dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
21
share rss forum feed


koitsu
Premium,MVM
join:2002-07-16
Mountain View, CA
kudos:23
reply to elwoodblues

Re: Read only Hard drive

said by elwoodblues:

said by mattmag:

I have to think WD could care less what was on an RMA'd disk when they get it back?

I would tend to agree, but better safe then sorry....

I have some idea of what hard disk manufacturers do with RMA'd drives after they get them; ones matching certain criteria (defined by the manufacturer -- we'll never know what that is) certainly end up in an analysis and forensics lab for actual review to see what went wrong. Very low level diagnostics (usually through the serial port on the drive) and sometimes physical (clean room) analysis is done. All the results are taken back and fed into some sort of centralised system which, I'm sure, can determine if there's been a high number of failures (and on a general level, of what type) within certain periods of time (i.e. "in November we had a 3% return rate for drives manufactured in Malaysia out of plant FA8, and 90% of those were all for misaligned heads. Bob, can you please find out if there were any issues with the manufacturing line at FA8 during that time?").

Post-analysis, parts (specifically pieces of a hard disk) are thoroughly tested (much more than any kind of testing you or I can do). Ones which pass tests can reliably be reused (usually in RMA replacements; for example drives that have the "Recertified" text on them). The PCB with its controller, power circuitry, cache, etc. may all be working fine -- no sense in melting that down if it's fine, right? Same goes for shells of drives -- those are cleaned and reused. Platters and heads, on the other hand, probably have a high melt-down or recycle rate. And blah blah blah... you get the idea.

The places where you send your drives to be RMA'd are not data recovery plants. Some disk manufacturers do offer data recovery, but that's done separately at the customer's request/expense. So the only way someone would be able to get your data is if:

a) Thief intercepts package during shipping (i.e. manufacturer never receives it, shipping/receiving guy steals it, etc.),

b) An employee at the RMA company (often contractors and sometimes subsidiaries), or hard disk manufacturer, actually gets their hands on the drive and "makes it disappear" before the drive actually gets logged in their system as being received,

c) An employee deep within the bowels of the company doing analysis/forensics decides to spend a few days trying to extract all the data from your drive (without anyone noticing), then proceeds to stick it all on another drive, followed by him... what, uploading the drive contents to the Internet? Reading your Email? Selling the Email addresses taken from your address book? Sure, it's possible -- but at what price? Imagine what happens if the employer catches him. He'll never work that job (for any manufacturer or contractor) again. Ever.

I think (c) is what people think of/fear the most, and it's silly. (a) is more likely, given how nonsensical shipping companies are today. I've never heard of (a) happening; if someone has a reference/case to where it has happened I would love to read an in-depth version, and I'd even be willing to reach out to the PR dept. at the manufacturer to ask for any missing details. But in all my years I've never heard of it happening.

It's more likely that a manufacturer might replace their hard disks with bricks.
--
Making life hard for others since 1977.
I speak for myself and not my employer/affiliates of my employer.


craig70130
Premium
join:2004-04-27
New Orleans, LA
A drive manufacturer is not going to do anything with a returned drive themselves. However, I don't know how they dispose of returned drives they decide not to 'fix'.

I do know first hand that many drives returned to OEM's - Dell, etc., in the past, have been sold at what could be described as garage sales for pennies on the dollar. However, my first hand knowledge is from 20+ years ago.


elwoodblues
Elwood Blues
Premium
join:2006-08-30
Somewhere in
kudos:2
reply to koitsu
There is nothing confidential or personal on that drive, just "linux distros".

Strangely enough, they sent me a new drive, not refurb/certified one.


aurgathor

join:2002-12-01
Lynnwood, WA
kudos:1
Reviews:
·Frontier Communi..
reply to koitsu
I think people who know that those are RMA-d drives, highly unlikely to steal them, or trying to extract data from them. Why steal a drive that could be a paperweight, and why waste time on recovering possibly worthless data?

However, there is another possibility:
d) manufacturer tests the drive -- No Problem Found, gets reboxed and resold as a refurb with all the data on it intact.
--
Wacky Races 2012!


Bill
Premium,VIP
join:2001-12-09
reply to craig70130
said by craig70130:

A drive manufacturer is not going to do anything with a returned drive themselves. However, I don't know how they dispose of returned drives they decide not to 'fix'.

Drive manufacturers do look at field returns, especially on "enterprise" drives like the OP is RMA'ing. They want to figure out why drives are failing in the field, how they could potentially lessen returns on the product via a FW update, or whether it's something that'll have to go into a future product.

That said, field returns are normally going to be categorized into certain failure buckets. Often times the return can be easily categorized without digging too deeply into the drive and without having to look at any user LBAs. If for some reason the drive doesn't fall into one of the pre-existing failure buckets, then more investigation has to take place and that could involve having the drive run through one of the manufacturer's more in-depth FA tools, which could include a scan of user LBAs, but is not going to involve reconstructing the file system on the drive to where they could see your files.

If I had private/confidential information on the drive I'd wipe it first to be safe. But if the data isn't private don't worry about it.