USB to SATA Adapter
I have piles and piles of SATA drives that I am charged with wiping. My motherboard supports 6 SATA inputs, but I would rather not have to reboot each time I connect drives (is there a way to detect SATA drives without rebooting?). I have a sata to usb adapter. It "works" but large operations (copying huge files or wipes) end in IO errors, both in Windows and Linux. Will buying a nicer adapter help? Bottomline, how would YOU wipe a pile of drives?
With a hammer. At least thats how we do in the Dept of Defence.
Seriously though, you could try devoting a PC that will boot a CD version of Linus with a wipe utility and let it run run run. Or buy some HDD cloning machine, but I guess it comes down to security. If you are wiping so that the drives can be used externally to your organization then the most cost effective solution is to destroy them. the time and effort you will spend making sure they are safe is not worth it. And there is always the possibility of one slipping through. I dont fully understand your situation though. If these are just being used internally, then certainly a repartioning and format is good enough depending of course on the security classification the drive came from.
How about this? Buy an external drive case with a SATA internal connection (to plug in the SATA drives) and an eSATA external connection to the computer. It will have its own power supply module and should have an on / off switch. Even if you don't have a computer with an eSATA port, many of these cases come with a simple adapter bracket that plugs into an internal normal SATA port and converts its connection to an eSATA port.
Now, open up the new case and leave it open. Plug in one SATA HDD. Power up the unit and it should show up in My Computer. Now use a software utility to wipe that drive. When done, use the Remove External Hardware icon at lower right to remove this eSATA drive, then turn off its power. Swap out the wiped unit for another. Power up and repeat the process.
For "wiping", how good does it have to be? Deleting all Partitions and then re-Partitioning a disk and Formatting it will foil amateurs. The original data still exist but it takes knowledge and skill to do it. Zero-filling it entirely will destroy all the data, but a really well-equipped shop could recover it from the weak "echoes" of it on the magnetic surfaces. A military-level wipe system makes multiple passes over the entire disk, each time writing a specific bit pattern designed to destroy previous weak echo patterns. This latter process is virtually impossible to defeat, but it takes a VERY long time per unit. (Makes the hammer technique look attractive!)
If the drives were from user workstations, then the wiping wouldn't be necessary. These drives were in servers for various large entities, all of them with various secrets, some of them loaded with cc numbers, etc. There are people who troll computer goodwill for drives with sensitive data. . .
As for "wiping," I've been using the default for shred (on linux). Three random passes.
leftty said:If the drives were from user workstations, then the wiping wouldn't be necessary. These drives were in servers for various large entities, all of them with various secrets, some of them loaded with cc numbers, etc.
Does shred use DoD compliant wiping? Scrub does. Of course these proceedures will take you eons with many drives. From a liability perspective, especially with CC info, the drives should never see the light of day outside your org. No reselling them, no donating them. If I knew i have wipe them with a DoD approved process, then 'maybe' I would feel less icky about it. For the Dept of Defence in Canada we donate old workstations to a group called 'Computers for Schools', but the only units eligible for this are the non-classified PC's that come from administration and general purpose deptartments. But even at that they are DoD NNSA compliant scrubbed.
canadian69 said:From a liability perspective, especially with CC info, the drives should never see the light of day outside your org. No reselling them, no donating them.
Thankyou, sir. My company is small/independently owned, and nobody had considered this. I'll just take a page from the Canadian DoD's book and only re-use workstation drives. As for the server drives, I will destroy them!