Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


[Dedicated server] Clean HDDs before returning?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

[Dedicated server] Clean HDDs before returning?

Let's assume you have sensitive data on a dedicated server.

Do you think it's safe enough to just delete (rm) the files before the server is cancelled or do you usually perform some more thoroughly cleaning like shredding or overwriting the whole partition/disk with random data?

Comments

  • FlorisFloris Member
    edited August 2014

    overwriting the whole disk with random data, then format (maybe twice?). Then ask the DC to destroy your disk safely, as it contains sensitive data. (depending on how sensitive it is)

  • wychwych Member

    Just give it a Zero Wipe.

  • Just overwrite the whole HDD with zeroes, this should be good enough. The NSA can probably still recover data in such case, but if you worry about the NSA you have bigger problems.

  • rds100 said: The NSA can probably still recover data in such case, but if you worry about the NSA you have bigger problems.

    The NSA already have a copy before we're discussing this.

  • infolinkinfolink Member
    edited August 2014

    @Floris I doubt the DC will destroy the drive for you (at least not physically).
    @Nirvana I would suggest to use DBAN (http://www.dban.org) to remove the data from your server.

  • Ok, thanks for suggestions. I should add that it's not highly sensitive data (as I wouldn't store this unencrypted on an internet box anyway), but just some scripts/customer data that shouldn't fall into unauthorized hands.

  • @Nirvana said:
    Ok, thanks for suggestions. I should add that it's not highly sensitive data (as I wouldn't store this unencrypted on an internet box anyway), but just some scripts/customer data that shouldn't fall into unauthorized hands.

    The question is, is the data worth ~$300 to you/attackers? If so you can ask them to ship the HDD to you and physically destroy it locally.

  • There is no case in the history of HDDs where data recovery was possible even after a single overwrite. There is only one theoretical work by Gutmann without any actual useful example of data recovery.

    Just overwrite it with zeros, once is enough.

    http://www.nber.org/sys-admin/overwritten-data-gutmann.html
    http://en.wikipedia.org/wiki/Data_recovery#Overwritten_data

    Thanked by 2rm_ Mark_R
  • @Harzem said:
    There is no case in the history of HDDs where data recovery was possible even after a single overwrite. There is only one theoretical work by Gutmann without any actual useful example of data recovery.

    Just overwrite it with zeros, once is enough.

    http://www.nber.org/sys-admin/overwritten-data-gutmann.html
    http://en.wikipedia.org/wiki/Data_recovery#Overwritten_data

    Wasn't that an article secretly planted by the NSA?

  • NIST's last advisory also concluded that a single pass is enough.

    If you're using an ATA disk and want to be certain you're overwriting every sector (including bad/locked/hidden ones) there's an inbuilt Secure Erase function:

    https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

  • I think OVH/Kimsufi overwrites the disks before sending them out, I've tried to see what was on the disk before using a number of tools and nothing found...

Sign In or Register to comment.