I have a couple of old laptops lying around and want to throw them away, but have been cautious to do so because of privacy concerns of data still on the hard drives. What is the best way to wipe them? Or should I take them out and physically destroy them?
They are running windows vista and 10 I think.
I like to take the hard drive(s) out and either drill holes in them or beat them to pieces with a big hammer.
Dear old Dad worked in IT, and he had a clearly marked “hard drive eraser”. It was a 20 pound sledgehammer.
Doesn’t that still leave most of the data on it? You don’t even bother erasing the drive first?
It takes far more work to recover data off of smashed platters than Joe the average users data is worth. There’s very few ways to make that data completely nonrecoverable. Even zeroing the drive isn’t 100% safe from someone with the right resources and knowhow. Just smashing the platters makes data recovery enough of a pain that it’s almost never worth it.
Data on a HDD that’s been overwritten with zeros or random data is unrecoverable with all known current technology.
In theory it might be possible to recover something with some future tech that hasn’t been invented yet, which is why the DOD standard requires erasing with multiple passes, but there isn’t currently a (publicly known) way of doing it.
SSDs are a bit tricky because of wear levelling, but usually two full overwrites of a SSD makes it just as unrecoverable.
The easiest options in order of effectiveness, and how to bypass them:
- Do nothing.
- Reset Windows or erase all files you don’t want to be found. To recover from this you need a specialised piece of software that will recover the files, but not the names or locations, so while the actual data is easily recoverable, the person would need to sieve through most files you’ve had in your PC since forever with no order.
- Zero the disk, my way to do this would be to boot a Linux USB and run for example
dd if=/dev/zero of=/dev/sda, this will delete EVERYTHING on that disk, including windows, partition table and the bootloader. The way to recover from this involves specific hardware and a sterile lab, unless the authorities are investigating you it’s very unlikely someone will recover from this. - Multiple passes with zeroes and random data, the way I would do this is the same as above but use
/dev/urandomfor theifparameter, run it multiple times, then run once with zeroes. Theoretically it could be possible for the same lab as before to recover some data if the machine ran out of entropy and didn’t wrote actual random data, and someone could predict the random data and compensate for it on the residual magnetic field, but it’s highly unlikely. Almost no one would be able to recover this, and if someone can they will charge A LOT. - Physical destruction, e.g. drill a hole or smash the disk for an HDD, break the chips for an SSD.
All of that being said, why throw it away? Why not sell it or use it to self-host something cool like a media centre or a steam machine if the laptop is good enough.
Laughing at all the Hollywood shit in this thread. A single pass erase (or ATA Secure Erase, if they are SSDs that support the command) is more than enough. Nobody is going to waste time and money recovering data of unknown provenance from a landfill.
HDDs also support ATA Secure Erase, although it will take a few hours rather than the few minutes it would wirh an SSD.
Hammer, then marinate for atleast 30 mins in soya sauce, onion, garlic, herbs, then bbq, eat and poop in 3 different bathrooms across the city. Pro tip, sprinkle with olive oil each side while on the grill.
-
There are companies you can pay to physically shred your disk drives. You have to be able to trust them of course for this to work.
-
Or if you want to DIY, you can drill or smash your drives. Just wear eye protection, etc. Making the drives inoperative like this is the only thing I’d trust, but you can also software-wipe them first.
Yeah, we have a company that does e-cycling events every month. I usually go there once every 3-4 months with my various electronic goods,
It costs (currently) $5 a drive, but they shred the drives on site, AND bring you to where they shred them to watch to ensure they get shredded.
I personally remove the hard drives from any enclosure/laptop/desktop after wiping as a force of habit, as they charge an additional fee to pull the drives out for you.
If you’re in the states, you can usually look on your county government’s website for when e-cycling events occur. The ones where they’re quarterly at a centralized location such as a mall parking lot, or a park parking lot, you’re likely going to have to rely on them shredding elsewhere and you cannot be certain they’re destroyed. However, the places that do the e-cycling at their own center, you’ll likely be able to do the above and watch the drives be shredded.
As others have said, destroying with a drill or the like is more than adequate, however the MOOP from it isn’t great for the environment, animals, or your feet if you happen to do the destruction inside / outside your home.
