Not-So-Clean Hard Drives For Sale

Saeed al-Sahaf writes "The Register is running a story about a security consulting company that as part of a study bought hard drives and laptops on eBay, and then was able to recover highly sensitive data including customer databases, financial information, payroll records, personnel details, login codes, and admin passwords for their secure Intranet site. This is a bit scary considering all of these drives were supposedly formatted and sold for surplus by major companies (although few of us actually use the multiple formatting standards of the DoD). Looks like it's hardly necessary for crooks to get at your private information, although I sure industrial espionage spooks have probably done this for awhile." Shades of the recent post about recovering sensitive contents from swap partitions.

DUPE!

[LostCluster]

Stop, timothy... we've heard this joke before. In fact, you seem to post this same story every nine months or so.

Circa September 2003... nine months ago.
Circa January 2003... eighteen months ago.

Then again, we've been talking about this problem for a year and a half, yet there still are people stupid enough to be selling HDs with readable data that should be kept secret on them without doing DOD-level formatting.

Deconstructing a HD...

- Get a Torx screwdriver set from your local hardware store.

- Open the hd. Save the cool looking screws.

- Turn the platters into coasters.

- Just make sure you don't hurt yourself when playing with the magnets.

Hard drive erasing HOWTO

[infolib]

What they should have used: Secure Harddisk Eraser

The Secure harddisk eraser is a Linux boot floppy that overwrites your drive with random bits. Comes in a 3-pass and a 35-pass version. Insert, boot, wait for beep. Free as in GPL.

Eraser (GPL)

[KrisHolland]

That is only gratis software, so you really don't know how well it works, if at all.

A better choice is Eraser, it is GPLed.

http://sourceforge.net/projects/eraser/

You can also make a nuke boot disk with this program that automatically starts erasing everything upon start up. Don't forget to clearly label it ;).

Re:Low level it.

[kistral]

No, because these days you're not supposed to do the low-level formatting yourself. That's done by the manufacturer.

Re:Low level it.

[Mycroft_VIII]

Well that depends on what you mean by 'low level format'.
Re-formatting ata hard drives at a truly low level can mess the disk organisation in ways that seriously degrade performance.
If your referring to a 'full' format with does more than the 'quick' format that mearly marks the drive as empty, well it's easy, and of very little use in this case.
Simply writing zeros to every location on the hard drive that stores data doesn't completely erase the data. That is the magnetic field of the bits are not set at exactly '0'. Slight variations in the magnetic material, write head field strength, and positioning all contribute to increase the odds of data being recoverable.
One way to improve your odds is to repeatedly write a series of 1's and 0's to a location to help average out these variables as well as use the hysteresis(sp?) effect to 'degause' the location, this is what 'shredder' programs do (the ones that aren't crap).
Some programs even go so far as to not simply write 11111111 then 00000000 over and over to the same byte, but to use other patterns so that the fields of niegboring bits add to the deguas effect in destroying the data.
At one time (and probably to this day) the US DOD specs used to require a certain number of passes of 0 and 1 bits followed by the writing of a specific bit pattern before a hard drive was considered to have been properly erased.
And yes each pass does put a little wear and tear on the drive, not enough to worry about unless your 'shredding' the drive quite a few times, but still worth noting.
The number of passes used and what if any special patterns are used determine the amount of effort it would take to recover the data, kind of like key length in cryptography. Adjust paranoi settings apropriately. (note: the anology is imperfect as hell, 1024 might be a mediocre key length, but thats enough shred passes to noticeably shorten drive lifespan.)

Mycroft

Re:Low level it.

[mwilliamson]

There is a good program called DBAN available from dban.sourceforge.net which is linux-based boot disk that does a good job overwriting to at least one of the DoD specs.

Darik's Boot 'n' nuke

[Neo-Rio-101]

Darik's floppy disk sized mini-Linux-onepurpose-distro is what I use to surgically clean hard disks.
Click here

The floppy disk I created is red and I went so far as to draw a skull and crossbones on it, knowing full well what booting this thing does to a PC. A disk like this is an essential little tool to any geek's arsenal.... alongside Knoppix and tomsrtbt.

The only thing is it takes HOURS to DoD wipe a hard disk. It took 15 hours for me to fully DoD a 40GB drive.

Re:Low level it.

[TexasDex]

Information recovery tools work by subtracting the current pattern of bits from the magnetic reading that the drive outputs. The previous bit pattern generally masks any small variation in the signal, but when that is subtracted from the signal you get a clear pattern of what the old data was. Then you can repeat the trick for a total up to 6 times. Beyond that, the basic noise in the system and the uncertainty of the signal strength makes it impossible to determine the bit pattern.

For this reason, I believe the DOD reccomends writing random data to the disk 7 times, to guarentee that it is destroyed.

Remember, however, that any overwriting makes it impossible to recover data except by special means far beyond that of a normal file recovery program. Tools that recover data after it has been overwritten are not easy to make, and I'm not even sure that they would run on computer hardware. It's possible that such recovery would require special ATA firmware, or even replacing the hard disk firmware.

I'm not an expert, but that is what I've been able to grok from casual reading on the subjectt.

Re:Active KillDisk

[whereiswaldo]

Read the entire paragraph quoted from the article:

Data overwritten once or twice may be recovered by subtracting what is expected to be read from a storage location from what is actually read. Data which is overwritten an arbitrarily large number of times can still be recovered provided that the new data isn't written to the same location as the original data (for magnetic media), or that the recovery attempt is carried out fairly soon after the new data was written (for RAM). For this reason it is effectively impossible to sanitise storage locations by simple overwriting them, no matter how many overwrite passes are made or what data patterns are written. However by using the relatively simple methods presented in this paper the task of an attacker can be made significantly more difficult, if not prohibitively expensive.

So it sounds like if you are overwriting your data in the exact same physical location which it currently exists, it should be possible to make the original copy unrecoverable given enough overwrites.

Re:Low level it.

[Artifakt]

A few years ago, DoD spec for erasing info classifed "Confidential" was a minimum of seven passes with varying strings of 1's and 0's. DoD "erasure" for a drive that has held "Secret" data involved opening the case and applying a power sander to each surface until ALL the magnetic media has been sanded off, or in a combat situation where the destroying authority was prepared to sign that time was absolutely critical, thermite or white phosporous grenades. I don't remember offhand what the spec was for Top-Secret, as I never had to know that one.

Re:what we do

Just running one drill hole into a disk will not render it totally unreadable, it just means it won't work in a standard PC. You can still retrieve the information off off it if you have the know how. Just depends on how valuable this info is.
For disks sued for defence at level secret and above we used to scrub it, place it on a runway and run over it with a tank!! Then dispose of it in a secure landfill site.