Slashdot Mirror
Second Hand Hard Discs Reveal Secrets
An anonymous reader writes "BBC News has a story about MIT grads buying old hard discs from eBay and elsewhere, and finding credit card numbers, ATM transactions, porn and emails all accessible on them. Comments? What's the strangest thing readers have found, or left, on a hard drive?"
This was posted before here.
I found a bunch of Spice Girl stuff (3GB+) on my friends 'broken' hard drive he gave me... I was sorta afraid when I saw that, really makes me wonder about him...
I found archives of old Slashdot stories and resubmitted them.
Common sense is what tells you the world is flat.
Well I bought a laptop back in the day...a p166 toshiba which to this day has enough power to word process...surf the internet, but unfortunately the battery and cdrom both died.
Now when I bought it I thought it was kinda wierd...it was in like a crayola theme and had lots of kids games on it and stuff, but the guy I got it from said it was his kids. So I am about to format it, since it was full of junk and the little 2 gig hd was filled, when all of a sudden what do i discover but a c:\private\ dir!!!
So...as any good person does I formatted without looking at it. *cough*
Turns out daddy had a gay pron fetish!
After being disgusted by this, especially since it was on his KIDS computer, I formatted and lived happily ever after.
Now, if someone was to buy the laptop from me they would find plenty of straight pron on it!!!
(and i just might leave it there as a little present)
[I can picture a world without war, without hate. I can picture us attacking that world, because they'd never expect it]
I'm seriously considering blocking CmdrTaco from the list of people whose stories I see. If you look back over the list of duplicates, nearly all of them are Taco's.
Psssst, Taco. A hint for ya: just because you started the site doesn't absolve you of the duty of looking at it once in a while. Say, before you click "Submit."
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
I see duplicates. They're everywhere - they don't even know they're duplicates...
-Adam
Some MIT kid in the future is going to stumble across the Slashdot hard drives and go "God Damn they posted Duplicates alot."
Wrong! I stumbled across one of Taco's old drives on Ebay. Slashdot wasn't bookmarked or in the cache. Explains a lot.
I've come across quite a few older drives in machines that hadn't been cleaned out. One was an ancient Mac II which used to be used as a webserver, but was removed from that job in 1995, and had sat in a basement getting rustier and rustier. It was given to me in horrific condition, and the motherboard/PSU was toast, almost like it was washed through with saltwater. The HD looked a little better, and on firing it up in another machine, it clattered noisily, but still read most of the drive - on there was the website, last accessed 8 years ago. I copied that all off and archived it just because it was cool.
:).
:).
Oddly, the website nowadays isn't all that different
Another belonged to a rather fascinating lady who seemed to use her computer from 1994 when it was new, until 2002 when I came across it from an ebay sale. All of her writing (some published, some not), drafts, her academic work, and her photography was on there. She did quite a few nudes and not only had published work, but every photo taken in between used to create those images. Slightly giggleworthy, but really just rather tasteful nude photos.
One other I was given, a compaq 486, belonged to an organiser of some of the behind the scenes work for the Sydney Olympics - it had names, addresses and phone numbers of dozens of celebrities, politicians, and anyone involved in the marketing pre-games, along with correspondence to those people. A fun read but kind of boring - I didn't keep the addresses either.
The biggest coincidence I came across was ordering a computer from ebay, from a town about 800km from me. it came to me with a HD full of various word documents - what a surprise to find it had originally been used as a wordprocessing machine in the same building I work in, and several years before. It came home
Nothing amazingly exciting, just a few curious little moments.
Check out the photoshop that's going on over at Fark: unlikely Slashdot articles.
Please! If a story is a dupe, so what? Here's a thought. Don't read it. Don't even comment. Don't even "just say no". (OK, so that was several thoughts ;-)
Get outside, breathe the fresh air, and quit trying to come up with clever quotes that express your angst over a duplicate/semi-duplicate story.</RANT>
SET MODE KarmaTracking=ON
SET MODE ModeratorSuckup=ON
The preceding comment has been reviewed and declared to be compliant with HIPPA Phase II regulations.
1.) All right allready! We now have established beyond a shadow of a doubt that yes, a similar story was posted earlier this week.
2.) It amuses me that people seem to think that /. editors have so much time on their hands that all they have to do all day is read headline and forum posts. That's what moderators and metamoderators are for, and they may not catch every story that comes down the pike.
3.) Perhaps the most enjoyable "data mining" find on an old hard drive for me was over 1000 songs in MP3 format. After deleting the ones that I didn't like, there were still nearly 950 of them. They now make up the bulk of my music library.
I have no tag line
I find it most interesting at places where lots of computers are hooked up to a network, like at a college dorm. It's amazing the clueless dolts that share their entire harddrive over the network. You can learn a lot by browsing someone's internet cache. Also, since Windows seems to share My Documents by default, you can read people's homework (usually boring as hell though). About the most interesting was the person sharing all of their instant messaging chat logs. Lets just say that person got around a lot... The only thing is that you have to be careful, these people who are that clueless usually have a ton of virii, so don't click on goatse.ch.vbs!
I know you don't care, but I was changing out a certain head priest's hard drive for a Catholic organization(Something to do with a Little Flower) in Chicago, and I was moving his documents and found a folder that was holding a few letters to an S&M house down in Springfield saying that he wanted some services and he was a single salesmen from Milwaukee...well he got the single part right.
Not to make this too long, but the funny part is they got pretty explicate about what he was wanting, and when I asked him if he wanted me to scratch and reinstall windows on the hard drive before I moved it over to the convent where the head Mother was going to be using it, he told me no, and I just went and installed it on here desk....God only knows how that went over?
while cat garbage garbage ; do true ; done | dd bs=100k of=/dev/hdaX
You could put it on a floppy Linux distribution and sell it to windows users who want to wipe their disks .. $20 a pop!
(or better yet -- a bootable CD business card so you could include the source).
Just don't let your 5 year old nephew get hold of it -- or else!
OS Software is like love: The best way to make it grow is to give it away.
Every other poster has managed to stay within the confines of this discussion, which is clearly about Duplicate stories being posted to Slashdot.
I don't think it's fair to them, or the rest of the readers, if this post doesn't get modded down to -1 Offtopic.
"Tuesday 8th of February 1997, Tony is pissing me off today, he's already taken 4 coffee breaks, sticking me with the rest of the work, note to self report to boss. Julie is looking rather sexy today, comment to her at lunch about lovely blouse."
It got spicy here and there and read like a badly written journal, still it was great to read about the daily intricate moments that one of my ex collegues had felt.
Think of it as an opportunity for even the dimmest of slashdotters to appear funny - go grabbing the funniest comments from the original story! For example:
"Luckily for me, my Ebay'd hard drives are safe: I only sell broken ones."
"Two MIT grad students bought used drives from eBay and secondhand computer stores.
Don't I feel inferior. I've done the same with used HD's in the past and I only have a HS edumacation."
"Your old HD is safe, I can get creditcard numbers faster on kazaa."
"Was it Pete Townshend's drive?"
"How do I destroy a HD? I just wait for my warranty to run out - it becomes unreadable shortly thereafter!"
One time when I came home from work, there was a PC by the dumpster at our apartment complex. I brought it in to harvest it for parts (never can have enough screws), and i decided to boot it up first to see what it was. Low end pentium, like a 75mhz. 8megs of ram. Ran DOS and Win 3.11.
Turned out the machine used to be a Kiosk machine at a deli counter at a local grocery store. There wasnt TOO much of interest on it, but there was a huge list of peoples meat and cheese orders.
Slashdot ought to implement a dupe filtering system along the lines of the following: People indicate in their prefs whether or not they want to see dups (for the extra discussion). When a dupe is posted and an editor later recognizes it as a dupe, the editor flags it as a dupe and it no longer shows up on the pages of people who have asked not to see dupes.
Knowing this could cause legal trouble, I quickly got on the phone and called the hospital. They said that they thought the system was clean, and that I should destroy any data on the drive. I then called my lawyer. After a small consulting fee (about $60) he informed me that I shouldn't have anything to worry about, so long as I did as the hospital asked, and destroyed all copies of the records. And I did, and that was the first time I ever felt good about losing data!
(Posting anonymously, in case any other slashdotters get any funny ideas... :)
in a dumpster.
A friend went back to claim them, this is what he ended up with:
2 HP Server class machines PIII 450Mhz good working condition once the cigarette ashes were removed.
1 DLT Tape backup
19 New tapes in wrapper and cleaning kit
Cables and other accessories.
The machines were used by a financial company. Everything worked and booted up. NT server loaded and ready....
We shut them down and wiped everything. Pretty scary actually, who knows what was on those machines!
Blogging because I can...
Modest doubt is called the beacon of the wise. - William Shakespeare
This story is part of a striped disk array, which is why its content looks similar, but not identical, to the other stripe, which was discovered a week ago.
That said, experts would tell you that the only reliable way to make sure sensitive data doesn't get out is to thermite your drive.
Also, what's the one-line unix command (running MacOS X here).
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
1. Are you Tony? How many coffee breaks have you had today?
2. Got any nice pictures of Julie?
"A terrorist is someone who has a bomb but doesn't have an air force." -William Blum
15:08 21 January 03
At a worldwide conference held in Atlanta, GA, leading scientists and publishers agreed on a new measurement unit to describe the common phenomenon of news stories getting published repeatedly on internet news sites.
1 Taco = 3 dpm (dupes per minute)
After a lengthy discussion we eventually agreed to name the new unit after "CmdrTaco", founder of the famous web site Slashdot. We are really happy now, this has been bothering us since the beginning of the internet. said Sag. S. Nochmal, German publisher and chairman of the convention.
"CmdrTaco" himself was unavailable for comment. He was last seen yelling "Eternal fame" and "must write automatic re-post script now."
There are fewer illiterates than people who can't read.
Secure Harddisk Eraser is a Linux floppy that overwrites the HD several times with different patterns. Just boot from the floppy, wait 60 seconds and the harddisk will start to erase.
The homepage
Oh yes, I've posted on this before, but that doesn't seem to matter...
Any sufficiently advanced libertarian utopia is indistinguishable from government.
Back in the late 90's, when I was still doing PC service work for folks, I had a pretty wild experience in terms of recovery. I ran into this cab driver at CompUSA who was in the process of picking up a whole bunch of power cords and other basic accessories. We got to talking, and he said he was new to computers, and had just gotten a whole bunch of hardware from the local swap meet.
We talked a while longer, and he ended up agreeing to pay my hourly rate to look the machines over, clean them up, and wipe the drives so he could use 'em. What he had was a full-tower Pentium 166 (big stuff back then), and a smaller external drive that had a security key lock on it.
So, I vacuum the system's guts (had a ton of dust-bunnies in there), reseat the memory, and fire it up. It boots into Win95. First thing I notice is a TON of very high-end graphics-manipulation and publishing software installed, including packages like Adobe PageMaker, a full version of Acrobat, PhotoShop, etc. There was also the (then) current version of Visual Basic and Visual C (both Enterprise-class editions).
This set off some alarm bells in my head. The combined software on that system was worth at least as much as the hardware. I started digging a bit deeper. I found a couple of Word documents (yes, the system had a full version of MS Office and MS Exchange on it as well) with the name of a graphics-and-advertising company barely 30 miles away.
I called said company, and got hold of the admin assistant for the programmer who's name was all over the system. Turns out that the entirety of what that cabbie had delivered to me had all been stolen in a burglary the same day it showed up at the swap meet!
You can probably guess the rest. The cabbie, once he learned what was going on, and not wanting any trouble with the King County Sheriffs, agreed to just leave the equipment with me in return for anonymity. The system, as it turned out, belonged to one of their senior developer/programmers who, along with their system, had lost about seven years worth of intense work.
The company involved was so delighted to get everything back intact (yep, every byte of that work was recovered) that they not only paid me for my time involved in cleaning the stuff up, but they also gave me a $50.00 certificate for one of the best restaurants in town. My wife and I had a nice dinner with that one.
The moral of the story: Pay VERY close attention to what may be left on any hard drive or system you get, and follow your instincts if you're the least bit suspicious! You could end up saving someone a ton of grief and lost hours.
Bruce Lane, KC7GR,
Blue Feather Technologies
True story: some years back my wife was doing web design for various clients, one of whom had a graphic artist on staff, who gave her a Mac 100M Zip disk that supposedly had some nice artwork on it for my wife to put on the client's web site.
But the disk appeared to be completely empty, so my wife gave it to me to try to recover the missing files.
No problem under Linux...I recovered a full 100 megabytes of files...but they were all kinky porn!!!
We decided to let the guy off easy and didn't tell his employers what he was doing with company computers and media, but my wife was always a bit leery of working with that guy after that.
(Yes, I did of course save the more, ah, artistic images for, um, later personal, uh, research. ;-)
This kind of amusing leftovers on media is probably extremely common, but most people don't have any motivation to pry around into deleted files. As I recall, this particular disk just had a bit of file system damage that made it appear empty at first, rather than literally having deleted files, so file system repair was enough to get all of the originals back.
Professional Wild-Eyed Visionary
Whenever a PC changed hands, the IT folks did a complete 100% wipe on the hard drive before installing an image, but not before scanning the drive for security violations. I don't know what their disposition policy was, but it's a safe bet that dead media was definitely not going to be recovered.
Eternity: will that be smoking, or non-smoking? I Corinthians 6:9-10
...wiping the free space on a drive is built into the OS.
/w:[path]
cipher
where [path]= any location on the drive in question.
This tool doesn't delete files that are present, but simply clears space already marked as "empty". It was included to augment the functionality of EFS. If you encrypt a file, you don't want vestiges of the file from before you encrypted it lingering.
"My God, this must be a truly remarkable corn chip, to be so widely and confidently touted."