Skip the navigation

Sanitize your hard drives with Drive eRazer Ultra

If you want to make sure that your hard drive has been completely wiped, this small device can ensure that your data is gone.

By Daniel Dern
February 1, 2012 06:00 AM ET

Computerworld - CRU-DataPort's Drive eRazer Ultra ($249) is a small device that lets you "sanitize" hard disk drives -- that is, remove any data that you wouldn't want somebody else to gain access to, such as credit card numbers, passwords, financial data, photos, web histories, software license numbers or contact information. It can also wipe your entire disk, including the hidden, protected data that most free software-based utilities can miss.

CRU-DataPort's Drive eRazer Ultra
CRU-DataPort's Drive eRazer Ultra

The eRazer Ultra connects directly to Serial ATA (SATA) and IDE/Parallel ATA (PATA) drives after you've removed them from your desktop PC. (You can use the device with laptop drives if you purchase the optional adapter.) If you'd like, you can also hook the eRazer up to a computer to see the contents of the drive before performing an erase, or afterwards, to make sure the drive has been wiped.

For this review, I used a Drive eRazer Ultra on a handful of SATA and PATA hard drives taken from friends' and other computers that had been put aside for disposal or repurposing. (Note: The Drive eRazer Ultra is only intended for mechanical hard drives, not for solid-state drives (SSDs).)

Looking at the box

The Drive eRazer Ultra is 3.2 x 2.2 x 0.95 in. -- about twice the size of a deck of cards. There is also an AC power supply that is almost as big as the Drive eRazer Ultra (slightly larger, in fact, if you include the power cord). The device includes ports and data cables for 2.5-in. and 3.5-in. SATA hard drives and 3.5-in. IDE/PATA drives, along with a power-out port and power cables to use with the drives. (Drive data and power ports are standardized across these form factors.)

The company also offers a variety of adapters for use with other types of drives, such as 2.5-in. IDE drives, for prices ranging from $40 to $70, depending on the adapter.

The unit also includes a power switch, a circular four-button control (Up/Down/Enter/Back), a two-line 16-character backlit LCD alphanumeric display, and status lights for power on/off and drive/activity status. The user interface could be better -- bigger display, more buttons -- and the documentation could be clearer and more comprehensive. However, the odds are that anybody using this will quickly get the hang of it.

If you want to see what is on the connected drive, the Drive eRazer Ultra has a USB Type B port (the squarish-looking one with two angled-off corners), allowing you to connect to a computer when the Drive eRazer Ultra isn't in "Sanitize a Drive" mode. ("Sanitize" mode requires it to not be connected to a computer; if it is, the eRazer Ultra will display a "Please Disconnect" reminder message.) CRU-DataPort doesn't include a Type-B-to-Type-A USB cable, but they're inexpensive to buy.

The Drive eRazer Ultra also has a 9-pin serial port in case you want to connect to a printer and print out a verification tracking label (modeled after a Department of Defense label template) containing information such as the model/serial number, the erase method used, and lines for sign-off and release signatures. (According to Bill Head, Product Development Manager at CRU-DataPort, enabling the Drive eRazer Ultra to support a USB host connector to a printer would roughly double the cost of the appliance.)

(Story continues on next page.)

Sanitizing for security

"Sanitizing" (a.k.a. "scrubbing" or "data erasure") means erasing all digital content (including data that has been marked "bad" by the drive's own firmware) on a hard drive to the point where it can't be recovered by data-recovery programs. (As most of us already know, simply deleting a file doesn't actually erase the complete file contents from your hard drive; nor does emptying the Recycle Bin.)

If you want to re-use the drive, a non-destructive method is to write over every block on the disk one or more times. Overwriting the data with binary zeros in one pass is generally considered sufficient for most users. Some government and industry standards specify several passes; some organizations prefer to write a custom pattern rather than plain old zeros.

One concern is that most drives have one or more hidden protected areas on the drive -- in other words, not visible to the user, operating system or BIOS -- where sensitive data might lurk. In particular, hard drives may have a Host Protected Area (HPA), which contains diagnostic tools and other hard drive utilities, and/or a Device Configuration Overlay (DCO), which contains configuration data.

Additionally, if a drive's controller determines that a block or sector on the drive is faulty, the controller will transparently re-map reads and writes to the factory-defined reserve sector pool -- another area difficult to access.

There are a number of utilities available for scrubbing your disk clean, such as the free Darik's Boot And Nuke (DBAN) . However, many disk erase programs -- including DBAN -- can't reach these hidden protected areas on the drive. To fully scrub a drive, you need to be able to use a program that not only writes to the visible parts of a disk, but can also see and write to hidden areas (or "unhide" them and write to them) and also write to bad blocks.

Most ATA hard drives built since 2001 (and bigger than 20GB) have a utility called Secure Erase which, because it's not included in the drive controller, can write directly to the disk (and thus scrub it). It's possible to initiate a hard drive's Secure Erase command by using a utility such as the free HDDerase.

If you are concerned that the drive may have ultra-sensitive information that still might be recovered, you can try a hardware solution such as eRazer Ultra -- or you may simply want to physically destroy the drive.



Our Commenting Policies