Re: How to zero a failing disk drive before disposal?

On Thu, Oct 10, 2024, at 21:42, Dewayne Geraghty wrote:
> A good question Ronald.  I worked for a provider of services for the 
> statutory care of children (eg removed from parents). There are 
> significant penalties for certain types of information loss.  We 
> bench-drilled the hard-disks before sending them (out of our chain of 
> custody) to a furnace.  Admittedly this is an extreme case and for the 
> reasons already stated in this thread, there was no other way to ensure, 
> say a name and location, were not available.
>
> And yes, all machines have full disk encryption (FDE).
>

I agree with securing the data, but drilling is not thorough enough to stop recovery and marks the drive as a high value target. You are basically betting that microscopic magnetic domain scanning will not improve faster than the areal storage density of the drives you throw away. Not a bet I want to take personally.

>
> For personal devices we overwrite the device multiple times, though I'm 
> interested in what a "ATA Secure Erase" does to a healthy storage device 
> and whether all sectors are touched?

ATA Secure Erase is a firmware level overwrite and reread of all physical drive sectors. I have seen the drive’s bad sector count increased by this process. It takes slightly longer than a simple dd if=/dev/zero of=drive.

I don’t suggest filling a drive entirely with zeros or ones. Those writes can be “optimized” out by the firmware. It might set a bit flag in the sector header instead of performing the full write. They don’t complete faster, they just aren’t guaranteed to actually overwrite the old data. The why has to do with a very long side tangent about how MFM encodings with error correction work.

If you want to overwrite use anything except for a string of all ones or zeros.