Slashdot Mirror

← Back to Stories (view on slashdot.org)

Salon On Computer Forensics

Posted by chrisd on from the keep-those-tape-drives-handy dept.

splorf writes "Salon has a good new article on computer forensics, focusing on Lee Tydalska, a guy in Southern California who started collecting old computers and peripherals as a hobby, and now has a nice business doing data recovery from weird and obsolete media for investigators (or normal users who just need media conversion). "It hardly needs saying why this craft has grown in importance", the article says, "but if one word sums it up, it's 'Enron-itis'". Oh yes, the #1 outfit in the field is apparently a UK firm called Vogon International. You've got to love this stuff."

11 of 138 comments (clear)

  1. It's all about the hardware... by bourne · · Score: 3, Interesting

    I was suprised to see an @Stake employee bring a Mac to a presentation, but he explained that they used Mac because the greater FireWire support meant they could do forensic imaging onto external disks a hell of alot faster.

  2. Obsolete Computers by teslatug · · Score: 2, Interesting

    Here's an interesting site about old computers. It has pictures of most of models. Brings back memories...

  3. Overture/Goto ad pricing by realdpk · · Score: 4, Interesting

    Data recovery is one of the most expensive search results on Overture that I've seen.

  4. I guess the question to ask is.... by 8127972 · · Score: 4, Interesting

    Now that we know that companies like this exist, how do you as a person who is responible for dumping old equipment ensure that your company erases sensitive data so that it cannot be recovered by anyone. You have to believe that there have to be one or two people out there who are looking to do something "bad" with the data they find on disposed computers.

    --
    This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
  5. Secure Deletion of Data by ltsmash · · Score: 4, Interesting

    I'd be interested to hear what the Lee Tydalska has to say about secure deletion of data (i.e. how can you be sure you have destroyed data on a harddrive/cd-rom/floppy/etc). Peter Gutmann wrote a paper on how to destroy data. In the paper, he argues that by overwriting your harddrive multiple times with highly sophisticated patterns, it will be almost impossible to recover the data. I wonder if industry people agree with him.

  6. He's an unrepentant money-grubbing leech! by Raetsel · · Score: 3, Interesting

    And I love him for it. Geek hobby success -- truly, qualities to aspire to...
    • (Second page, first paragraph)

    • Tydlaska is prone to gloating about his sometimes invaluable skill. "People go into audit a company and they need to see its 'hysterical data,' as I like to call it -- 'hysterical' because of the prices they pay me to see it. They say, 'But there's nothing wrong with the tape! If I had the equipment I could restore the data myself.' And I say, you're right! If you had it, you could! But you can't buy it, and you can't reproduce it, so it's either worth my exorbitant fee or not. I mean, let the IRS believe you've got the data!"

    I've got it, you need it, now pay up! Ha!

    I've got some old tape drives... an Exabyte 8mm, a few DAT (Wang, I think...) drives, a couple circa-1995 pre-Travan QIC plugs-into-the-floppy-controller anachronisms. I even have a one-piece combo 5¼- and 3½-inch floppy drive! Perhaps I ought to start "Joe's Cut-Rate Data Recovery and Money Removal Service."

    Hmmm....

    --

    "...America's great minds of today, teaching America's great minds of tomorrow. Poor bastards." -- A Beautiful Min
  7. Re:corporate automated deletion by Kryptic+Knight · · Score: 3, Interesting



    What all these companies who have time delayed deletion of historical email seem to fail to catch onto is that they usually have a long term backup methodology in place.

    I've raised this issue with one operation who have a 60 day deletion policy for company security reasons only to be looked at blankly by the HR manager and board directors and then asked, "does anyone doing data recovery ever ask for that sort of thing?".

    At that point I nearly cracked up in hysterics myself.

    --
    --- This meme is memory intensive
  8. another side of the coin... by antonsthlm · · Score: 3, Interesting
    ... but basically the same problem sphere is Public Archiving, which just as it happens is my current field of temp work as I sleaze my way through university.

    Riksarkivet (National Archives of Sweden) is by law required to obtain, store and display for the public all documents and other entities produced by governmental agencies in Sweden, as well as committees and such since 1618 (some older, as well) for all future time. As the latest 30 years or so has seen a large surge in computerized documents/-ation this gives quite a few spectacular and very interesting examples of deliveries from agencies present or extinct with odd hardware requirements and zillions of different software solutions originally used, many homegrown.

    Not only is the archive responsible for 'old' data, its is also responsible for migrating non-computerized material onto a computerized from for future public display, which is no easy process since there is a goal of course not to lock the information onto media, hardware or software designs that are extremely short-term.
    In short, it's an area of a heck of a many problems, lots of questions, few people and little interest from the field (I mean, how interesting can it be to design excel spreadsheets for bank applications? Really?)


    As for Vogon International, I'm sure that it's a company full of geniuses, but I would prefer if they answered the calls we make for ordering and requesting features promised in the manual in their software, which we need ASAP! It's no fun being stuck in a dos/windows95 edition of software for the sole reason of not getting replies from a genius/vendor.

    Forensics anyone?

  9. better resource by fons · · Score: 3, Interesting

    I used to visit the obsoletecomputermuseum and it's a great site.

    But recently i discovered http://www.old-computers.com and now i'm addicted.

    This site is like a community. Everybody can add a piece to the museum, write reviews,... There are polls, links et. It's just a great site and it's al lot more updated and lively than the (olso great!) obsolutecomputermuseum.

  10. IBAS by Anonymous Coward · · Score: 1, Interesting

    IBAS is another company that offers data recovery.

    http://www.ibas.com

    These guys have some severely cool toys!

  11. And my friends mock me ... by Splat · · Score: 4, Interesting

    They will never make fun of my QIC-120 tape drive mounted below my 24x burner again ..

    Case in point:

    Friend of mine used to run a very successful BBS (gasp?! A BBS?!) in this area I helped out with. At it's peak we had 48 telephone lines, an office, and 600 or some users.

    Not to bore you with the details but a partnership was formed, dissolved, and eventually he basically ran out of money.

    Fast forward 5 years later:

    I'm at his house on an unrelated matter. We start talking about the BBS. He mentions how he's got backups of it somewhere but they're on old 120 meg tapes. So I convince him to ransack his room (and we literally do). Eventually we come up with 5 QIC-120 tapes. What to do? Nobody owns one of these drives anymore.

    Ah - but I do! Being a geek who collects old obscure, out of date hardware pays off. I slap the tape drive into my system, collect it to the floppy interface (bleck!) and proceed to load the Coloraod Restore software.

    Tape 1 - Bad
    Tape 2 - Bad
    Tape 3 - Bad
    Tape 4 - Good

    I restored the data to my hard drive, burned it onto a CD-R, copied the system to another computer, tweaked the broken backup until it worked, and brought it up.

    Let's do the timewarp, again - a BBS from 1997 was up in the year 2002 via telnet. I was a god among the users :)

    Moral of the story is data mediums age faster then you think! We're only talking 1997 technology here and no one around me had the capabilities to restore it!