Smashing old hard disks is the only secure way?

BBC NEWS | Technology | Hard drive destruction ‘crucial’

The only way?

Hmm, maybe they haven’t heard that there are operating systems other than the ones that Microsoft provide which supply extremely tight encryption methods!

All my (data sensitive) hard drives are first filled entirely with random encrypted “garbage” before use, then setup with a LUKS encrypted partition.

I takes a long time, especially the bigger drives. My 1tb external took 14 hours to prepare, but I’m confident that it would take a very dedicated and experienced hacker or a tech savvy government agency to get anything off it!

Even Microsoft provide an encryption option in their higher priced versions of Vista I believe.

Touting “the only way” seems a little uneducated, and misinformative at worst.

Sadly they are not allowing feedback on that story :sarcastic:.


Windows + NTFS offers full drive or per-directory based encryption using AES/128 - enough for most uses.

Maybe here’s an um, more entertaining way to destroy a hard disk.

Vintage Computing and Gaming | Archive » How Not to Dismantle a Hard Drive

Almost as much fun as putting CDs in the microwave. No no, I’m not suggesting that you try that. :expressionless:

Thanks ken_yap, I tried to adjust my hard drive and look what happened:

My lawyer will be in touch soon rotfl!.

What, no kaboom? Where’s the fun in that? lol!

> What, no kaboom? Where’s the fun in that? lol!

Yes, “Vernon’s Hard Disk Crusher” puts me to sleep. And Chrysantine
and growbag obviously have NO idea just how much code cracking power
the USA’s National Security Agency <> has. Nothing
mentioned so far (not even the mighty Micro$oft) can keep them from
reading your mail.

Despite what they say in this video, some (most probably) of the data
is STILL recoverable if you use this as a guide:
(Because the platter halves can still be read. Difficult yes, but

So, if you have secrets on your hard drive you want NO one to
see/read AND you want a little thrill, I’d recommend to use thermite
<> as demonstrated in this video

NO pieces of platters = NO data

If you need to be told “Be careful”, then don’t try it!

I’d take computer security advice from Which Magazine, the BBC, or any similar source with a grain of salt. A more credible source of information on media destruction is NIST SP800-88.

Note than most EIDE and SATA drives manufactured since 2000 support Secure Erase. Secure Erase Software, instructions, and discussion of different erasure techniques and their effectiveness available here: (

Another common approach is Darik’s Boot and Nuke aka DBAN. This is probably significantly slower than Secure Erase.

SE or DBAN should be more than effective for most people’s needs. If you have a legitimate worry that the NSA may want to recover data from your old drives, you have bigger problems than anyone here is likely to be able to help you with.

> ‘BBC NEWS | Technology | Hard drive destruction ‘crucial’’
> (
> Thoughts?

I agree. HTH.

Still quicker to run a drill through them as i have done with old disks
And it’s tons of fun :wink:


BTW If you use encryption and throw away the key to secure old data, make sure you use a decent full disk encryption package with a key that has lots of entropy. See Appendix A in NIST SP800-63.

A lot of software that encrypts data is garbage (e.g. see With 256-bit encryption, Acrobat 9 passwords still easy to crack). Even if the software uses a strong cipher and a secure hash function, if there are no salting and key strengthening functions then you need to use a much stronger key than most people typically use. You don’t need the NSA’s acres of supercomputers to crack most keys. Given the common use of low-entropy keys, the supercomputer on your desktop has more than enough power.

Still quicker to run a drill through them as i have done with old disks
And it’s tons of fun


most definately!

On 2009-01-08, growbag <> wrote:

> All my (data sensitive) hard drives are first filled entirely with
> random encrypted “garbage” before use, then setup with a LUKS encrypted
> partition.

Encrypted garbage? Seems a strange notion.

I mean, if you want to fill the drive with garbage, what’s the point of
also encrypting it? (the garbage or the drive, eighter is just silly)

Elevators smell different to midgets

Yeah, yeah, you know what I mean!

Obviously I don’t encrypt garbage, it was simply a mistake in my writing :sarcastic:.

I use dd to fill the drive with random “garbage” (that means random bytes of between 00h and ffh, not stuff I pulled out of the garbage can outside my house to people who wish to argue pointless semantics!!!).

Oh go on, please tell me that it could actually be “words” and not “bytes”, therefore I am wrong again :.

As far as I’m concerned, a punch in the face is simply a punch in the face, I’m not at all concerned about the angle and velocity, nor the wind speed at the time of punching. Irrelevant details are simply irrelevant in my opinion :P.

Thermite looks the most fun, and I doubt anyone could recover anything from it.

Even still, if your data was that important, the government can read the extremely slight magnetic movements with an electron microscope.

Wouldn’t one just use boot-and-nuke?

There are only two acceptable and proven methods to handle old hard disks.

Shooting holes in them will not work as the non-bulleted :wink: ares can still be read.

Taken apart, means it can be put back together using the same chases or a similar one.

The two methods are to liquify the entire drive or to use DBAN found at sourceforge.

In fact, I would recommend using DBAN to destroy the old data on a drive even before you put it into production (i.e. when you first buy it).

Acceptable to whom? NIST’s acceptable media disposal methods are in SP 800-88.

Aside from being NIST-approved, your drive’s Secure Erase command is faster and more effective that DoD 5220 block over-writing software. You can get the software to use the Secure Erase command from UCSD. Note that some BIOS chips block the Secure Erase command for your own protection but you can work around this.

There’s also an enhanced version of SE available on some drives (e.g. Seagate) that is very fast. It changes and then destroys the encryption key to the hardware-based encryption built into these drives. If you have a drive that supports hardware FDE, run enhanced-SE and then regular SE. It wouldn’t add much time over just SE as E-SE takes only seconds. .

To courts and other legal agencies needing to verify the integrity of the evidence drive before being used in a case set before a given court of law.

I will admit, I have not heard or this hardware instruction built into drives and it does peak my interest. Thank you for the reference.

All I know is that we used to melt them into a puddle in a induction furnace, with a few armed Marines watching.