What can I do? (Faulty drive with sensitive data)

SSSSD

SSSSD

SSSSD

Associate
Joined
18 Aug 2011
Posts
5
I recently purchased an OCZ Agility 3 60GB drive and installed my OS and moved all my files over; a lot fo these files containing private information that I can't afford to "leak".

Unfortunately I didn't get a chance to encrypt the drive and it is now broken. It has an amber light on the back and is undetected by any computer I've tried it in.

I contacted OCZ's RMA department explaing my issue and why I can't return it without first destroying the data. I was given the most robotic (Or stupid) responses I've ever seen. Now they are just ignoring me.

I read about destroying items in the presence of a witness (Like the police), but I don't know how to proceed as OCZ won't communicate with me at all.

Does anyone know what I should do?
 
OCZ aren't going to give you any kind of special treatment simply because of the value you place on the contents of the drive. Either send it back as is or suck it up and buy another drive.
 
rpstewart said:
OCZ aren't going to give you any kind of special treatment simply because of the value you place on the contents of the drive. Either send it back as is or suck it up and buy another drive.
Click to expand...

I'm not looking for special treatment. I'm looking for a solution to returning a faulty drive with sensitive information. Being the massive multi-million £££ comapny that they are I would expect them to have measures in place to deal with situations like this and I'm simply looking.

I've already got a new drive, but I'm not going to sit back and do nothing.

I'm not the one in the wrong here or asking for the CEO to come to my house personally with a new drive.
 
I doubt you’re gonna get anywhere with it. Consumer grade drive, consumer company.


At work as part of our warranty with Dell/EMC on the laptops/desktops/servers/SANs we don’t have to send back faulty drives, they just give us a new one and let us keep the dud. I imagine it costs a few quid adding that to our cover, but you get what you pay for in life!
 
Westyfield2 said:
I doubt you’re gonna get anywhere with it. Consumer grade drive, consumer company.


At work as part of our warranty with Dell/EMC on the laptops/desktops/servers/SANs we don’t have to send back faulty drives, they just give us a new one and let us keep the dud. I imagine it costs a few quid adding that to our cover, but you get what you pay for in life!
Click to expand...

oh well :-(

It can't be THAT important otherwise it'd already be encrypted Pay for a consumer drive you get consumer service
Click to expand...

I finished transferring stuff at the end of the day planning to encrypt the next but bad luck got the better of me.
 
SSDs pose a problem for me (or rather my clients) as they do not degauss in the same way a magnetic disk would, and data destruction software that over writes many times can take an age to nuke a drive to specified standards

The researchers, Michael Wei, Laura M. Grupp, Frederick E. Spada and Steven Swanson of the University of California at San Diego, came to several interesting conclusions:

ATA and SCSI command set features for securely destroying data on SSDs ("ERASE UNIT") were available on only 8 of the 12 drives tested and were only successful on 4 of the drives.
Repeatedly overwriting the entire disk with multiple repetitions can successfully destroy data, but because of the Firmware Translation Layer (FTL), this is considerably more complicated and time-consuming than on traditional hard disk drives. Based on their results, it is an unattractive option for most organizations.
Degaussing SSDs does not erase any of the data stored on them. While SSDs do not use magnetic storage, there was some hope that the electromagnetism might destroy the electronics in the flash chips.
Single file sanitization, the ability to securely destroy one file on an unencrypted disk, is nearly impossible on SSDs. The paper claims that even the most effective file destruction methods may leave behind more than 4 percent of the original data.
Drives that are encrypted provide the most practical form of protection. Disks can be safely decommissioned by deleting the encryption keys from the Key Storage Area (KSA) and then running a full DoD compliant erasure to ensure the keys are non-recoverable
Click to expand...

If it is that important you'll have to swallow the loss and dispose of the drive by shredding.

Another point to consider is the cost to recover said data. If the a chip on the board is faulty it would require someone of considerable skill to diagnose and repair this, which wouldn't be quick to cheap. I'd not advocate taking risks with data, especially if it's MOD level stuff... though. I'm not familiar with the actual construction of an SSD, whether the controller portion of them is on a separate board for an easy swap or not. The shred nicely though
 
d_brennen said:
SSDs pose a problem for me (or rather my clients) as they do not degauss in the same way a magnetic disk would, and data destruction software that over writes many times can take an age to nuke a drive to specified standards



If it is that important you'll have to swallow the loss and dispose of the drive by shredding.

Another point to consider is the cost to recover said data. If the a chip on the board is faulty it would require someone of considerable skill to diagnose and repair this, which wouldn't be quick to cheap. I'd not advocate taking risks with data, especially if it's MOD level stuff... though. I'm not familiar with the actual construction of an SSD, whether the controller portion of them is on a separate board for an easy swap or not. The shred nicely though
Click to expand...

Wow, thanks for the post. I don't feel bad for destroying the drive now. It's no where near MOD level stuff lol, but still important.
 
accod said:
If it was that sensitive you should have encrypted the drive before copying it there.
Click to expand...

You're basically equating not trusting OCZ 100% with my data to my drive needing to be encrpyted 100% of the time. Not only that but you have no idea what information is on it nor do you know the situation I was in.
 
Back in 1989 the MOD shipped a drive back in a demo machine we had lent them and then realised their mistake. I was kept on the phone while I "destroyed" the drive for them. I am pleased to say it lead a very happy reincarnation in my home machine :)
 
Drives are often remanufactured if the failure is not too serious so you can understand their refusal to honour the warranty unless the drive is returned. The value of the returned drive was factored into the original selling price.

SSSSD said:
You're basically equating not trusting OCZ 100% with my data to my drive needing to be encrpyted 100% of the time. Not only that but you have no idea what information is on it nor do you know the situation I was in.
Click to expand...

If you make vague, ambiguous statements you can't blame people for filling in the blanks.

If you've not looked into full disk encryption it could help you as there is no need to manually encrypt/decrypt between uses which you've found has shortcomings.
 
You must log in or register to reply here.
Back
Top Bottom