Millions of perfectly good HDDs are shredded every year because of "zero-risk" security policies. Spoiler alert: There is still a risk of data theft from just 3 millimeters of scrap.

General
Millions of perfectly good HDDs are shredded every year because of "zero-risk" security policies. Spoiler alert: There is still a risk of data theft from just 3 millimeters of scrap.

People are killing innocent old hard drives. Millions of hard drives are being discarded to prevent the data left on them from being recovered or stolen, due to the unsubstantiated belief that the data on the hard drives can be recovered or stolen. Spoiler alert: that is not true. So why is it that 90% of HDDs no longer in use in data centers are shredded every year? [According to BBC News, this is a question that members of the Circular Drive Initiative (CDI) have had for some time, even though the CDI is essentially a group of technology companies and there is a general consensus that hard disk drives will be history after 2028. Despite this, driven by a passion for reuse and minimizing e-waste, they came together to fight for the dying HDD.

Companies participating in CDI include Seagate, Western Digital, Micron, and the blockchain-centric Chia Network, where my new hard drive hero, Jonmichael Hands, works.

As secretary/treasurer of CDI, he spoke to IT asset disposal (ITAD) companies about how his company recovers and reuses old data center drives so they don't go to waste. But they said, "Sorry, sir, we don't have any old drives. Sorry, the old drives have to be shredded."

"One ITAD provider told me they shred 5 million drives for one customer," Hands said. That's a travesty if you ask me. More importantly, this rather extreme, so-called "zero risk" retired HDD solution is not without fault.

After all, there are more dangers lurking in these piles of metal.

Even if you simply throw away the old hard drive, someone with the know-how may be able to recover the remaining data. So you still have that pile of turntable babies tucked away in a cupboard, don't you?

What you may not realize is that someone clever, a verified hood hacker, could take a 3mm or so piece of that platter and get some data from it. A small amount is not dangerous, but with enough time and dedication, one could put together enough images to demand some kind of ransom.

So what is ITAD's excuse for destroying all the hard drives?

There should be no excuse when the IEEE Standards Association recently approved a long list of safe ways to permanently erase the remaining data rather than mulch it into small scraps.

The secure method is called purging. There are several ways to do this, but one simple method is to overwrite the data with a new data pattern. This takes time, but seems relatively simple. Cryptographic erase is similar, but more mysterious. The latter is a faster method and simply removes the encryption key, leaving the data unintelligible to even the most sophisticated hacker.

"The era of the 'take it and break it' linear economy needs to end," says Amy Zuckerman, Seagate's director of sustainability and transformation. Seagate is one of the companies that has made a point of taking parts from old, broken (i.e., non-renewable) hard drives and recycling what cannot be used.

Let's hope CDI gets more companies on board. Because e-waste is an untapped resource of rare earths.

Categories