Second Hand Hard Discs Reveal Secrets

An anonymous reader writes "BBC News has a story about MIT grads buying old hard discs from eBay and elsewhere, and finding credit card numbers, ATM transactions, porn and emails all accessible on them. Comments? What's the strangest thing readers have found, or left, on a hard drive?"

Another Duplicate....

[Cubeman]

This was posted before here.

A simple script

[Black+Copter+Control]

dd if=/dev/urand bs=100k count=100 of=garbage
while cat garbage garbage ; do true ; done | dd bs=100k of=/dev/hdaX

You could put it on a floppy Linux distribution and sell it to windows users who want to wipe their disks .. $20 a pop!
(or better yet -- a bootable CD business card so you could include the source).

Just don't let your 5 year old nephew get hold of it -- or else!

Re:A simple script

[droid_rage]

Not quite that simple.
Yeah, that would work for newer desktops, but OnTrack, which sells disk wiping software (the only one I know, since that's what we use), also has a decent collection of basic SCSI drivers on their disk. You can load other drivers from a floppy if yours isn't there.

Incidentally, the US government requires triple-overwrite on any computers leaving government facilities, and for anything sensitive they wipe it, then drill holes through the disk. Yes, I know this for a fact. I have done IT work for a government site.

Re:A simple script (grr)

[Black+Copter+Control]

dd if=/dev/urand bs=100k count=100 of=garbage

should be

dd if=/dev/urandom bs=100k count=100 of=garbage

(I was sure that I'd fixed that)

An easy way to fix the problem

Since all the hard drive manufacturers that I've dealt with (Seagate, Maxtor, Western Digital, etc.) all make you jump through hoops to find the right utilities for various drives, there's an easy way to do a low-level and fix the problem:

dd if=/dev/zero of=/dev/hdX# bs=1k

Using this with Toms RTBT, you've got a very handy utility floppy.

Data from previous owners

Okay, we've established this article is a dupe. But the original didn't have this juicy morsel:

"What's the strangest thing readers have found, or left, on a hard drive?"

Like many /. readers, I am considered the local "computer guy" that fixes the computers when things go wrong. One system I recently worked on was a throw-away by a local hospital. I was stunned and shocked when I went scouring the hundreds of .dbx and .dbf files, only to find that it still had on it medical records!

Knowing this could cause legal trouble, I quickly got on the phone and called the hospital. They said that they thought the system was clean, and that I should destroy any data on the drive. I then called my lawyer. After a small consulting fee (about $60) he informed me that I shouldn't have anything to worry about, so long as I did as the hospital asked, and destroyed all copies of the records. And I did, and that was the first time I ever felt good about losing data!

(Posting anonymously, in case any other slashdotters get any funny ideas... :)

Re:Data Mining... for BRAINS!

[Tim+C]

2.) It amuses me that people seem to think that /. editors have so much time on their hands that all they have to do all day is read headline and forum posts. That's what moderators and metamoderators are for, and they may not catch every story that comes down the pike.

If deciding what story submissions get posted based on content and similarity to recent stories isn't an editor's job, I'd like to know what is.

Your comment about that being what mods and meta-mods are for would be true on a site like k5, but until moderators can mod stories off the front page here, that's what the editors are supposed to be for.

PGP!

[Thud457]

PGP (for windows or mac, ie not GPG) has two commands related to this: wipe file and wipe free space. They overwrite the appropriate sectors of the disk with several patterns designed to ensure that no matter what (common) encoding scheme the hard disk uses, every bit will have been set at least once, zeroed at least once, and overwritten with pseudorandom data at least once. If you set in on a lot of passes, it does an even better job. This would be a cheap (free, except for time and bandwidth to download it) way to make sure your sensitive data doesn't get out.

That said, experts would tell you that the only reliable way to make sure sensitive data doesn't get out is to thermite your drive.

Also, what's the one-line unix command (running MacOS X here).

• http://slashdot.org/comments.pl?sid=51331&cid=51 18950
• http://slashdot.org/comments.pl?sid=50856&cid=50 91657

Re:PGP!

[Door-opening+Fascist]

One has to keep in mind that these programs are not designed to work with journaling filesystems. The presence of a journal means that the wiper is not actually certain that the blocks were overwritten.

If one is giving away a hard drive, it is a good idea to low-level format the drive (if it is SCSI), and/or create a partition spanning the entire disk, dd from /dev/zero on to the disk until it is full, and then use a wiper to delete that file.

Re:Moderation (On Topic in Thread, read the commen

[selderrr]

"Offtopic" mod seems to be used improperly more often than not.

very true indeed.
This whole little subdiscussion is very likely to get moderated as offtopic, whereas the only consistent topic in the entire comments is the fact that it's a dupe, which is offtopic.
The whole issue basically comes down to wether slashdot is a "discussion site" or an "information site based on comments". If the main purpose of slashdot is to create a vast and useful archive of comments that can enlighten a visitor seraching for info on a "news for nerd" subject, then indeed we are offtopic. If on the other hand, slashdot is a forum in which nerds can discuss anything they consider nerdstuff, almost everything is on topic !

I suppose the best way is something in between, but right now, I have the impression the balance is shifted way to much towards the first type. Plus, as many of us have said, the biggest problem is the fact that due to the recursive nature of the problem, the problem itself can't be discussed on slashdot.

And that attitude is what we usually call censorship. Slashdot is more and more becoming a selfcensoring community. I've tried to find analogies in the real world, but fail to see one so far. The only thing I'm sure of, is that it is not a GoodThing(tm)

Re:Burglary Recovery!

[TheTick]

The system, as it turned out, belonged to one of their senior developer/programmers who, along with their system, had lost about seven years worth of intense work.

[...]

The moral of the story: Pay VERY close attention to what may be left on any hard drive[...]You could end up saving someone a ton of grief and lost hours.

It's an interesting story, I agree, but the real moral ought to be make backups! There's no excuse for losing years of work just because a box was stolen. Some negligent sysadmin should've been canned over that.

For those lost souls using Windows XP...

[mattACK]

...wiping the free space on a drive is built into the OS.

cipher /w:[path]

where [path]= any location on the drive in question.

This tool doesn't delete files that are present, but simply clears space already marked as "empty". It was included to augment the functionality of EFS. If you encrypt a file, you don't want vestiges of the file from before you encrypted it lingering.

Re:How about LANs?

[linux_student]

I have known that for quite awhile on the university network, there are people sharing all kinds of $h!t: Homework (even read a guys term paper), pr0n, warez, pictures...My desktop wallpaper was taken from the university's digital imaging center's hard drive as well. If you really want to be a whore about this, there is a software package called ShareScan that works really well...