[h506001]

Super interested in this and would love to hear about some techniques. Used to work at a HealthTech co. We had an “appliance” that we’d send to doctor offices to integrate with other diagnostic machines on the network.

Sometimes we would send out new ones to replace the old. When we got the old ones back, it was always unclear how to purge and recommission SSD/NVME drives.

My best attempt was using GNU shred, but it wasn’t recommended for flash-based storage back then.

[fdeee]

The only proper way of disposal is physical destruction, preferrably on site and under observation of inhouse staff. There are contractors you can hire in those: https://shredsupply.com/hard-drive-shredding-trucks/ (no relation, just arbitrary google hit).

I'm also unsure as to why you are getting drives back at all, any of your customers should not have any kinds of storage devices leave their site intact. At least that is the standard over here in Europe for healthcare and other industries dealing with sensitive data.

[bshipp]

Shredding/sledgehammer is likely the best option for secure disposal of mechanical drives, but SSDs are a different animal and are likely reusable given some of the suggestions in this thread.

[fdeee]

Not really. HDD recoverability is a myth, anything overwritten isn't coming back with modern HDDs. Bits can't "bleed out" anymore, density is far too high for that.

The thing you need to guard against is relocated/reserve sectors, in HDDs same as in SSDs. The proper way to do this is full disk encryption, and if that's not possible, physical destruction.

[hedora]

Most hard disks support hardware level encryption and full disk erase at this point.

There’s very little need to sledgehammer anything given realistic attacker models.

[fdeee]

Both, HDD/SSD encryption in hardware and secure erase have been proven untrustworthy numerous times.

[h506001]

Oh, we did stuff like this for disposal. The tricky part is drives we desired to recommission.

[scns]

https://news.ycombinator.com/item?id=35069622

[Nursie]

Buy SSDs with secure erase (many of them!), they encrypt data internally. Secure-erase the throws away the key, and all the data is now irretrievable.

Job done…

[beardog]

If you trust that the secure erase part of the firmware functions properly. There was work in the last 5 years to let the OS (at least Linux) do most of the SSD controller functionality which I think would be helpful if it caught on.

[hedora]

I take your standard, solder it to a motherboard, and disable it with a TPM protected bios.

[SirGiggles]

In addition to the sibling comment, I'm surprised that there was no mention of FDE.

[h506001]

We did do some encryption with LUKS, and I’d try to write over boot records, keys, and headers, but I was pessimistic that was enough. Not an encryption expert myself. Always felt that any given encryption tech (be it hardware or software) has possibility of vulnerability later found or backdoors.

So it made sense to me that a physical erasure prior to recommission would be good. There’s also regulatory/compliance checkboxes (be them effective or not).