Data Mining Used Hard Drives
linuxwrangler writes "One hopes the /. crowd knows the perils of discarding storage with sensitive data but this article drives home the point. Two MIT grad students bought used drives from eBay and secondhand computer stores. Among the data found on the 158 drives were 5,000 credit-card numbers, porn, love-letters and medical information."
It's long been know that laptop theives are often more interested in the data than the computer.
Some computers sold on eBay are sold for the data.
Picked 6 or 7 old 4gig HDDs from my father's company a few years ago, found their company credit line information, personal (and some very erotic) email, and a surprisingly large collection of nudie photoshopped Gillian Anderson photos. Oh yeah, and like 100 different (and I must say, very well-done) quake2 "crackwhore" models and skins lol. I love the people who don't clear their HDDs, it's like treasure chests, you never know what you're gonna get.
------- "From bored to fanboy in 3.8 asian girls" ----------
Thats not so bad. My dad happens to be a garbage man and often brings along an occasional system he's scavanged from the dumpsters along his route. Currently I have in my possession an old IBM Aptiva with some guys bank account information on it (He did his checking and stuff with it apparently), but worst of all I have what appears to be an old Gateway tower used to store Medical information for a major hospital in the area my father works. I have over 2 gigs of peoples medical history, including what they were put in the hospital for, insurance information, release dates ect.
I should really do the honost thing and reformat it but its always fun to flip the thing on and just page through stuff.
Take 'em apart and use the magnets as fridge magnets. They hold up an enormous amount of paper, although they do tend to nip one's fingers occasionally :)
No database code or data, just typical home directories and stuff. And they were running SCO, but boot blocks and stuff don't generally get written to tapes, so no chance of warezzing from it.
I also snag SCSI hard drives and SyQuest cartridges when they show up for five bucks or less at thrift stores, since most of that is Mac stuff and I'm a Mac-head.
Once I got a 6100 at a thrift store. I presume the owner stopped using it when the PRAM battery died. (When a 6100's PRAM battery dies, the video settings go with it, and unless you're using a fixed-frequency monitor, you get no video unless you hold down command-option-P-R. Looks like real bad a hardware problem when it's just the battery.) I could tell it was used by some college guy, studying to be a lawyer, I think.
"Thrift store hard drives are like a box of chocolates... you never know what you'll find!"
--
"Open source is good." - Steve Jobs
"Open source is evil." - Microsoft
I have had 2 drives fail well within the warranty period, and did not return them for just this reason.
All Troll + "offtopic" mods are meta moderated as "Unfair", because you abused the system.
US DoD Spec: 3 passes
German DoD Spec: 7 passes
(from http://www.ontrack.com/library/dataeraser.pdf)
-- R
I remember working on my very first IBM pc. My girlfriend's mother was dating a guy and he gave her an old 8086 computer (this was back in '94 or thereabouts). Well, I started playing with the computer. He had an early version of Norton Utilities on it. I played with the undelete file utility and found that there were lots of deleted files. I recovered some of them and started to read them. Most were boring. One wasn't
This guy wrote about my g/f's mom about how he was banging her for the last 15 years. She had only been widowed for 10 years. He also complained about how she only came around when she needed money and how he was tired of banging her wrinkly ass.
Also, this guy was a principal at an elementary school. He was apparently fucking several women at the school, even getting blowjobs at work!
I was simply amazed. My g/f didn't even really know that this guy was dating her mom (some women are so stupid). She just thought he was a family friend. I couldn't tell her about what I found because I knew she would have been really upset.
I learned from that day on that simply deleting a file was not going to hide anything. I'm actually holding onto a defective laptop thathas been broken for months. I don't want to toss it out until I can either recover the harddrive data myself or until I can safely dispose of the harddrive.
-- You see, there would be these conclusions that you could jump to
First, a little background:
Regarding disk recovery:
Regarding SRAM recovery:
Regarding DRAM recovery:
Based in part on the recovered data, we concluded that candidate A was declared the winner due to a ''mistake'' in mapping ballot slot numbers to candidates. In some cases the slots for candidate A and B were reversed.
An incorrect vote count was reported by the election officials. It is our guess that when we came around asking for the raw data, someone began to collect it. At some point some official(s) discovered the blunder. The system was left on while they stalled for time. When it was clear that we were going to force them to turn over the data someone wiped the system and shut it down.
BTW: The majority of the election officials involved were supporters of candidate B. Even though their blunder caused them to declare candidate A the winner, they still tried to coverup their mistake.
Our conclusion was that the attempt to coverup the mistake was motivated by not wanting to admit the major blunder instead of because of candidate A's influence. This conclusion was reached in part because of messages that we recovered on another system that was not wiped. However we would have never been able to find that other system, nor would we have been able to match the raw slot numbers with the reported vote counts by candidate name without the help of the data recovery consultant and the critical data that they recovered.
I'll offer a few observations:
P.S. I know that some people doubt that one can obtain old data from SRAM and DRAM after poweroff. I did too until it was done for our group. To those who still doubt this: I will refer you to Peter Gutmann's paper on Secure Deletion of Data from Magnetic and Solid-State Memory for another source on data recovery methods.