Support NeoGAF

[Afro Thunder]

From The Inquirer: http://www.theinquirer.net/?article=21308

Re-furbished hard drives full of personal data

Passwords, and other confidential data shock

A STUDY a University has revealed that hard drives bought on Ebay are awash with unwashed commercial and personal data.

Future Intelligence said that the University of Glamorgan's Information Security Research Group analysed 100 hard drives, many of which were bought from Ebay, contained passwords, user names, and even the personal records of kids.

That has led to the UK Information Commissioner saying it will clamp down on firms and organisations which operate slipshod data protection techniques.

According to reporter Peter Warren at Future Intelligence, seven of the hard drives investigated would give crooks enough information to enter corporate sites.

Fifty per cent of the hard drives examined contained personal information, while a staggering 56 per cent had organisational info including user names and passwords.
_ _ _ _
Take care of your data. There are apps that REALLY erase the HDD data better than the tools of your OS.

 

[Teknopathetic]

I thought it was known that deleting via empty recycle bin does *not* really erase files.

 

[Ferrio]

Duh.

 

[lexy]

How do you see/find these files that aren't really erased? Is standard harddrive recovery software enough?

 

[DarienA]

How do you see/find these files that aren't really erased? Is standard harddrive recovery software enough?

Pretty much. We use Ontrack's EasyRecovery software... the thing can even have a chance at recovering data from a HD that has been reformatted. You really need to do either a low level for Zero Fill style format.

 

[aoi tsuki]

There's freeware programs out there that'll do a "government wipe", just look them up in Google. But the best way to secure erased data is just to bring an axe to your drive. Anything can be recovered.

 

[Diablos]

Just use Darik's Boot and Nuke.

http://dban.sourceforge.net/features.html

You'd have to be in the FBI or something if you wanted to recover data after using the DoD method (7 passes of writing zeros to the hard disk)... it would take a while to format, but would also be well worth it. Gutmann takes even longer (35 passes).

 

[aoi tsuki]

You'd have to be in the FBI or something if you wanted to recover data after using the DoD method... it would take a while to format, but would also be well worth it.

Yeah, pretty much. But if you're really paranoid, keep an axe handy.

 

[Smiles and Cries]

Do you mean I can get back all my Naruto movies I deleted a few months back?

 

[Diablos]

Yeah, pretty much. But if you're really paranoid, keep an axe handy.

Even then, I doubt you'd get much back.
Gutmann basically ensures no chance of recovery. Anything is possible, but I doubt you'll be getting much of anything if you really really tried to recover data from a drive wiped with that method.

Gutmann uses so many passes, I fear that across a typical hard drive, its lifespan would probably be decreased significantly from using this method. It would take hours if not days to format, and it _will_ be writing the entire time. Ditto for the DoD method, but Gutmann is extreme.

 

[Che]

Duh.

.

 

[Hitokage]

There's freeware programs out there that'll do a "government wipe", just look them up in Google. But the best way to secure erased data is just to bring an axe to your drive. Anything can be recovered.

Having actually taken a maul to a hard drive or two, it helps to have a really heavy tool with a sharp blade. Those things are a bitch to destroy. Oh, and don't forget to puncture/bend/split each drive platter.

 

[Brannon]

Fire used to be the preferred method but OH NO THE ENVIRONMENT so they stopped that and now it's all about Conan and his axe of digital rape.

 

[mrklaw]

Gutmann uses so many passes, I fear that across a typical hard drive, its lifespan would probably be decreased significantly from using this method. It would take hours if not days to format, and it _will_ be writing the entire time. Ditto for the DoD method, but Gutmann is extreme.

Tivo etc are writing 24/7 and they seem fine.

I don't get how you can still read stuff after writing zeros to the entire hard drive 7 times. Surely it'll just have zeros?

 

[CrunchyB]

A HD doesn't really store bits, it just reads/magnetises areas, this is an analogue value. Anything above a certain threshold is a 1, otherwise it's a 0. I'd assume that old data slowly demagnitises, so an old file that has been set to zero would actually have a "lower" 0 than a new file that has been zero'd.
Patterns in the minute variations can be found and used to restore data, but that's mostly FBI-laboratory stuff.

Also worth noting: deleting a file with most standard filesystems just deletes the corresponding node. The actual data is still there (for now), an analogy would placing a new label on a used VCR tape. It's ready for future storage but the old data is still there.

 

[Scrow]

sheesh, and here i was thinking a normal format of the HDD wiped everything to a completely unrecoverable state.

 

[Jeffahn]

I have a buggered HDD I'd like to cleanse before I RMA it, but the thing just reboots my machine when I connect it (as slave) and it won't even re-format. Any ideas?

...

 

[Ecrofirt]

ok, I need one of the programs that'll bring the data back. My friend deleted all his pictures this morning, and he's hoping he can get at least some of them back.

 

[Deleted member 1235]

There's freeware programs out there that'll do a "government wipe", just look them up in Google. But the best way to secure erased data is just to bring an axe to your drive. Anything can be recovered.

Encrypt your drive, then erase.

 

[darscot]

Who the hell wants a used hard drive? Why would a company sell off old harddrives? And why do so many people think there lives are so interesting or secret that anyone else would care.

 

[bishoptl]

....goddamit darscot you're a doofus. It's the personal information like PASSWORDS, BANK INFO, ETC that's valuable on these used hard drives, not pics of baby Barney drooling on Grandpa's shoulder.

 

[Ferrio]

Encrypt your drive, then erase.

That still won't work. There will still be remnants of old data on the drive.

 

[Great King Bowser]

Who the hell wants a used hard drive? Why would a company sell off old harddrives? And why do so many people think there lives are so interesting or secret that anyone else would care.

darscot
Idot Member

:lol

 

[dynamitejim]

Do magnets have an effect on hard drives?

 

[Myllz]

Kill Disk.

 

[darscot]

Like the world of organised crime is going to spend hours trying to recover information from some old hard rive to get the 100 bucks out of some twits savings account. At a cooperate level maybe.

[Sarcasm On]
Do you know that the door on your house is not secure? It has come to the attention of the University of common sense that a huge underworld of organized crime has discovered this potential security leak. And that at any time they could actually kick in the door and take what they wanted. Even worse they can go through your garbage and find all the information they need to steal your identity.

 

[Deleted member 1235]

That still won't work. There will still be remnants of old data on the drive.

Yes it will. those remnants will be encrypted. you need to get the drive back to a workable state to put in the decryption password, which you of course would need to know.

 

[tedtropy]

Do magnets have an effect on hard drives?

I don't know, hold a bigass magnet up to your HD and see what it does. Yes, a powerful enough magnet can potentially screw up your HD's data. They can also screw up your monitor if it's exposed to a strong magnet for long periods of time.

 

[Ferrio]

Yes it will. those remnants will be encrypted. you need to get the drive back to a workable state to put in the decryption password, which you of course would need to know.

Parts will be missed when you encrypt, and you wouldn't need to decrypt the disk to read the data off it. Sure most of it would be junk due to the encryption, but there would be pockets that weren't overwritten.

There's really nothing you can do besides outright destroying a drive to completely ensure anything can be recovered. Increased format passes, encrypting, whatever will only make it more difficult to recover stuff, and decrease the chance of recovering something worthwhile.

 

[Deleted member 1235]

Parts will be missed when you encrypt, and you wouldn't need to decrypt the disk to read the data off it. Sure most of it would be junk due to the encryption, but there would be pockets that weren't overwritten.

not if you use a program that encrypts the entire drive. On our work laptops we use Safeguard easy, it's 128 bit encryption and encrypts the whole lot when you install it. It's a fucker because it takes about 6 hours to install. Forensics specialists can not fuck with it.

 

[belgurdo]

I have learned much today.

*successfully dumps kiddie porn and secret Al-Qaeda transmissions*

 

[Ferrio]

not if you use a program that encrypts the entire drive. On our work laptops we use Safeguard easy, it's 128 bit encryption and encrypts the whole lot when you install it. It's a fucker because it takes about 6 hours to install. Forensics specialists can not fuck with it.

So this program doesn't encrypt files, but the actual raw data? Even so the harddrive can miss spots, just due to offsets on the head and such.

 

[Deleted member 1235]

So this program doesn't encrypt files, but the actual raw data? Even so the harddrive can miss spots, just due to offsets on the head and such.

I'm 90% sure you're referring to file/folder encryption such as EFS with windows. Safeguard easy and other programs (SGE top rated that i know of) encrypts entire drive, so yes the raw data, only thing that isn't encrypted is a bit of 'bootstrap code' which allows you to get to the safeguard prompt at startup. Also offers 256 bit encryption.

I'm pretty sure that america does or did outlaw this encryption in America because the government can not crack it.