Securefast Key Blank

[Lilliana Adames]

TheUncut Key Blank for Guard Security 1672 is a must-have for locksmiths and key cutting professionals. This high-quality key blank is made from durable materials and is compatible with Guard Security 1672 locks. It is uncut, allowing locksmiths to easily customize it to fit their customers' specific locks. The key blank is also a great replacement for lost or damaged keys, and is also great for use as a spare key.

From the answers that have come in so far, it seems there is no cutting corners.My best bet is probably setting up a lab-computer to erase multiple disks at once. One more reason to ask big companies for donations :-)

To make your DBAN runs more convenient, do you generally remove drives from hosts? If so, have a fairly low-power desktop aside with multiple SATA ports. When you have a couple of drives ready for wiping, set them all up on this one machine and wipe them with a bootable DBAN ISO or a netboot DBAN session. Then leave the machine running until the last one is complete.

Second, do you have a workflow of storing donations then processing them? Or do you accept the hardware in, test it, wipe it and then store the items for use? I'd suggest you make a pipeline that works for you, and make DBAN a stage in that pipeline. So when you pull a machine from the store, its already wiped as well as known-good.

TRIM tells the SSD to mark a LBA region as invalid and subsequent reads on the region will not return any meaningful data. For a very brief time, the data could still reside on the flash internally. However, after the TRIM command is issued and garbage collection has taken place, it's highly unlikely that even a forensic scientist would be able to recover the data.

I would obviously not trust this for serious business, but since your requirement is "good enough", it might be a viable option. Presumably it only works on SSDs as well, which may be a more serious hurdle if you're dealing with old donated computers.

There is one scenario when you can rewrite an only a small part of the disk, and most people will consider it save. If a drive was encrypted overwriting the encryption header (a place where the encryption key is stored) should make it impossible to recover.

And your burn-in period is weak tea. You're only putting the system together long enough to configure and test your newly imaged drive. So you'll be shipping defective PCs to customers (many are given to you for a reason; niggling glitches e.g. thermal problems are one such.)

Change your assembly line. Rack the PC under power, attach a KVM, and use the PC to wipe the PC. That will also give it a handy "ran it for awhile" burn-in; and if you use /dev/urandom a stout CPU/thermal burn-in as well.

You can either boot up under their Windows environment and delete all but the system files and applications, or you can boot off a CD, or if the system is capable of it, booting off a USB stick. Or, you can image the system first and wipe the freespace after your new image is installed.

If running natively under the legacy OS, there is no need to delete and wipe Windows system files and applications, e.g. World of Warcraft is 40GB of data that doesn't need to be seecure-wiped. So \Windows, \Program Files and other system directories can be excluded from the security wipe. (If they put data there, they can't fairly expect a secure wipe of it). There's a highly portable version of perl 4 that would make easy work out of this, and perl 4 is plenty powerful enough for this kind of thing.

If I was using the native OS, I'd do it in 2 passes: First delete all non-system non-app files; then fill the disk with zeroes (or copies of a system file if you're worried about CIA-tier disk forensics).

If you want this function to be "check-point-able", i.e. not have to start over after a power failure, then have it simply write immense files with random names into /tmp/ until the disk is full. On confirming the disk is full, have it remove the /tmp/ files, then remove itself.

Parallel erasure would resolve the biggest speed issue. SATA I/O speed is not your bottleneck, HDD physical write speed is the limit. Modern motherboards have at least 4-8 SATA drive connections. Set up one (or more) lab computer(s) to boot from SSD (fast). Connect 4-6 drives to be erased, then use preferred method to erase from provided approaches.

Although, I would run each drive erasure in a separate terminal, so I could watch for errors on specific drives. Drives with more than a few errors should be replaced. The SMART info from drives will give you an idea of drive age.

If you have 2-4 lab computers configured, the challenge would be keeping enough drives loaded in the lab computers to keep them busy erasing drives. Suppose you have 5 drives per lab computer X 3 lab computers = 15 drives being erased in parallel. You are finishing a batch every 30 (ish) minutes

All bets are off with SSD, they work differently. Most have much faster write speed. And none of the above erases sectors that have been mapped out of use by bad-block detection (some data may not be erased anyway).

There have been several studies done, notably a rather large study by Google, that found that after the first two years, the probability of hard drive failure reached 5-6% (per year) and increased significantly in subsequent years. Any disk over 5 years old has a substantial failure probability. Consider just retiring (destroy, recycle) hard drives over five years old.

If your OS takes e.g. 8GB, then that's 8GB of space you don't need to blank out first. Not a lot compared to 1TB I admit, but it might save you some install time as well. The more you preinstall the better ;)

I would also recommend to go the real wiping procedure of the entire disk instead of just zero filling. If someday I'd have to trust someone to destroy my data, I'd like that person to be trustworthy about doing the job right.

shred is the tool optimized for that purpouse, doing basically what dd does in an organized way. It uses less "random" data (compared to getting everything from /dev/urandom) when overwriting the disk with random data - still random enough to push an SSD out of spare blocks and make HDD magnetic analisys hard by cross-character interference, but less cpu-hungry to generate.

Then again, there is ATA SECURITY_ERASE command (and even SECURITY_ERASE_ENHANCED command), accessible in hdparm. They simply write 0's to the disk without the need to push them in the interface. On HDD, they are as fast as dd (hours). On SSD, they are blkdiscard on the whole disk. The enhanced variety tries to zero also the blocks marked as bad.

Now say three PCs come in the lab, you turn them on, place a copy of the CD in the tray, boot from the CD and continue doing whatever you were doing before, until they warn you that the work is done. Years ago I did something like that: the script would play three long beeps immediately upon starting (so I knew that the speaker worked, they were desktops and I didn't want to connect a monitor unless I really had to), then other sounds depending on the exit status.

Basically, every computer took about one minute of work - forty seconds to boot it up, twenty seconds to shut it down when it started playing either "Reveille" or "Taps". I had no privacy issues there, so I never added the dd step; but it should be easy to implement. Even if my original proposal, as @PeterCordes noticed, was flawed.

Set up a Raspberry Pi to automatically erase any USB storage plugged into it, and light up a LED when it's done. Then clone the SD card and buy a bunch of Raspberries to work in parallel. If you choose to use the ATA secure erase, with 4 devices you will be able to erase drives as fast as you can plug them. If you choose to overwrite the entire device, it will still be slow, but still 4 times as fast compared to erasing one drive at a time.

Does the incoming computer have an SSD? Find software that supports "ATA Secure Erase" and run it on the drive. What this does is tell the SSD to wipe it's internal encryption key, making the contents completely unreadable. Takes 30 seconds and is good enough for anything less than nuclear secrets.

Does the incoming computer have a spinning drive? Remove it, drill a couple of holes through the case and platter and send it to the recycle center. Get an SSD + mounting bracket from Amazon for about $50. This is far less than your time to process the old drives and sill provide much better performance. "Donated computers" implies an education environment, 200GB is plenty big enough.

And if you haven't got one already, get a 2-port hard drive dock that supports cloning. Plug in the master disk and a new blank one, press the copy button. It does a block copy so is completely OS independent. Also helps bulk-erasing the incoming SSDs.

The mobile app can be used on iOS 12+ and Android 8+ devices. Users who don't meet these requirements can still use the web interface, fully compatible with mobile browsers, at app.fastmail.com. Your device must be online to access your information.

The Fastmail app provides many security features. You can use your phone's saved biometrics to unlock the screen. You can also secure your account with an authentication app using two-step verification. Along with that, all push notifications are encrypted from our server to your device.

There are features in the app that make navigation easy and convenient. Logging into the Fastmail app does not require the use of an app password, allowing you to log in using your regular password. For navigation, there is a convenient bottom bar that allows for single-tap navigation between mail, calendar, contacts and files, and swaps to an action bar for mail or calendar views as needed. You can swipe from the left side of the screen to go back to the previous screen. Formatting can be added to your emails on-the-go using our mobile formatting toolbar. Local files can be attached to your emails as well.

Multiple emails can be selected by tapping and dragging over them. You can also select all messages by first selecting one, then the header will provide an option to select all. If you use a tablet device, using the app on it can provide a more fuller screen view of your emails.

3a8082e126