![](https://seccdn.libravatar.org/avatar/25bbc96d9c53647354cb724e744b2222.jpg?s=120&d=mm&r=g)
On Wed, Jun 11, 2014 at 12:30 PM, Lew Wolfgang
Hi Folks,
I'm in the position of having to decommission some old servers and desktops. Part of this process is for me to certify that there is absolutely no sensitive data left in the motherboard. If I can't in good conscience make that determination we'll have to separately destroy the motherboards. Does anyone have any thoughts? How can I flush the flash? Is there some way to even look at BIOS contents?
I know that there are ways of clearing CMOS memory, but I'm wondering about any other non-volatile storage that might lurk there.
Regards, Lew
Lew, I suggest you are being paranoid unless the machines held government top secret data. For almost all uses, the destruction of all user accessible data is considered appropriate.
From that light, normal user applications have no access to CMOS / BIOS storage so it is not a likely repository of confidential data.
Along the same lines, hard drives have spare sectors and damaged sectors that are typically not user-accessible. If your requirements are so stringent that motherboards must be destroyed, then under the same presumption hard drives must also be physically destroyed. fyi: The only medium I advise my clients must be physically destroyed to ensure the destruction of data is flash memory like thumb drives and SSDs. The reason for my opinion is the definition of user-accessible sectors is highly dynamic with that media due to wear-leveling mechanisms. Thus a significant amount of data written yesterday, may not be user accessible today, but the data may still exist and be recoverable via chip-off forensics. Studies have shown significant success at recovering non-user accessible data via chip-off forensics applied to SSDs. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org