On 6/23/26 22:39, [email protected] wrote:
On Tue, Jun 23, 2026 at 03:04:38PM -0700, David Christensen wrote:
I was thinking of what happens if a disk fails, the sysadmin disposes of the
disk, an attacker obtains the disk, and the attacker successfully cracks the
encryption.  The attacker now has all or part of the plaintext data, the
plaintext metadata, and the plaintext cryptographic details at the time the
disk failed:

Never do that. If the electronics still work to dd to the first sectors
of the disk, by all means, do.


Using software to write zeroes to a drive will get the sectors that the drive controller allows the host to see, but HDD failed/ remapped sectors will still contain content; as will dirty SSD/ USB flash sectors waiting to be erased. If a skilled attacker obtains the drive at this point, the remaining data could be compromised.


ATA Secure Erase is supposed to get more (all?) sectors, but I do not know what happens with broken sectors.


I have heard of people using magnetic erasers for magnetic HDD's.


I have heard of disk shredding and/or incineration services, but that is above my scale.


My practice has been zeroes and/or secure erase, followed by a 3 pound drilling hammer.


David

Reply via email to