ShredOS is a USB bootable (BIOS or UEFI) small linux distribution with the sole purpose of securely erasing the entire contents of your disks using the program nwipe.
Can it erase the embarassing moments from my past that keep me up at night?
I guess you could use any other distro for this that has a live boot, no? Still handy though
Back when I used to work for others, I would always remove the disk drive and replace it with an identical uet fresh out of the box one and a fresh Windows install. A few hundred dollars and a little work is a small price to pay.
That’s not worth the price at all. There is really no risk
Freelancers take about 100$ pee hour where I live. (and thats a low rate, usually it’s more)
Whith theoretical possibilities like https://arxiv.org/abs/2307.10192v1 you still have to do multiple passes, which takes hours, even on an NVME.
Even running something like https://par.nsf.gov/servlets/purl/10446654 takes more than an hour.
A new 1TB nvme can be had for 60$ on amazon. Swapping it takes 5 minutes. So unless the client pays for the time, it is not worth it.
When I worked in an IT office, we often had multiple erase and clone processes going at the same time. We used machines like this: https://www.amazon.com/StarTech-com-Bay-eSATA-SATA-Standalone/dp/B005CQ12W2 (First search result). We started the process and worked on other stuff. We had a flat fee of €40 or something for a HDD to SSD upgrade (clone + erase + installation). The actual work was 15-20 minutes.
Nobody is wasting actual time when you can just have the process going when doing other stuff.
I agree that it is worth it at scale, but for a freelancer it won’t make much financial difference getting a new drive after a project.
GDPR laws are a big part of it. It’s illegal to not protect the privacy of your customers. We even shipped the erased disks to a specialized company.
But also, the only way for this whole “just get them a new disk” to be profitable is if you resell the old disks as new disks. Which just sounds like evil capitalism to me.
I don’t think we are arguing about the same scenario at all.
Here is an example of what I have in mind:
- I work as a freelancer on a customers project.
- In my computer I have an 128G NVME (15$) which is seperate from my OS where I put the data the customer entrusted me with and the project files
- After the project, I take that NVME out, put it in a box on a shelf and buy a new one (15$) for the next project
- Some time after project completion, I can either trash the drives or send them in bulk to some data erasure service, or leave them on my shelf for ever.
As opposed to
- After the project, I take that NVME-1 out, put it in a box on a shelf and buy a new one for the next project (NVME-2)
- for the project after that, I again take out NVME-2 and put it on a sheld, I get NVME-1 from my shelf, put it in, run secure erase for multiple hours before I can start working on the next project.
My argument is, that the cost of the first process is negligible compared to the effort and hassle of the second process, for a freelancer that earns over 6x the cost of such drive per hour.
My scenario was indeed handling the drives of customers themselves.
For your scenario I would just use some encrypted filesystem.
