homepage Welcome to WebmasterWorld Guest from 54.198.46.115
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Hardware and OS Related Technologies / Webmaster Hardware
Forum Library, Charter, Moderator: open

Webmaster Hardware Forum

This 31 message thread spans 2 pages: 31 ( [1] 2 > >     
Researchers Continue To Find Sensitive Data On Discarded Hard Drives
engine




msg:3908659
 2:41 pm on May 7, 2009 (gmt 0)

Researchers Continue To Find Sensitive Data On Discarded Hard Drives [news.bbc.co.uk]
Sensitive information for shooting down intercontinental missiles as well as bank details and NHS records was found on old computers, researchers say.

Of 300 hard disks bought randomly at computer fairs and an online auction site, 34% still held personal data.

Researchers from BT and the University of Glamorgan bought disks from the UK, America, Germany, France and Australia.

The information was enough to expose individuals and firms to fraud and identity theft, said the researchers.

How many more times do people have to be told!

What to do with an old HDD [webmasterworld.com]

 

bill




msg:3909222
 8:18 am on May 8, 2009 (gmt 0)

I'm really surprised to see this topic again.

On the corporate side I see some pretty intense wiping going on in my company. Before returning leased hardware everything has to go through some intense wiping and formatting.

However, I know it only takes one lazy instance to let a disk out of your possession without taking the necessary precautions.

This might be a good selling point for native drive encryption [webmasterworld.com].

tangor




msg:3909296
 10:27 am on May 8, 2009 (gmt 0)

I hope those 34% drives with info were not guberment drives. :)

Most drives I transfer to new systems for clients I mechanically dismantle and fiddle with a hammer, electrocmagnetics, and a sandblaster. Perhaps not as through as real guberment tactics, but pretty josh darn good.

I charge extra for the service, otherwise just give them the drive back and it is up to them.

2clean




msg:3909299
 10:31 am on May 8, 2009 (gmt 0)

I've still got a few bags containing the Hard Drives from my machines of the past. You never know when they might need resurrecting. A bit like your Windows 98 disk! Never throw it!

henry0




msg:3909300
 10:32 am on May 8, 2009 (gmt 0)

popularmechanic recommends drilling four holes all the way through. Or if you may open up the hdd and sand down the disks.

Untested: What's about baking'em one hour at 500?

Personally, I do not own a sledge hammer, nevertheless I always use a regular heavy hammer, it does the job very well.

Here in CT there is a corp that comes to your biz place and claims to 100% rem your data from old hdd.

kaled




msg:3909304
 10:47 am on May 8, 2009 (gmt 0)

It seems to me that there's a market for a black box into which you can plug a drive, press a button and have it wiped. Surely, the hard disk manufactures could design and sell such a beast for about $500. (It would need ATA,SATA and possibly SCSI interfaces and ideally, the ability to wipe two or three drives simultaneously).

Of course, if bios writers provided this facility, there would be no problem. They used to provide a "low-level" format function but you don't see that any more.

Kaled.

tangor




msg:3909317
 11:19 am on May 8, 2009 (gmt 0)

Seems to me I've recently read an article on The Register where a company will drive to your site with a DISK SHREDDING machine and chop it into little bits. Seems like a plausible biz...though I, being the Doubting Thomas, would like tp see MY DRIVE actually dismantled rather than getting handed a bit of chewed junk that is reported to be my drive. Too many scary scenarios possible...

Meanwhile, I destroy critical drives by hand, as needed, then deposit the bits and pieces here, there, and everywhere (according to disposal codes). Those drives that contain credit card numbers never leave my side (so to speak). Don't have too many, but is more than one.

Your mileage may vary.

Gomvents




msg:3909318
 11:20 am on May 8, 2009 (gmt 0)

You can also hire Mobile Shredding companies for top security for example [youtube.com...]

But seriously, for most people using a hard drive wiper software, then beating the drive with a hammer or drilling some holes through the platter will disable it enough.

Personally, when I need to dispose of old hard drives I first wipe them with a hard drive wiping software, then smash it with a hammer, sand the whole drive a bit, leave it in a jar of salt water for a few days then toss it in the trash.

If someone is still able to get data off the drive at that point they deserve to have it!

henry0




msg:3909320
 11:24 am on May 8, 2009 (gmt 0)

There are quite a bunch of degaussers on the market
BUT disposing of corpo or personal data depending where they come from is also addressed by a few new laws.
As such a good degausser is meant to disallow for a 100% hdd cleaning.

maximillianos




msg:3909359
 11:53 am on May 8, 2009 (gmt 0)

I've always been paranoid about this. That is why I have like 10 old hard drives sitting in a magnetic box in my basement... Kind of like keeping Superman captive with Kryponite... ;-)

tangor




msg:3909364
 12:08 pm on May 8, 2009 (gmt 0)

Old time musician. Big time recording studio. Magnetics, degaussing, etc. well known. Works for tape. Platters so so well. Security requires all best efforts. By the way, drilling a few holes does not prevent recover of data. Been there, done that, got 90 percent. Up to the client to fill in the ten percent. But we did recover.

And in this world of hard drives/data storage, we have to be on top of this. Most serious.

I have no experience for SSD, but can those be truly wiped? Magnetic is a no, until substrate is sandblasted off the platters.

henry0




msg:3909375
 12:20 pm on May 8, 2009 (gmt 0)

If drilling holes is not perfect then hammering them down
is neither the perfect panacea

tangor




msg:3909378
 12:36 pm on May 8, 2009 (gmt 0)

Hammering does not work. Distortion of the metal substrate can be addressed. Want to bet the farm on that?

As I said. Been there, done that. And I'm not NSA. Just a joe bloke computer geek.

EDIT...

Sometimes with more time on his hands and client with more money than Carter has little liver pills.

Webwork




msg:3909386
 1:00 pm on May 8, 2009 (gmt 0)

Splitting maul [en.wikipedia.org].

Works nicely for hard drives and hardwoods.

Gomvents




msg:3909419
 1:49 pm on May 8, 2009 (gmt 0)

Webwork, be sure to wear work gloves, safety goggles, and steel-toe boots!

maximillianos




msg:3909495
 3:04 pm on May 8, 2009 (gmt 0)

How about chaining them to a cinder block and dumping them in the Atlantic about 6 miles out? The salt should do a number on them over the hundreds of years before they are found...

I see a new business model forming...

tangor




msg:3909512
 3:15 pm on May 8, 2009 (gmt 0)

What part of ferro magnetic do we not get? Must separate same from the substrate. In really tiny particles. Youse guys doing websites yourself for bucks no biggie. Those of us who do that AND do corporate there is a different standard. No slam against the google kiddies, but there IS a difference. Do the research. And if you have it in a box in the basement you failed your client. Period.

Look to the topic once again: SENSITIVE DATA. Some of us make it disappear. What I've heard so far doesn't fall into that category.

kaled




msg:3909513
 3:16 pm on May 8, 2009 (gmt 0)

Physical destruction is not necessary. Wiping by writing random data over the whole drive is sufficient. Usually, it isn't even necessary to repeat (but can keep people happy).

I am surprised that data can be recovered after drilling holes through the drive, but, if wiped properly with random data, no useful data could be recovered by the combined efforts of NASA, CIA, FBI, MI5/6 GCHQ, etc.

Incidentally, if anyone feels the need to destroy their own drives when no longer needed, answer me this question...

Given that computers can be stolen, why aren't you using whole disk encryption? And if you are, what do you think is achieved by destroying a fully encrypted drive?

Kaled.

tangor




msg:3909529
 3:31 pm on May 8, 2009 (gmt 0)

Like that thought. Keeps me in biz these days. Thanks for the chuckle.

incrediBILL




msg:3909759
 8:30 pm on May 8, 2009 (gmt 0)

I used to work in the HDD industry and this is my regimen:

To start, overwrite all the data across the entire drive a couple of times to ensure thorough saturation using tools like a real low level reformat of the drive, or WIPE and ZAP. Do not use a high level reformat as all your data will still be there, just the directory rewritten, low level reformat is the only way to go.

Now extract the platters and DeGauss the little buggers.

Last but not least, bust them into little pieces because to the best of my knowledge there is no tool available that can read a Reformatted DeGaussed HDD 100 Piece Puzzle

henry0




msg:3909829
 10:12 pm on May 8, 2009 (gmt 0)

Now how will you reformat if your hdd fail before being ready to discard it?

incrediBILL




msg:3909831
 10:20 pm on May 8, 2009 (gmt 0)

Just skip to DeGauss and bash into 100 pieces, close enough.

If you can find a local smelter, toss it in.

Leosghost




msg:3909886
 12:58 am on May 9, 2009 (gmt 0)

@ henryO .."salut Henry"...( and anyone else who wants to know how to do it right) drill 2 holes ( right through and out the other side )..one at the end furthest away from the circuit board and one at the side nearest it ..both must pass through the HD discs..then submerge in bucket of hydrochloric ( at 1 mol ) acid for 24 hours ..then submerge in bucket of sulphuric acid ( also at 1 mol )..3 days ..sleep easy :)..and if it makes you sleep any easier then run an oxy torch or a thermic lance over the thing but it's overkill

with respects to various posters above ..there is an awfull lot of "batmans belt" syndrome in this thread ..

and we've been over this bone here before ' bout 3 years back ..nothing in "spinning" HD tech has changed since enough since then to change squat from what we knew then ..which is what I posted then ( and I think so did kaled and bill and "2" and "others" ..and some of them didn't use the same names as they do now ;)..and again now ..

solid drives ..discs ..thumb drives etc ( all of your "boot it live" " stuff be it doze ( any flavour ) ..or any "nix" or "nux" ..( I, like many here have bunch of 'em , ranging from 4 gigs to 64 gigs ..plus a light weight "netbook" to help them talk to unsecured networks and wi-fi points if needed ) ..can "kill" any key beyond all hopes of ressurection by dropping it into a 'lil' bottle of acid that sits in your pocket and is no risk to you ( quick method ) ..and a plumbers propane torch or a solid state camping stove or even at pinch a zippo and a pair of improvised tongs will "kill" all ..

Since joining WebmasterWorld ...I made ( amongst others ..'aint getting any younger ..so diversifying what I could sell on ..sort of like pubcon or crawl wall ..you realize that you know stuff that others dont ..or that they dont know how to market ) a "side business" in data recovery ..( stuff that people or businesses need to get back from their machines or cards or cameras or thumb drives or whatever )..so.

you cant read cluster tip data from melted or acid dipped storage ..except if the container responds to "Arnie" in the movies.

that said ..

I have many hard drives ..with all kinds of left on them "confidential" data ( Lan guys or in house IT dept folks ) who thought that software that "7" wipes and you were done ..that are full of data that I should n't be able to read ..mostly government stuff ..machines bought off Ebay from companies who buy it in bulk from the governement when the depts "upgrade" ..and the staff people are too busy rolling out all the new machines and the associated software to "kill" every old machine ..so health records legal , papers and internal government memos etc stay on old drives ..not even a basic format ( which does nothing to stop the inquisitive but at least shows that the IT dept knew what "format" meant ) ..even had "sensitive" stuff show up ..we tell the "powers" ..what we got ..they are shocked ..they will "fix it" ..they are effusive with their thanks ..presumably they then talk to their IT contractors ..and the next batch we get has still more stuff that should have been left on it ..

*****and this is without counting the machines which show up at the local municipal dumps ( with whom I negociated a recycling deal )..old RAM is more expensive than new RAM and some people .."me" and others collect old machines ..pcs and macs etc ..and need parts ..*****

the dump is ..where the local plumbers and carpenters etc who all have local "IT" specialist companies ( who mainly sell them a new machine and new accountancy software every 24 months ) ..go to dump their machines which they have been told are "obselete" and they can replace as business expense ..so "dump it" ..and they do dump it .. with all their accounts still on it ..and frequently their pron surfing history too ..with their names and addresses and all one would need to make their lives misery and or steal their identities their bank account details ..tax returns etc etc ..

ditto the machines dumped by private citizens ..especially the pron and the banks details ..left when they "upgrade" ..or when they worry about their wives seeing their surf history ..lot of recent machines hit the trash that way ..

only ever found one instance of child pron on a machine 'til now ...and it was reported ( as per our TOS which customers sign to before we "recover" )to friends in the local ( french ) police unit specialised in "protections des mineurs"..( watching out for kids ) ..it was cloned ( in case static zapped it's board as we took it out took it out and made it harder to read in depth )..and then we gave the guy a new HD ..put his other data back ..and took away the evidence .

the business man was totally innocent ( actually thought that his bass sub woofer box ..was his hard drive !..had bought the computer and it's net access on the recommendation of his accountant ..this was year 2002 ..)..but his accountant had been using his bosses machine to do his "research" ..and had actually used his own name to sign up to the illegal sites " named cookie traces and all " ..and he had then formatted the HD ..and then told the business man he had a virus in an email ...and the machine was scrap ..
soi before it was "scrapped" we were asked to take a look at it ..

rolled back the format ..and looked for what had happened..expecting klezH or similar ..

evidence took 5 minutes to get ..and I wasnt even looking for it ..just a lot of jpegs in the recycle made me wonder ..recovery showed them for what they were ..
Our TOS says that if we find Kpron ..or "similar" we make a call and the first call is not to the client ..

confidentiality? ..

I am not a lawyer ..so our TOS ( written by lawyers ) says what we do keep to ourselves and what we dont ..

plus ..I have a son ( at that time he was 4 years old ) now 16 ..would be the same TOS if I had a daughter..

some companies TOS are closer to those of lawyers or doctors ..I dont need money so bad as to have their kind of TOS ..

apologies ..long post ..mais ..subject has many ramifications ..legal ( depending on which juristictions apply where you are or where you are "incorporated" ), moral , ethical , technical abilities ..or developments etc

incrediBILL




msg:3909900
 1:56 am on May 9, 2009 (gmt 0)

I agree with you, 100% destruction is best.

However, I used to work in HDD labs and the hardware is nothing like it used to be.

Back in the old days platters were made of different alloys which expanded and shrank during start up and cool off, as the drive warmed up, tracks shifted, etc. which meant the media had data written outside of it's intended threshold making recovery often as easy as slightly offsetting the read head on a reformatted drive.

Basically, much of the physics that made erased data recoverable also caused HDD failures as tracks were written slightly out of synch, which ultimately caused track failure, yada yada, better alloys, less overwrite.

Additionally, older write heads were much larger and used more power and carved a bigger path thru the media (trust me, spent lots of time with read/write heads and oscilloscopes looking at the "ghost" data) which was a problem that had to be eliminated in order to increase track density to increase overall drive density.

Today the materials don't have those same physics issues which allowed track density to increase and vertical data writing, which is all so precise that a low level format is actually pretty good at eliminating all traces withing reasonable limits these days.

Then toss it in a smelter, done. ;)

[edited by: incrediBILL at 1:58 am (utc) on May 9, 2009]

henry0




msg:3910022
 10:08 am on May 9, 2009 (gmt 0)

Salut Leo, long time no talk...

Since you are approaching the legal and confidentiality
I like to get back to some legal aspect that I earlier mentioned.
in some cases, at least in the States you may not get rid of all data, so taking this in the equation means that one has still to come with a real, real good selective reformat or with any way to select and destroy some but not all data.

kaled




msg:3910041
 11:26 am on May 9, 2009 (gmt 0)

incrediBILL, since you worked in the industry, are you aware of any instance in which useful data was recovered from a hard disk which had been wiped by overwriting with random data?

Even if you could recover 7 bits of every byte, which would be pretty miraculous, this would not be enough to reconstruct anything useful.

Kaled.

tangor




msg:3910445
 2:35 pm on May 10, 2009 (gmt 0)

@kaled ... you'd be absolutely flabbergasted as to what can be recovered from overwritten data, or how deeply the magnetic substrate goes, or the sensitivity of detection and recovery software these days.... and I'm not talking about the high-end spook stuff used at police or government labs.

Nothing substitutes the human brain. We see things that computer programs can't... that's why captcha's work (even if we don't like the way they work). If we get 7bits of every byte we got it all. More or less.

kaled




msg:3910483
 4:28 pm on May 10, 2009 (gmt 0)

the sensitivity of detection and recovery software

There is not a snowball's chance in hell of recovering properly overwritten data with software. The only way such data might be recovered is by removing the platter and installing it in specialist equipment.

If overwritten twice with random data, I doubt data recovery would even be theoretically possible. There would have to be a huge difference between the position of the data to be recovered and the position of random data written over top. Such a difference could only result from poor design or manufacture and the disk would undoubtedly have been discarded are junk.

By overwriting with random data twice, offsetting the heads (or using oversize heads) is likely to achieve nothing since there would be no useful strong-signal reference with which to compare weak signals.

If we get 7bits of every byte we got it all. More or less.
Try it. Write a program that randomly corrupts one in eight bits and see if you can recover anything useful. Even a text file (which has massive redundancy) will be reduced to garbage. Then consider the fact that all the filename data would be gone and all compressed data would utterly useless and only a small fraction of any typical disk content is text. Then consider the fact that recovery of 7 bits per byte could never be achieved in reality anyway.

If a drive dies, then full destruction is the only way to ensure data is destroyed. However, a big hammer applied to a drive on a concrete path is more than sufficient. Quite apart from wrecking it, the shock-waves are likely to erase the data. (You can actually create a weak magnet by banging a steel bar pointed north-south and down. Vibrations cause magnetic dipoles to move. This is almost certainly true of disk platters as well).

Kaled.

incrediBILL




msg:3910495
 5:35 pm on May 10, 2009 (gmt 0)

incrediBILL, since you worked in the industry, are you aware of any instance in which useful data was recovered from a hard disk which had been wiped by overwriting with random data?

I'm not aware of anything like that possible in recent years, but of course I'm not in the NSA so anything is theoretically possible but the newer media should make such recovery hard.

Back in the early 80s it was childs play.

It's been a while since I've actually worked on the low level drive controllers but even losing sector index marks didn't mean I couldn't recover data from a HDD because I could read an entire track and just pull in all the data on the track regardless of the formatting marks and then analyze what was left.

Complete and utter destruction is best but low level reformat is probably good enough.

fischermx




msg:3912248
 1:08 am on May 13, 2009 (gmt 0)

I like to see there are so much experts here, so I can ask a question I always wanted to do.
Why most shredding software recommends several passes?
I just don't get it, sorry.
If the first pass mangles all the bits..... why a second one is needed?
How can you restore data from a randomly mangled bunch of bits?

This 31 message thread spans 2 pages: 31 ( [1] 2 > >
Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Webmaster Hardware
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved