Data recovery and disk repair questions and discussions related to old-fashioned SATA, SAS, SCSI, IDE, MFM hard drives - any type of storage device that has moving parts
June 20th, 2020, 17:05
Hi! first post, I admit I registered specifically for this as I didn't receive a reply in the WD forums.
I have a WD My Book that is already dying after a few months of usage. It started with some corrupted files (bad sectors/access issues/freezing), and now that I finished backing everything up it has extremely slow read speeds (like 300k/s...). So I will RMA it.
But I want to make sure the data that is on it cannot be accessed before returning it. The drive has always been run encrypted with password protection using WD security.
If it it was a working drive I would just do a low level format. But I'm not sure this would work as accessing the drive seems to only randomly work.
I was thinking I might try to simply choose “Drive Erase” in WD Utilities, then reset the current password and then set a new password afterwards. does this make sense? The old data should be totally unreadable due to the encryption change?
Or am I better off trying to do a low level format anyway?
Not sure that any of my reasoning is correct so any suggestion is welcome!
Thanks!
June 21st, 2020, 2:12
Erasing the drive should destroy the original encryption key and create a new one. This process should complete within seconds. You can follow it up with a zero fill operation if you wish.
June 21st, 2020, 14:07
fzabkar wrote:Erasing the drive should destroy the original encryption key and create a new one. This process should complete within seconds. You can follow it up with a zero fill operation if you wish.
Unfortunately, with WD issuing quick, aka Enhanced Secure Erase command (that erases the keys) is not enough to ensure data "unrecoverability". In many situations the keys can be recovered along with data, even after the Secure Erase command. Filling the drive with zeros is the best way to make the data unrecoverable.
June 21st, 2020, 15:34
Doomer wrote:fzabkar wrote:Erasing the drive should destroy the original encryption key and create a new one. This process should complete within seconds. You can follow it up with a zero fill operation if you wish.
Unfortunately, with WD issuing quick, aka Enhanced Secure Erase command (that erases the keys) is not enough to ensure data "unrecoverability". In many situations the keys can be recovered along with data, even after the Secure Erase command. Filling the drive with zeros is the best way to make the data unrecoverable.
Yes, I'm aware of WD's pathetically weak security. However, the OP is returning the drive under warranty, so the security risk is essentially zero, especially since WD refer all their data recovery enquiries to their "partners".
On the (in)security of a Self-Encrypting Drive series :
http://www.hddoracle.com/viewtopic.php?f=7&t=1404
June 21st, 2020, 19:36
thanks!
I tried filling with zeros using both WD Data Lifeguard Diagnostics and HDD Sentinel, no go. Looks like the drive gets unmounted or times out when the bad sectors are reached. I was able to erase the drive and set new key, removing it, re-erasing, etc, but it it looks like accessing those sectors is impossible, even for an extended self-test (it stops quickly).
hopefully thats enough. maybe I'll let it rest a few hours and run a basic data recovery tool, just to see if it sees something.
June 24th, 2020, 23:47
You could use the sanitize command or a program that can use it...
Powered by phpBB © phpBB Group.