited number of writes each block can take over its life.
My understanding is that this padding often corresponds to the nearest power of 2, simply because making the devices in powers of two is easy.

I also note that many advertised numbers are actually in billions of bytes, rather than gigabytes. In other words, a "128GB" SSD will arrive with 119.2 GB (128,000,000,000 bytes) available. So, if the above is true, I still have over 8 GB left for over provisioning.

That said, it's not that those cells just sit there unused. It's that the system spreads out the writes onto more cells to avoid writing to the same cells too many times. It may also use some of them for a cache, where information is written more quickly but less efficiently, and then stored more efficiently later.
  #45  
Old 02-13-2019, 09:05 AM
Wolf333 Wolf333 is offline
Guest
 
Join Date: Aug 2012
Posts: 1,076
Quote:
Originally Posted by Hari Seldon View Post
I downloaded dban and got an .iso program. I am leery of doing anything with it as long as it was on my mail computer so I moved it to a usb stick. I then clicked on it (on the stick which comes up as d and it created an e: drive with a bunch of files, mostly .txt and one .bzi. I have no idea where this e: drive is, probably a new partition on the c: drive. It shows no space left on e: and calls it a cd drive, although I have no physical cd drive. What next? I am at a total loss. No instructions. The text files are essentially useless.
In Windows 10, if you double-click an ISO file (not program) it will mount as an optical disk. To unmount, right-click on the E: drive and click "eject".

You need to burn the ISO file to a bootable thumb drive. There is a program call Rufus that will do that for you.

https://rufus.ie/downloads/

Rufus is pretty straightforward:
1. At the top, select the target device (your thumb drive)
2. Under boot selection, navigate to the DBAN ISO file
3. Click start

When that is complete, you can boot from the thumb drive and run DBAN.
  #46  
Old 02-13-2019, 09:15 AM
chappachula chappachula is offline
Guest
 
Join Date: May 2002
Posts: 5,595
I'm basically computer illiterate, and have a simple question :
Why can't the OP just type the old DOS command "format c: " ?

Doesn't that erase the whole disc well enough?
  #47  
Old 02-13-2019, 09:22 AM
ftg's Avatar
ftg ftg is offline
Guest
 
Join Date: Feb 2001
Location: Not the PNW :-(
Posts: 18,523
Regarding secure erase on SSD drives.

The main manufacturers offer tools for maintaining their SSDs, which usually contain a secure erase function. E.g., here's the manual (PDF) for SanDisk's tool. (Special fun note: Their "secure erase" just wipes the pointer table. To actually erase the data you have to use their "sanitize" tool.)

The problem is that there are a bunch of lesser manufacturers who don't offer such tools.

While a single disk overwrite is enough to wipe modern HDDs, there can be a catch in some cases: S.M.A.R.T. drives.

The disk firmware detects an iffy sector and swaps it out from a sector in a reserve pool. If you turn off S.M.A.R.T. and use a low level tool you can access such sectors and read their data. (Sectors that fail are sometimes the most used. So they could have interesting data.)

Does DBAN and such turn off S.M.A.R.T. and write all the sectors? (Tried Googling and seemed to get hits using "smart" in the ordinary sense.)
  #48  
Old 02-13-2019, 09:35 AM
Tatterdemalion Tatterdemalion is offline
Member
 
Join Date: Apr 2009
Posts: 548
Quote:
Originally Posted by chappachula View Post
I'm basically computer illiterate, and have a simple question :
Why can't the OP just type the old DOS command "format c: " ?

Doesn't that erase the whole disc well enough?
Unfortunately no. All that does is erase the index to the data.

A full erase can take several hours. You have to write random data over the disk to make the data unrecoverable. That's usually good enough for all practical purposes.

Even then though, there are ways to recover old data. That requires fairly involved, expensive, time consuming and expensive efforts. So if someone is doing that, it's probably a government or law enforcement.
  #49  
Old 02-13-2019, 10:06 AM
DPRK DPRK is offline
Guest
 
Join Date: May 2016
Posts: 2,662
Quote:
Originally Posted by BigT View Post
My understanding is that this padding often corresponds to the nearest power of 2, simply because making the devices in powers of two is easy.

I also note that many advertised numbers are actually in billions of bytes, rather than gigabytes. In other words, a "128GB" SSD will arrive with 119.2 GB (128,000,000,000 bytes) available. So, if the above is true, I still have over 8 GB left for over provisioning.

That said, it's not that those cells just sit there unused. It's that the system spreads out the writes onto more cells to avoid writing to the same cells too many times. It may also use some of them for a cache, where information is written more quickly but less efficiently, and then stored more efficiently later.
I don't believe the manufacturer would engage in silly shenanigans. If it says 128 GB, I expect 128000000000 bytes of user-available storage, because that is the standard meaning, contrary to what you are suggesting.

What happens is, between you and the chips providing that storage is controller hardware that implements error correction/management and wear leveling. Each memory page may have "extra" bits available for this purpose, which are invisible to the user, powers of two or no powers of two. Furthermore, even when it leaves the factory, the chip is only guaranteed to have a number of valid blocks above a certain threshold, not 100% of them. Since there may be bad blocks, in order to guarantee those 128 GB there must be extra blocks available for the controller to work around the bad ones and store internal tables.

In short, you need to rely on a "block erase" command that is able to erase all the physical memory blocks, not just whatever normally appears to the user, which is what DBAN wipes out.
  #50  
Old 02-13-2019, 10:09 AM
DPRK DPRK is offline
Guest
 
Join Date: May 2016
Posts: 2,662
Quote:
Originally Posted by Tatterdemalion View Post
That requires fairly involved, expensive, time consuming and expensive efforts. So if someone is doing that, it's probably a government or law enforcement.
How is it done, and what types of magnetic discs / flash memory are vulnerable?
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 06:59 PM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.

Send questions for Cecil Adams to: cecil@straightdope.com

Send comments about this website to: webmaster@straightdope.com

Terms of Use / Privacy Policy

Advertise on the Straight Dope!
(Your direct line to thousands of the smartest, hippest people on the planet, plus a few total dipsticks.)

Copyright © 2018 STM Reader, LLC.

 
Copyright © 2017