LISTSERV 16.0 - MSUNAG Archives

Great conversation. Steve is right that the 3 wipe has a feel  good factor.
We do the 3 pass because its DoD sanctioned. Although that has changed for
drives that contain sensitive data. They state that destruction is the only
"True" way to ensure no data is recovered. If there are hard drives that
your department knows has sensitive data (social security numbers, student
records, payroll, etc) then PLEASE let us know when you send them over and
we will shred them to ensure that nothing gets off campus. As a general rule
there are certain departments that when they send computer items over we
just have the drives shredded because we assume it would have sensitive data
on them.  We operate on the better safe than sorry principle. You can either
just send me an email stating that the latest shipment coming over is the
one you would like the drives shredded, or better yet is to pull the drives
and put them all in a box. Then write on the box SHRED ONLY. 

 

Wiping drives gets more complex when you start talking about SSD's or flash
drives. They have a feature called Wear Leveling. Since flash memory can
only be written too so many times before it goes bad manufactures put on
their flash drives and SSD's a protocol that sits lower than the OS
formatting that tells the drive where to put the data the OS is trying to
write to the drive. So the OS might think it's putting the data in a certain
part of the drive but the drive tricks it and puts it on a portion of the
drive that hasn't been written too as many times. This ensures the drive
lasts longer, which is great for the life of these drives but makes it a lot
more difficult to ensure its properly wiped.  

I've copied this from Wiki as they put it much better than I could ever do.

 

There are three basic types of wear leveling mechanisms used in Flash memory
storage devices: 


No wear leveling


A Flash memory storage system with no wear leveling will not last very long
if it is writing data to the flash. Without wear leveling, the Flash
controller must permanently assign the logical addresses from the Operating
System(OS) to the physical addresses of the Flash memory. This means that
every write to a previously written block must first be read, erased,
modified, and re-written to the same location. This is very time consuming
and highly written locations will wear out quickly with other locations even
being completely unused. Once a few blocks reach their end of life the drive
is no longer operable. 


Dynamic wear leveling


The first type of real leveling is called dynamic wear leveling and it uses
a map to link Logical Block Addresses (LBAs) from the OS to the physical
Flash memory. Each time the OS writes replacement data, the map is updated
so the original physical block is marked as invalid data, and a new block is
linked to that map entry. Each time a block of data is re-written to the
Flash memory it is written to a new location. However, blocks that never get
replacement data sit with no additional wear on the Flash memory. The name
comes from only the dynamic data is being recycled. The drive may last
longer than one with no wear leveling, but there are blocks still remaining
as active that will go unused when the drive is no longer operable. 


Static wear leveling


The other type of wear leveling is called static wear leveling which also
uses a map to link the LBA to physical memory addresses. Static wear
leveling works the same as dynamic wear leveling except the static blocks
that do not change are periodically moved so that these low usage cells are
able to be used by other data. This rotational effect enables an SSD to
operate until most of the blocks are near their end of life.

 

With all that said it is still possible to securely erase SSD's and thumb
drives. We use a program called eraser which basically fills the drive with
nonsensical data multiple times then erases that data. So if someone was to
try and extract data they would get garbled code that they think might mean
something but really it's just random files the program writes to the drives
then erases.

 

If anyone has any other questions on how we ensure data security on campus
please let me know.

 

Thanks

Tim Heckaman

IT Administrator

MSU Suplus Store & Recycling Ctr.

 

 

 

 

Hi Tim,

What's the proper procedure for requesting that drives get shredded? Do we
just indicate that on the salvage forms somewhere?

Thanks,

 

Al

 

 

From: STeve Andre' [mailto:[log in to unmask]] 
Sent: Friday, July 19, 2013 5:06 PM
To: [log in to unmask]
Subject: Re: [MSUNAG] Proper Disposal of old Server hard Drives?

 

That was true years ago, with far smaller disks.  I have read the data
from the control electronics, and you cannot get consistently readable
data from 1G+ disks.  The old tricks of using nickel power in naphtha 
and so on for the disks of olden days, where you could get data no
longer work.

Writing three times on modern disks has a feel-good factor.  The
dod 5220.22 (dash M?) states specific things to do to erase a disk, but
I know of no disk people today who say you need to do that.

Disk technology has utterly changed in the last 15 years but the regs
for wiping them haven't.

You are right that physical destruction is best!  They make for great
targets, too.

--STeve Andre'




 



On 07/19/13 11:17, Isaac, Jeremy wrote:

A zero fill isn't enough if you have access to the circuit board of the hard
drive and can read the analog signals from the heads.  Darik's Boot And Nuke
(DBAN) defaults to three random write passes and one zero fill, which is
plenty.  I've used it on a PowerEdge 2550, 2650, and 2850 with success, so
it should work on just about anything except any SPARC or POWER servers.

 

To get roughly the same thing out of dd, you could set if=/dev/urandom, run
it three times and then set if=/dev/zero.  It's not the same quality of
randomness, but by then, the drive is certainly nuked.  A metal shredder is
way faster, though.

 


  _____  


From: STeve Andre' [ <mailto:[log in to unmask]> [log in to unmask]]
Sent: Wednesday, July 17, 2013 6:47 PM
To:  <mailto:[log in to unmask]> [log in to unmask]
Subject: Re: [MSUNAG] Proper Disposal of old Server hard Drives?

On 07/17/13 10:37, Al Puzzuoli wrote:

Hi everyone,

I understand that when old computers and servers go to salvage, the drives
in those computers are wiped, but what about free floating drives? We have
several old drives that were formerly  part of an array. If we pass those
onto salvage, will they be disposed of securely?

Thanks,

 

Al Puzzuoli

Michigan State University

Information Technologist
http://www.rcpd.msu.edu

Resource Center for Persons with Disabilities  517-884-1915 120 Bessey Hall
East Lansing, MI  48824-1033

 

 

Why don't you hook them up to any kind of unix like system and do
something like

    dd if=/dev/zero of=/dev/sd0c bs=64k      (OpenBSD example)

to be sure?

--STeve Andre'