Welcome to WebmasterWorld Guest from 126.96.36.199
Forum Moderators: open
Sensitive information for shooting down intercontinental missiles as well as bank details and NHS records was found on old computers, researchers say.
Of 300 hard disks bought randomly at computer fairs and an online auction site, 34% still held personal data.
Researchers from BT and the University of Glamorgan bought disks from the UK, America, Germany, France and Australia.
The information was enough to expose individuals and firms to fraud and identity theft, said the researchers.
How many more times do people have to be told!
What to do with an old HDD [webmasterworld.com]
On the corporate side I see some pretty intense wiping going on in my company. Before returning leased hardware everything has to go through some intense wiping and formatting.
However, I know it only takes one lazy instance to let a disk out of your possession without taking the necessary precautions.
This might be a good selling point for native drive encryption [webmasterworld.com].
Most drives I transfer to new systems for clients I mechanically dismantle and fiddle with a hammer, electrocmagnetics, and a sandblaster. Perhaps not as through as real guberment tactics, but pretty josh darn good.
I charge extra for the service, otherwise just give them the drive back and it is up to them.
Untested: What's about baking'em one hour at 500?
Personally, I do not own a sledge hammer, nevertheless I always use a regular heavy hammer, it does the job very well.
Here in CT there is a corp that comes to your biz place and claims to 100% rem your data from old hdd.
Of course, if bios writers provided this facility, there would be no problem. They used to provide a "low-level" format function but you don't see that any more.
Meanwhile, I destroy critical drives by hand, as needed, then deposit the bits and pieces here, there, and everywhere (according to disposal codes). Those drives that contain credit card numbers never leave my side (so to speak). Don't have too many, but is more than one.
Your mileage may vary.
But seriously, for most people using a hard drive wiper software, then beating the drive with a hammer or drilling some holes through the platter will disable it enough.
Personally, when I need to dispose of old hard drives I first wipe them with a hard drive wiping software, then smash it with a hammer, sand the whole drive a bit, leave it in a jar of salt water for a few days then toss it in the trash.
If someone is still able to get data off the drive at that point they deserve to have it!
And in this world of hard drives/data storage, we have to be on top of this. Most serious.
I have no experience for SSD, but can those be truly wiped? Magnetic is a no, until substrate is sandblasted off the platters.
Look to the topic once again: SENSITIVE DATA. Some of us make it disappear. What I've heard so far doesn't fall into that category.
I am surprised that data can be recovered after drilling holes through the drive, but, if wiped properly with random data, no useful data could be recovered by the combined efforts of NASA, CIA, FBI, MI5/6 GCHQ, etc.
Incidentally, if anyone feels the need to destroy their own drives when no longer needed, answer me this question...
Given that computers can be stolen, why aren't you using whole disk encryption? And if you are, what do you think is achieved by destroying a fully encrypted drive?
To start, overwrite all the data across the entire drive a couple of times to ensure thorough saturation using tools like a real low level reformat of the drive, or WIPE and ZAP. Do not use a high level reformat as all your data will still be there, just the directory rewritten, low level reformat is the only way to go.
Now extract the platters and DeGauss the little buggers.
Last but not least, bust them into little pieces because to the best of my knowledge there is no tool available that can read a Reformatted DeGaussed HDD 100 Piece Puzzle
with respects to various posters above ..there is an awfull lot of "batmans belt" syndrome in this thread ..
and we've been over this bone here before ' bout 3 years back ..nothing in "spinning" HD tech has changed since enough since then to change squat from what we knew then ..which is what I posted then ( and I think so did kaled and bill and "2" and "others" ..and some of them didn't use the same names as they do now ;)..and again now ..
solid drives ..discs ..thumb drives etc ( all of your "boot it live" " stuff be it doze ( any flavour ) ..or any "nix" or "nux" ..( I, like many here have bunch of 'em , ranging from 4 gigs to 64 gigs ..plus a light weight "netbook" to help them talk to unsecured networks and wi-fi points if needed ) ..can "kill" any key beyond all hopes of ressurection by dropping it into a 'lil' bottle of acid that sits in your pocket and is no risk to you ( quick method ) ..and a plumbers propane torch or a solid state camping stove or even at pinch a zippo and a pair of improvised tongs will "kill" all ..
Since joining WebmasterWorld ...I made ( amongst others ..'aint getting any younger ..so diversifying what I could sell on ..sort of like pubcon or crawl wall ..you realize that you know stuff that others dont ..or that they dont know how to market ) a "side business" in data recovery ..( stuff that people or businesses need to get back from their machines or cards or cameras or thumb drives or whatever )..so.
you cant read cluster tip data from melted or acid dipped storage ..except if the container responds to "Arnie" in the movies.
that said ..
I have many hard drives ..with all kinds of left on them "confidential" data ( Lan guys or in house IT dept folks ) who thought that software that "7" wipes and you were done ..that are full of data that I should n't be able to read ..mostly government stuff ..machines bought off Ebay from companies who buy it in bulk from the governement when the depts "upgrade" ..and the staff people are too busy rolling out all the new machines and the associated software to "kill" every old machine ..so health records legal , papers and internal government memos etc stay on old drives ..not even a basic format ( which does nothing to stop the inquisitive but at least shows that the IT dept knew what "format" meant ) ..even had "sensitive" stuff show up ..we tell the "powers" ..what we got ..they are shocked ..they will "fix it" ..they are effusive with their thanks ..presumably they then talk to their IT contractors ..and the next batch we get has still more stuff that should have been left on it ..
*****and this is without counting the machines which show up at the local municipal dumps ( with whom I negociated a recycling deal )..old RAM is more expensive than new RAM and some people .."me" and others collect old machines ..pcs and macs etc ..and need parts ..*****
the dump is ..where the local plumbers and carpenters etc who all have local "IT" specialist companies ( who mainly sell them a new machine and new accountancy software every 24 months ) ..go to dump their machines which they have been told are "obselete" and they can replace as business expense ..so "dump it" ..and they do dump it .. with all their accounts still on it ..and frequently their pron surfing history too ..with their names and addresses and all one would need to make their lives misery and or steal their identities their bank account details ..tax returns etc etc ..
ditto the machines dumped by private citizens ..especially the pron and the banks details ..left when they "upgrade" ..or when they worry about their wives seeing their surf history ..lot of recent machines hit the trash that way ..
only ever found one instance of child pron on a machine 'til now ...and it was reported ( as per our TOS which customers sign to before we "recover" )to friends in the local ( french ) police unit specialised in "protections des mineurs"..( watching out for kids ) ..it was cloned ( in case static zapped it's board as we took it out took it out and made it harder to read in depth )..and then we gave the guy a new HD ..put his other data back ..and took away the evidence .
the business man was totally innocent ( actually thought that his bass sub woofer box ..was his hard drive !..had bought the computer and it's net access on the recommendation of his accountant ..this was year 2002 ..)..but his accountant had been using his bosses machine to do his "research" ..and had actually used his own name to sign up to the illegal sites " named cookie traces and all " ..and he had then formatted the HD ..and then told the business man he had a virus in an email ...and the machine was scrap ..
soi before it was "scrapped" we were asked to take a look at it ..
rolled back the format ..and looked for what had happened..expecting klezH or similar ..
evidence took 5 minutes to get ..and I wasnt even looking for it ..just a lot of jpegs in the recycle made me wonder ..recovery showed them for what they were ..
Our TOS says that if we find Kpron ..or "similar" we make a call and the first call is not to the client ..
I am not a lawyer ..so our TOS ( written by lawyers ) says what we do keep to ourselves and what we dont ..
plus ..I have a son ( at that time he was 4 years old ) now 16 ..would be the same TOS if I had a daughter..
some companies TOS are closer to those of lawyers or doctors ..I dont need money so bad as to have their kind of TOS ..
apologies ..long post ..mais ..subject has many ramifications ..legal ( depending on which juristictions apply where you are or where you are "incorporated" ), moral , ethical , technical abilities ..or developments etc
However, I used to work in HDD labs and the hardware is nothing like it used to be.
Back in the old days platters were made of different alloys which expanded and shrank during start up and cool off, as the drive warmed up, tracks shifted, etc. which meant the media had data written outside of it's intended threshold making recovery often as easy as slightly offsetting the read head on a reformatted drive.
Basically, much of the physics that made erased data recoverable also caused HDD failures as tracks were written slightly out of synch, which ultimately caused track failure, yada yada, better alloys, less overwrite.
Additionally, older write heads were much larger and used more power and carved a bigger path thru the media (trust me, spent lots of time with read/write heads and oscilloscopes looking at the "ghost" data) which was a problem that had to be eliminated in order to increase track density to increase overall drive density.
Today the materials don't have those same physics issues which allowed track density to increase and vertical data writing, which is all so precise that a low level format is actually pretty good at eliminating all traces withing reasonable limits these days.
Then toss it in a smelter, done. ;)
[edited by: incrediBILL at 1:58 am (utc) on May 9, 2009]
Since you are approaching the legal and confidentiality
I like to get back to some legal aspect that I earlier mentioned.
in some cases, at least in the States you may not get rid of all data, so taking this in the equation means that one has still to come with a real, real good selective reformat or with any way to select and destroy some but not all data.
Even if you could recover 7 bits of every byte, which would be pretty miraculous, this would not be enough to reconstruct anything useful.
Nothing substitutes the human brain. We see things that computer programs can't... that's why captcha's work (even if we don't like the way they work). If we get 7bits of every byte we got it all. More or less.
the sensitivity of detection and recovery software
There is not a snowball's chance in hell of recovering properly overwritten data with software. The only way such data might be recovered is by removing the platter and installing it in specialist equipment.
If overwritten twice with random data, I doubt data recovery would even be theoretically possible. There would have to be a huge difference between the position of the data to be recovered and the position of random data written over top. Such a difference could only result from poor design or manufacture and the disk would undoubtedly have been discarded are junk.
By overwriting with random data twice, offsetting the heads (or using oversize heads) is likely to achieve nothing since there would be no useful strong-signal reference with which to compare weak signals.
If we get 7bits of every byte we got it all. More or less.Try it. Write a program that randomly corrupts one in eight bits and see if you can recover anything useful. Even a text file (which has massive redundancy) will be reduced to garbage. Then consider the fact that all the filename data would be gone and all compressed data would utterly useless and only a small fraction of any typical disk content is text. Then consider the fact that recovery of 7 bits per byte could never be achieved in reality anyway.
If a drive dies, then full destruction is the only way to ensure data is destroyed. However, a big hammer applied to a drive on a concrete path is more than sufficient. Quite apart from wrecking it, the shock-waves are likely to erase the data. (You can actually create a weak magnet by banging a steel bar pointed north-south and down. Vibrations cause magnetic dipoles to move. This is almost certainly true of disk platters as well).
incrediBILL, since you worked in the industry, are you aware of any instance in which useful data was recovered from a hard disk which had been wiped by overwriting with random data?
I'm not aware of anything like that possible in recent years, but of course I'm not in the NSA so anything is theoretically possible but the newer media should make such recovery hard.
Back in the early 80s it was childs play.
It's been a while since I've actually worked on the low level drive controllers but even losing sector index marks didn't mean I couldn't recover data from a HDD because I could read an entire track and just pull in all the data on the track regardless of the formatting marks and then analyze what was left.
Complete and utter destruction is best but low level reformat is probably good enough.