I've got a number of older hard drives I'd like to destroy to the point where ordinary effort by someone like me makes them unreadable. I tried drilling a hole through one of them, and it worked, but it was surprisingly hard to do, the hard drive case is I guess fairly hard steel.
I'm thinking I should probably do encrypted drives from now on. The time cost to wipe drives by writing random data is in the hours and hours now.
@dlakelan you can use LUKS with a key file instead of a passphrase, that should do what you want (if I'm understanding correctly)
https://wiki.archlinux.org/title/Dm-crypt/System_configuration#Unlocking_with_a_keyfile
Can you do it at boot though? Like, / is encrypted and an initramfs knows to mount the /keys partition and grab the keyfiles there?
It's probably good enough for me to do /home on an encrypted partition and have / mount /keys and use that for keyfiles for /home. You don't learn much by knowing what software I've installed on /
For manual control and maximum security on a few systems, use Method 1 (Dropbear SSH). It is reliable and simple to set up.
For a fleet of servers that require automatic reboots, Method 2 (NBDE with Clevis/Tang) is the best choice, offering a centrally managed and automated solution.
If your server has the necessary hardware and you need fully automated reboots without network dependency, Method 3 (TPM) offers a highly secure and convenient option.
Everything I've read about "giant magnet" suggests it really has to be GIANT. Some literal demagnetizing tools for things like audio tape or wrenches or whatever have been used on hard drives to no good effect. I have a drill press but yeah I think it needs quality bits, and you have to do pilot holes at smaller diameter and then bigger hole.
one I've seen is to shoot a hardened concrete nail through it with a powder driven nail driver. Kinda works.
Opening it up and removing platters is annoying as hell and takes way too long and requires special screw drivers. This really needs like a double-rollers to crush the case open and slide into an oven at 2000F for a half hour or something.
@dlakelan There's no easy "reasonable" way to wipe drives safely. Overwriting terabytes repeatedly takes *seemingly forever*.
Taking the drives apart and recovering the magnets and platters for art projects is one way.
You will never get a fingerprint off the platter. 🤣
hammer a nail through the platter
yeah i've seen that one, mainly via a powder driven nail gun and hardened concrete nails... seems likely fastest and ok level of security
Daniel Lakeland
Julio J. 🀲
slatey
Alexey Abramov
Jessamyn
WTL
Mike Jackmin