[Cryptography] Magnetic media destruction question
Jerry Leichter
leichter at lrw.com
Tue Jan 13 17:14:00 EST 2026
>> For harddrives (including solid state ones) I'd say first always encrypt
>> everything (well, close to everything) on them, that way losing the keys
>> is the first step to destroying the data on the drives.
>
> I remember an ex-colleague of Nico and I (who I think is on this list) saying “All Disks/Tapes leave the datacentre eventually”. Implying that encryption from day one of use is important and you can’t assume you will get to overwrite. Specifically because some of those disks/tapes are unserviceable when they leave and you can’t perform software based overwriting at that point, only physical destruction.
The details have no doubt changed, but in Google datacenters 15 years ago or so, the process was:
- Every new disk entering the data center is given a unique identifier, visible on the outside.
- The life history of every disk in the data center is tracked - where it goes, what it's used for, and ultimately when it dies.
- No disk that ever entered the data center as a functioning device ever leaves except as destroyed material.
I don't recall the exact mechanism used for destruction, but it was quite violent and didn't, as far as we could tell, leave anything recoverable behind.
All potentially sensitive data (probably all data) was also encrypted before being written, but for stuff actually leaving the data center, physical destruction was the name of the game.
-- Jerry
More information about the cryptography
mailing list