Best practices for searching/wiping hard drives
August 3, 2015 9:50 AM Subscribe
What is the safest (within reason) and most efficient way for me to get the data I want off of a bunch of old hard drives and then securely wipe them for recycling?
Paranoia and laziness have left me with a bunch of old hard drives (all spinning disk, no SSD) from previous computers/upgrades to my current computers.
I have a vague sense that some of them might contain files that I still want (mainly media), and I definitely know that some of them contain personal information that I want to protect (think tax returns, etc). I am also not positive that all of these hard drives come from my computers, and I'd like to minimize the risk of reviving any old malware.
I have a doohickey that will allow me to plug in any IDE or SATA drive and connect to my PC as an external USB drive. I'm not interested in pulling data off of "bad" drives -- if I can't read the drive, I'm going to take that as the universe telling me I don't need the data on it. I would like to have the following workflow for each drive:
1.) I have a Windows 7 machine with all the latest updates. I'm relying on Microsoft Security Essentials and not being an idiot for malware protection right now. Short of installing Linux (or even booting to a portable Ubuntu installation) how do I examine the drives safely?
2.) How do I keep the casually curious (I don't need protection from someone with the resources of the NSA) from reading my data after the drives leave my physical protection? I was thinking of installing some kind of zero-wiping tool, but I'm wondering if those are still effective, or really worth the time?
3.)Speaking of time saving, would just physically destroying the drives be the way to go? I have access to a drill press, and a chop saw or two. What are the environmental implications of mangling the platters? Will I be making it more likely that the drives end up in a landfill (as opposed to being reasonably responsibly* e-recycled)?
*I am aware that "e-recyclers" aren't perfect.
Paranoia and laziness have left me with a bunch of old hard drives (all spinning disk, no SSD) from previous computers/upgrades to my current computers.
I have a vague sense that some of them might contain files that I still want (mainly media), and I definitely know that some of them contain personal information that I want to protect (think tax returns, etc). I am also not positive that all of these hard drives come from my computers, and I'd like to minimize the risk of reviving any old malware.
I have a doohickey that will allow me to plug in any IDE or SATA drive and connect to my PC as an external USB drive. I'm not interested in pulling data off of "bad" drives -- if I can't read the drive, I'm going to take that as the universe telling me I don't need the data on it. I would like to have the following workflow for each drive:
- plug drive in
- search for *.[interesting file types]
- copy files to my new media drive
- securely wipe/destroy drive
- recycle
1.) I have a Windows 7 machine with all the latest updates. I'm relying on Microsoft Security Essentials and not being an idiot for malware protection right now. Short of installing Linux (or even booting to a portable Ubuntu installation) how do I examine the drives safely?
2.) How do I keep the casually curious (I don't need protection from someone with the resources of the NSA) from reading my data after the drives leave my physical protection? I was thinking of installing some kind of zero-wiping tool, but I'm wondering if those are still effective, or really worth the time?
3.)Speaking of time saving, would just physically destroying the drives be the way to go? I have access to a drill press, and a chop saw or two. What are the environmental implications of mangling the platters? Will I be making it more likely that the drives end up in a landfill (as opposed to being reasonably responsibly* e-recycled)?
*I am aware that "e-recyclers" aren't perfect.
Your workflow already sounds about as efficient as it can get. I would install a better malware scanner (MSE has gone downhill a lot recently). Just make sure whatever you install has real-time scanning to pick up any malware as you attempt to copy it over. I think the free versions of both Avast and AVG will do this for you.
A full disk wiping tool will be fine - you probably won't need the DoD secure option, but I'd still go for at least two or three full passes just to be safe. Alternatively, yes, drilling several holes directly through the drives would be more than enough to deter any casual or opportunistic data thief. It shouldn't much impact their recyclability - everything will get pulled apart and mechanically separated then melted down and refined anyway
To be extra safe after the transfers - open any document files you recover in Google Drive instead of Microsoft/Adobe products - any undetected malware in them won't run on your PC if not opened in the program it was designed to exploit.
posted by trivia genius at 10:11 AM on August 3, 2015
A full disk wiping tool will be fine - you probably won't need the DoD secure option, but I'd still go for at least two or three full passes just to be safe. Alternatively, yes, drilling several holes directly through the drives would be more than enough to deter any casual or opportunistic data thief. It shouldn't much impact their recyclability - everything will get pulled apart and mechanically separated then melted down and refined anyway
To be extra safe after the transfers - open any document files you recover in Google Drive instead of Microsoft/Adobe products - any undetected malware in them won't run on your PC if not opened in the program it was designed to exploit.
posted by trivia genius at 10:11 AM on August 3, 2015
Before I dispose of drives, I simply drill one or two holes through the casing and platter with a cordless electric drill. The data ain't coming back from that. I can't speak to environmental concerns - but I doubt it will make it any more or less likely to be recycled.
posted by scolbath at 10:44 AM on August 3, 2015
posted by scolbath at 10:44 AM on August 3, 2015
Seconding the recommendation of DBAN. That raises the bar for forensic data recovery about as high as it can go without physically destroying the drives. It's super-easy to use, albeit time-consuming.
A DBAN'ed drive can be re-used, but if you're thinking about donating consider whether you are really helping. Low-capacity and/or IDE drives are probably like CRTs these days: nobody is going to use them, and all you're giving the charity is the problem of disposing of them. Unless the drive is actually still valuable, I'd just drill it and get on with life.
Drilling the platters shouldn't compromise recycling. It'll deter all the casual snoops, and even dedicated snoops without huge resources. It's a lot easier than shredding or melting the platters, which is what you'd have to do if you wanted to 100% prevent any data being recovered via magnetic force microscopy.
I'd be careful with the chop saw -- it seems likely that it would fling shards of platter at you. If you try it, wear a full face shield and don't stand in line with the blade. Drill press, IMHO, is much safer.
I'd also suggest a final step to your workflow: After copying everything, identify cases where multiple files on your new drive have the same content and delete all but one copy. There are automated tools that can help with this.
If your PC has USB 3, invest in a [SATA or IDE]-to-USB3 adapter. Sooo much faster, and you'll use it often.
posted by sourcequench at 3:39 PM on August 3, 2015 [1 favorite]
A DBAN'ed drive can be re-used, but if you're thinking about donating consider whether you are really helping. Low-capacity and/or IDE drives are probably like CRTs these days: nobody is going to use them, and all you're giving the charity is the problem of disposing of them. Unless the drive is actually still valuable, I'd just drill it and get on with life.
Drilling the platters shouldn't compromise recycling. It'll deter all the casual snoops, and even dedicated snoops without huge resources. It's a lot easier than shredding or melting the platters, which is what you'd have to do if you wanted to 100% prevent any data being recovered via magnetic force microscopy.
I'd be careful with the chop saw -- it seems likely that it would fling shards of platter at you. If you try it, wear a full face shield and don't stand in line with the blade. Drill press, IMHO, is much safer.
I'd also suggest a final step to your workflow: After copying everything, identify cases where multiple files on your new drive have the same content and delete all but one copy. There are automated tools that can help with this.
If your PC has USB 3, invest in a [SATA or IDE]-to-USB3 adapter. Sooo much faster, and you'll use it often.
posted by sourcequench at 3:39 PM on August 3, 2015 [1 favorite]
This thread is closed to new comments.
One way to mitigate at least some of the security risk is to copy files from the drives using a Linux USB stick. I haven't had to do this in a long time, but you can apparently set Ubuntu up this way.
You can also create a USB boot scanner to scan the files.
My guess is that there's a more efficient way of going about this without having to reboot and use different USB sticks, but this method would work, and your Windows install would never see the files until after they're scanned.
posted by cnc at 10:09 AM on August 3, 2015 [1 favorite]