[17808] in athena10
Re: Can we reuse the drives from the decommissioned 'debuild'
daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Fri Nov 5 18:15:13 2021
Date: Fri, 5 Nov 2021 15:14:25 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Cel Skeggs <cela@mit.edu>
CC: <debathena@mit.edu>, sipb-hwops <sipb-hwops@mit.edu>
Message-ID: <20211105221425.GL37437@kduck.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <f1d6df0f-4e6d-bc9e-2668-3d2c523bd96e@mit.edu>
Hi Cel,
A quick (but incomplete) response since I started thinking about it:
I think that that machine mostly predates even my involvement, so we're
unlikely to get a truly authoritative answer from anyone reading here.
debuild was primarily a build machine, yes, but that incarnation may have
been used during the very early days of debathena when it was still a very
unofficial project, and I can't rule out the possibility that some "user
data" of the maintainers is on it.
I *suspect* (but again, cannot say for certain) that the main motivation
for keeping it around and in SMR was to preserve the keytabs on it, in case
we wanted to bring up a new incarnation of debuild.
Finally, since it was a build server, those disks have presumably seen
significant usage (and given when the machine was last used, the disks
themselves will be quite old, even if they haven't been spun up much
recently).
So my gut feeling is that the risk of sensitive data is probably tolerable,
but the risk of the drives failing "soon" may not be so tolerable.
-Ben
On Fri, Nov 05, 2021 at 06:01:51PM -0400, Cel Skeggs wrote:
> Hi debathena team,
>
> We sent a machine that looked like the following to e-waste as part of
> the last cleanout (it was one of the old machines that had been placed
> in the junk pile at the top of the ramp):
>
> As part of that, we made sure to remove the hard drives (as we did for
> other junk servers) with the intention of securely shredding them.
> Specifically, we recovered two 500 GB disks. However, we're now thinking
> that debuild, as a (presumed) build server, might not actually have
> actually had any sensitive user data on it, which might mean that secure
> shredding is unnecessary in this case.
>
> Could you confirm whether or not debuild had any sensitive user data on
> it? If not, do you have any objections to the drives being wiped and
> reused within the SMR for other SIPB services?
>
> Thanks,
> Cel Skeggs
> SIPB HWOPS
>
>
