Deleting data from external drive

Topic

New Reply

Hi all, I just tried to reply to the thread http://windowssecrets.com/forums/showthread//169602-Best-techniques-for-the-safe-disposal-of-drives?highlight=data+destruction, but after writing all of the below was informed that thread is too old to reply to (ARGH!), hence this one.

Hey everyone, I see there has not been much activity on this thread for awhile, but I just got around to reading the article mentioned (I know, I know), but have two questions pertaining to the article and destroying data. First, in the article Mr. Spindler states “But security experts have found that these programs are not completely effective. I don’t recommend relying on any of these programs. Instead, use what we know works: physical destruction or a full-disk encryption app such as BitLocker.”, but in the bulleted list below also states what seems to be a contradiction, unless I am reading it incorrectly “The U.S. Department of Defense requires three or more passes for a secure data wipe. But if data on today’s HDDs or SSDs is overwritten just once, it’s gone forever — forensically destroyed.” Again seems like a contradiction, no?

My problem is this: I have an external Seagate 3TB HDD that needs replacing, and Seagate has generously extended my warranty which expired 2/2015 to the end of November, 2015 as a one time courtesy to me, due to the fact that I have had 4-5 Seagate drives fail, both internal and external, right after the warranty has expired.I now have two Western Digital internal drives, and Carbonite backing up my data, with WD offering 5 year warranties. While grateful, I know they will want the old drive back, in working condition. Now, of course I want to completely make sure any data is inaccessible to the techs who will no doubt be testing the drive. I prefer wiping the data over encryption, and physically destroying the platters would probably void that extra warranty. The drive, according to Hard Disk Sentinel is failing due to hundreds of bad sectors, so time is sensitive. I also can hear occasional weird noises that occurred around the same time HD Sentinel started reporting problems. So I would like to do what must be done before the drive is no longer accessible. I have not heard of DBAN before (will look it up) but already have CCleaner which allows for up to a 35 pass wipe (overkill, anyone?) Does everyone think that the one pass as written would be enough, or should I go with the encryption route, which would mean, for me trying to find a free encryption program that is trustworthy and works?

Reply | Quote

Replies

I think a 3 pass wipe should be enough, if the wipe involves writing random bits to the entire drive. Then delete the partition on the drive.

That should be sufficient, but if you want to make doubly sure, recreate the partition, format the drive, and do another 3 pass wipe.

I can’t imagine a Seagate technician spending the time trying to recover whatever you had on the drive, especially since they won’t be able to see anything on the drive. And even if they wanted to spend the time, they would need the expertise, software, etc., to be able to succeed.

If you believe that someone thinks that your data is worth the effort, then you might want to forgo the warranty and just destroy the drive platters.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

If you don’t have to return it, then a sledge hammer works pretty well most of the time – unless your initials are NSA or CIA.

Since you do, a good one-pass wipe should be fine.

Reply | Quote

If you don’t have to return it, then a sledge hammer works pretty well most of the time – unless your initials are NSA or CIA.

Since you do, a good one-pass wipe should be fine.

Also, thanks Graham! Love the Clarke quote.

Reply | Quote

mrjimphelps,

Thanks for the quick reply! I agree with your assessment, it was just the mentioned article seemed to contradict itself a little, so had me a bit confused. Also, I hadn’t thought of deleting the partition, so that also helps. I also agree with your belief that Seagate techs (certainly not the NSA!) probably don’t have the time or inclination to go after wiped data, but in this crazy digital age we live in, one can get a bit paranoid, y’know? Destroying the drive after the effort I put into securing the extended warranty, and the fact I cannot financially afford to purchase a third drive at this time make that option impractical.

Thanks again!

Reply | Quote

Have you ever seen a listing of files “recovered” by most freebie and some fee data recovery utilities? Once past the Recycle Bin, the name is lost, the non-contiguous clusters may or may not be recoverable, and so on.

"Take care of thy backups and thy restores shall take care of thee." Ben Franklin, revisted

Reply | Quote

:cheers:

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

DBAN has really become an informal standard for data destruction. I’ve used it successfully and was pleased with the result.

I recently learned of another option, Cipher.

cipher /W:H:

Cipher is part of Windows and thus is easily and universally available. The trick with Cipher is that it only wipes unused disk space. You have to delete all the files on that external drive first and then run the Cipher step. I also don’t know if the Recycle bin on an external drive (do externals even have a Recycle bin? I don’t think they do…) counts as ‘unused space’.

In the end, all software wiping steps gets you to ‘reasonably secure’ but no farther. If you are really paranoid or have unusual security needs, physical destruction of the drive is necessary. There are too many possible avenues for data leaks otherwise (relocated sectors, Recycle bins, hidden partitions, wear leveling activity on SSD’s, flash cache on hybrid drives, it’s endless).

Reply | Quote

To me the answer to your question would change depending on what data was on the drive. If you have sensitive business data, bank account info, and the like the need to overwrite the data with useless random bits is necessary. Pictures of your cat, your music, and other personal things a reformat (not a quick one) is likely all that is necessary. The NSA or like organizations could care less about most of us. If they care about you there is likely not a lot you can do to prevent them from getting to the data. Seagate techs want to know what is wrong with the drive and in general don’t have the time or curiosity to try to recover your data unless you are paying them to do so.

Reply | Quote

“Seagate techs want to know what is wrong with the drive and in general don’t have the time or curiosity to try to recover your data unless you are paying them to do so.”

It’s a slow and tedious process, at best. Years ago, back in the DOS days, there were editors available that would actually show you what the data on a disk was. It gave both the DOS info and the actual machine coding. You could go through a disk frame by frame, looking for your ‘lost’ data. As I said, a very slow process. It would have to be REALLY important data for anyone to try this! I would do as others said; Reformat the drive, then run CCleaner’s wiper, 3 times, on the highest setting, and feel comfortable with it. This is what I do when I sell a used HD or a ‘Repair – for parts only’ PC or laptop. I hope this helps.

Bob

Reply | Quote