
Amazon will not tell me what happens to their hard drives - DataRealLies
https://medium.com/@DataRealLies/amazon-will-not-tell-me-what-happens-to-their-hard-drives-976ea46c0858
======
emergie
That is one of the reasons why I encrypt every drive. Only boot partition has
to be unencrypted, the rest has to be encrypted.

It is a part of "data is toxic" approach.

I'm not willing to spend time to trace what data is stored where - db,
rabbitmq/mnesia, kafka, whatelse. Even if i did how I am supposed to wipe it
if those tools during operation probably remove old data in rm style instead
of shred-ding. Some of my clients consider their internal network
configuration to be sensitive, so even my /etc/hosts is toxic.

IMO you have to either encrypt everything or be prepared to physically destroy
your hdds with drill.

~~~
luckylion
100% agree, and encrypting is better than physically destroying, because your
hardware might just get stolen (or confiscated), at which point it's a bit
hard to physically destroy them.

For anyone worried about the overhead of encrypting for writes and decrypting
for reads: barely noticeable for me (though I don't do very IO intensive
things).

------
cjbprime
I expect they sell them along with other returned items by the pallet for very
low prices, without doing any kind of wipe or QA check at all.

