RAIDZ2 drive replacement

Status
Not open for further replies.

tomvm

Cadet
Joined
Dec 4, 2017
Messages
1
Hi,

After about 18 months of trouble-free service, one of the drives in my FreeNAS 9.10 box died. Since the drive is still under warranty (last month), I immediately requested an advanced replacement from Seagate ($12.70).

However, after re-reading the conditions of the replacement agreement, I am having second thoughts... The agreement states that the returned drives may be "processed" in a country with privacy standards lesser that those of the US, i.e., unlike in the US, there are no guarantees that the drive will be correctly data-sanitized. While the terms stated for processing the drives in the US look pretty firm, this got me spooked.

So here's my Q:
  • What data can be gleaned off one drive taken out of a set? (ZFS RAIDZ2, 4 drives, one volume, no encryption)
My question is in the context of data privacy, not data recovery. I have sufficient backups, the server is off, and the pool was only DEGRADED.

I tried to read up on the Forum and the web to answer this, but do not understand enough of what I did find. My FreeNAS box holds about 1 TB of mostly family pictures and music, but there are also backups of financials, family documents, and such. Not exactly top-secret, but not public either.

Normally, I would render the returned drive unreadable by zeroing some strategic sectors. Alas, this particular drive does not spin-up (more specifically, spins up, clunks twice, and spins down for good) so this is not possible.

Should I worry about returning this drive? If so, maybe I should return the replacement and just buy a new one.

I'd greatly appreciate advice/opnion on this.

Tom.


Hardware:

SUPERMICRO MBD-X10SLL-F-O uATX Server Motherboard LGA 1150 DDR3 1600
CPU INTEL|CELERON G1840 2.8G 2M R
Crucial 16GB (2 x 8GB) 240-Pin DDR3 SDRAM ECC Unbuffered DDR3L 1600 (PC3L 12800) Server Memory Model CT2KIT102472BD160B
4 x Seagate NAS HDD ST2000VN000 2TB 64MB Cache SATA 6.0Gb/s Internal Hard Drive
iStarUSA BPN-DE340SS-BLACK 3 x 5.25" to 4 x 3.5" SAS / SATA 6.0 Gb/s Trayless Hot-Swap Cage
SeaSonic SSR-350ST 350W 80 PLUS BRONZE Certified Active PFC Power Supply


Status report:

Checking status of zfs pools:
NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT
FNZ2_pool 7.25T 814G 6.45T - 3% 10% 1.00x DEGRADED /mnt
freenas-boot 7.44G 2.16G 5.27G - - 29% 1.00x ONLINE -

pool: FNZ2_pool
state: DEGRADED
status: One or more devices could not be opened. Sufficient replicas exist for
the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
see: http://illumos.org/msg/ZFS-8000-2Q
scan: scrub repaired 0 in 0h50m with 0 errors on Sun Nov 12 00:50:55 2017

config:
NAME STATE READ WRITE CKSUM
FNZ2_pool DEGRADED 0 0 0
raidz2-0 DEGRADED 0 0 0
gptid/6ae1cb76-2dce-11e6-a778-448a5bca7639 ONLINE 0 0 0
10224831524614460661 UNAVAIL 0 105 0 was /dev/gptid/6b84fd98-2dce-11e6-a778-448a5bca7639
gptid/6c1db5af-2dce-11e6-a778-448a5bca7639 ONLINE 0 0 0
gptid/6cbe7067-2dce-11e6-a778-448a5bca7639 ONLINE 0 0 0

errors: No known data errors
 

SweetAndLow

Sweet'NASty
Joined
Nov 6, 2013
Messages
6,421
Yes you could probably read the data or parts of it but it would cost a couple hundred thousand dollars to do it. They will have to repair the mechanical parts then piece everything back together but missing 75% of the puzzle. If your finances are so important throwing the disk away is no big deal. If they are not important then no one is going to try to recover them.
 

fabiob

Dabbler
Joined
Dec 4, 2017
Messages
15
Hi Tom, this is why encrypted pools are made. :)
In case of ZFS, if they dump a single disk data, they will find messy and incomplete chunks, but they are unencrypted.
You can try to partially erase the disk.
Put your faulted disk inside a desktop pc with a live linux distro and :
Code:
dd if=/dev/zero of=/faulted/device conv=noerror,sync
 

Arwen

MVP
Joined
May 17, 2014
Messages
3,611
Something else to consider, compression. I usually turn on LZ4 compression on the top-level dataset and let in be inherited all the way down.

With that, you get this;
  1. ZFS is not a common file system that data thieves normally process
  2. A single disk from a RAID-Zx complicates any data thieves work
  3. Compression ups the ante even further
Of course, some people swear by the big magnets or de-magnetizers, even with metal enclosed hard disks.
 
Joined
Jan 18, 2017
Messages
525
I sent a drive to Seagate that contained that exact content on a Z2 pool last week, it's valuable data to me but not really anyone else. Like stated above there are only fragments of the data available on the disk and my net worth is so low it would cost an identity thief more than they can make lol
If you feel strongly about it send the seagate advanced RMA back destroy your failed disk and purchase a brand new drive, I destroy all my none warranty drives before I dispose of them.
 

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,194
What data can be gleaned off one drive taken out of a set? (ZFS RAIDZ2, 4 drives, one volume, no encryption)
Don't forget that your drive is likely to be processed by a severely underpaid employee who probably knows as much about data recovery as my cat.
 

tvsjr

Guru
Joined
Aug 29, 2015
Messages
959
Of course, some people swear by the big magnets or de-magnetizers, even with metal enclosed hard disks.
The truly paranoid just turn it all into dust. Then you don't have to worry about calibrating magnets, dealing with SSDs, etc.
 
Status
Not open for further replies.
Top