From nobody Fri Oct 11 02:42:21 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XPrY06HpJz5Z50p for ; Fri, 11 Oct 2024 02:43:48 +0000 (UTC) (envelope-from dewayne@heuristicsystems.com.au) Received: from heuristicsystems.com.au (hermes.heuristicsystems.com.au [203.41.22.115]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2560 bits) client-digest SHA256) (Client CN "hermes.heuristicsystems.com.au", Issuer "Heuristic Systems Type 4 Host CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XPrXx71Sbz4Gkp for ; Fri, 11 Oct 2024 02:43:45 +0000 (UTC) (envelope-from dewayne@heuristicsystems.com.au) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=heuristicsystems.com.au header.s=hsa header.b=ItQZ8dK1; spf=pass (mx1.freebsd.org: domain of dewayne@heuristicsystems.com.au designates 203.41.22.115 as permitted sender) smtp.mailfrom=dewayne@heuristicsystems.com.au; dmarc=none Received: from [10.0.5.4] (bigears.hs [10.0.5.4]) (authenticated bits=0) by heuristicsystems.com.au (8.15.2/8.15.2) with ESMTPA id 49B2gKgH014637 for ; Fri, 11 Oct 2024 13:42:21 +1100 (AEDT) (envelope-from dewayne@heuristicsystems.com.au) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=heuristicsystems.com.au; s=hsa; t=1728614541; x=1729219342; bh=wyg9plwvc96o4GUybpIZ3mA2lXiV2zreOz2uyadYVns=; h=Message-ID:Date:Subject:To:From; b=ItQZ8dK1oR74kaggO3K/SMGGIJUuW+gaLpfyCKR6u4yDXs4/brNQl1GD8fjnobY8n zkHiiWkKV+5u4vvK4uER/JHKBX7R7x+3NVLSSivNSMGS8vl667unR61K3vyqQe8Qo4 Bh1SjVW+ZsPJ408XVVL9HxbNUrInAO28J8FBk8IAVqxwfYSgqCtGS X-Authentication-Warning: b3.hs: Host bigears.hs [10.0.5.4] claimed to be [10.0.5.4] Message-ID: <2544410a-8a99-4b2e-a194-c8326a2e0ddd@heuristicsystems.com.au> Date: Fri, 11 Oct 2024 13:42:21 +1100 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: How to zero a failing disk drive before disposal? To: questions@freebsd.org References: <5117.1728561469@segfault.tristatelogic.com> Content-Language: en-GB From: Dewayne Geraghty In-Reply-To: <5117.1728561469@segfault.tristatelogic.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spamd-Result: default: False [-5.09 / 15.00]; DWL_DNSWL_MED(-2.00)[heuristicsystems.com.au:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_SHORT(-1.00)[-0.999]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; R_DKIM_ALLOW(-0.20)[heuristicsystems.com.au:s=hsa]; RCVD_IN_DNSWL_MED(-0.20)[203.41.22.115:from]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; ONCE_RECEIVED(0.10)[]; XM_UA_NO_VERSION(0.01)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[heuristicsystems.com.au]; MIME_TRACE(0.00)[0:+]; RCPT_COUNT_ONE(0.00)[1]; DKIM_TRACE(0.00)[heuristicsystems.com.au:+]; RCVD_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:1221, ipnet:203.40.0.0/13, country:AU]; TO_DN_NONE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_XAW(0.00)[] X-Rspamd-Queue-Id: 4XPrXx71Sbz4Gkp X-Spamd-Bar: ----- A good question Ronald. I worked for a provider of services for the statutory care of children (eg removed from parents). There are significant penalties for certain types of information loss. We bench-drilled the hard-disks before sending them (out of our chain of custody) to a furnace. Admittedly this is an extreme case and for the reasons already stated in this thread, there was no other way to ensure, say a name and location, were not available. And yes, all machines have full disk encryption (FDE). For personal devices we overwrite the device multiple times, though I'm interested in what a "ATA Secure Erase" does to a healthy storage device and whether all sectors are touched?