Slashdot Mirror
Not-So-Clean Hard Drives For Sale
Saeed al-Sahaf writes "The Register is running a story about a security consulting company that as part of a study bought hard drives and laptops on eBay, and then was able to recover highly sensitive data including customer databases, financial information, payroll records, personnel details, login codes, and admin passwords for their secure Intranet site. This is a bit scary considering all of these drives were supposedly formatted and sold for surplus by major companies (although few of us actually use the multiple formatting standards of the DoD). Looks like it's hardly necessary for crooks to get at your private information, although I sure industrial espionage spooks have probably done this for awhile." Shades of the recent post about recovering sensitive contents from swap partitions.
http://www.killdisk.com/eraser.htm
Its worth its weight in gold.
Is the juice worth the sqeeze?
Stop, timothy... we've heard this joke before. In fact, you seem to post this same story every nine months or so.
Circa September 2003... nine months ago.
Circa January 2003... eighteen months ago.
Then again, we've been talking about this problem for a year and a half, yet there still are people stupid enough to be selling HDs with readable data that should be kept secret on them without doing DOD-level formatting.
- Get a Torx screwdriver set from your local hardware store.
- Open the hd. Save the cool looking screws.
- Turn the platters into coasters.
- Just make sure you don't hurt yourself when playing with the magnets.
Perhaps advice for anyone planning to let go of a hard drive:
Use the shred utility, with a good number of iterations (25 sounds good). Go to the root directory and issue
shred -n 25 -u -v *
Then when you're done with that, low level format the drive using a disk utility such as the ones that come with Maxtors and Western Digital drives.
$cat
What they should have used: Secure Harddisk Eraser
The Secure harddisk eraser is a Linux boot floppy that overwrites your drive with random bits. Comes in a 3-pass and a 35-pass version. Insert, boot, wait for beep. Free as in GPL.
Any sufficiently advanced libertarian utopia is indistinguishable from government.
That is only gratis software, so you really don't know how well it works, if at all.
A better choice is Eraser, it is GPLed.
http://sourceforge.net/projects/eraser/
You can also make a nuke boot disk with this program that automatically starts erasing everything upon start up. Don't forget to clearly label it ;).
3dinfo@maficstudios.com
No, because these days you're not supposed to do the low-level formatting yourself. That's done by the manufacturer.
Well that depends on what you mean by 'low level format'.
Re-formatting ata hard drives at a truly low level can mess the disk organisation in ways that seriously degrade performance.
If your referring to a 'full' format with does more than the 'quick' format that mearly marks the drive as empty, well it's easy, and of very little use in this case.
Simply writing zeros to every location on the hard drive that stores data doesn't completely erase the data. That is the magnetic field of the bits are not set at exactly '0'. Slight variations in the magnetic material, write head field strength, and positioning all contribute to increase the odds of data being recoverable.
One way to improve your odds is to repeatedly write a series of 1's and 0's to a location to help average out these variables as well as use the hysteresis(sp?) effect to 'degause' the location, this is what 'shredder' programs do (the ones that aren't crap).
Some programs even go so far as to not simply write 11111111 then 00000000 over and over to the same byte, but to use other patterns so that the fields of niegboring bits add to the deguas effect in destroying the data.
At one time (and probably to this day) the US DOD specs used to require a certain number of passes of 0 and 1 bits followed by the writing of a specific bit pattern before a hard drive was considered to have been properly erased.
And yes each pass does put a little wear and tear on the drive, not enough to worry about unless your 'shredding' the drive quite a few times, but still worth noting.
The number of passes used and what if any special patterns are used determine the amount of effort it would take to recover the data, kind of like key length in cryptography. Adjust paranoi settings apropriately. (note: the anology is imperfect as hell, 1024 might be a mediocre key length, but thats enough shred passes to noticeably shorten drive lifespan.)
Mycroft
https://signup.leagueoflegends.com/?ref=4c3ed6600b6ea
There is a good program called DBAN available from dban.sourceforge.net which is linux-based boot disk that does a good job overwriting to at least one of the DoD specs.
Properly shredding data on disk requires writing known values that also set the ECC bits to all possible values. That requires knowledge of the ECC being used on the disk. Many disk scrubbers actually write so many known vlues because they are attempting to catch all of the common ECCs.
Click here
The floppy disk I created is red and I went so far as to draw a skull and crossbones on it, knowing full well what booting this thing does to a PC. A disk like this is an essential little tool to any geek's arsenal.... alongside Knoppix and tomsrtbt.
The only thing is it takes HOURS to DoD wipe a hard disk. It took 15 hours for me to fully DoD a 40GB drive.
READY.
PRINT ""+-0
For this reason, I believe the DOD reccomends writing random data to the disk 7 times, to guarentee that it is destroyed.
Remember, however, that any overwriting makes it impossible to recover data except by special means far beyond that of a normal file recovery program. Tools that recover data after it has been overwritten are not easy to make, and I'm not even sure that they would run on computer hardware. It's possible that such recovery would require special ATA firmware, or even replacing the hard disk firmware.
I'm not an expert, but that is what I've been able to grok from casual reading on the subjectt.
The Cheese Stands Alone.
A few years ago, DoD spec for erasing info classifed "Confidential" was a minimum of seven passes with varying strings of 1's and 0's. DoD "erasure" for a drive that has held "Secret" data involved opening the case and applying a power sander to each surface until ALL the magnetic media has been sanded off, or in a combat situation where the destroying authority was prepared to sign that time was absolutely critical, thermite or white phosporous grenades. I don't remember offhand what the spec was for Top-Secret, as I never had to know that one.
Who is John Cabal?
Diabetes, either type, cannot be spread to another person by blood contact.
...
The British Army decommision hard drives using an angle grinder. The US use thermite.
That said, for most purposes programs like Eraser will make data recovery so expensive and ineffective that for the data most of us have, nobody will bother. In fact, that's probably true even of less effective measures such as "dd if=/dev/zero of=/dev/hdb".
Xenu loves you!
Just running one drill hole into a disk will not render it totally unreadable, it just means it won't work in a standard PC. You can still retrieve the information off off it if you have the know how. Just depends on how valuable this info is.
For disks sued for defence at level secret and above we used to scrub it, place it on a runway and run over it with a tank!! Then dispose of it in a secure landfill site.