Slashdot Mirror
'Destroyed' Hard Drive Found At Flea Market
Billosaur writes "From Yahoo News comes this tidbit about a couple who got a very shocking phone call. Henry and Roma Gerbus received a phone call from a man named Ed claiming he had purchased their old hard drive at a flea market. They had previously taken their computer to Best Buy to have the hard drive replaced and were told that the store would destroy it. Now it has turned up at a flea market, still containing their personal information, such as bank account numbers and Social Security numbers. The Gerbus' are a little perplexed and are very worried about identity theft."
Memo to store managers throughout the country: "Rotate a new batch of minimum-wage slaves into all positions, which demand technical skills and adherence to moral and ethical code, post haste!"
Gad! Whatever could motivate people who are compensated so well to scrap computers and sell parts at a flea market? I shall have to dwell further upon this great paradox this weekend at my summer cottage in the Hamptons.
A feeling of having made the same mistake before: Deja Foobar
Why do people try to do physical things to "destroy" magnetic media?
Ideally one should do both. If the data is really that important, write ones and zeroes over it, take the drive out, and physically mutilate it (with a sledgehammer, industrial shredder, slag-pool-at-the-end-of-Terminator-2, et cetera). With the right forensic tools, those with a lot of resources could still theoretically recover some data from a magnetically wiped or improperly degaussed drive. Same with one that's been broken into 20 small pieces with a sledgehammer. But probably not both.
Here's the problem: A low paid employee, rather than drill holes in a drive, took it home and sold it off at a flea market. It's a small object of possibly (depending upon contents) very great value.
Where are the controls to prevent such action taking place? Consider the bank teller -- not likely a very highly paid employee, yet thousands of dollars in coin and currency pass through their hands every day. Banks have worked out procedures to ensure their employees remain honest, whether balancing their drawers, surveillance cameras, or limiting how much they may hold in at their station at any given time (i.e. if Bill Gates walks in with a suitcase full of money, the teller must turn the large deposit over to a bank officer.)
Clearly as things of great risk assume different (smaller) dimensions people in charge have not adapted their procedures. This is a failure of Best Buy at the corporate level, not just some store. They need these items to be handled with full accountability.
A feeling of having made the same mistake before: Deja Foobar
I send back, on average, one drive every few months under warranty. Most times the drives have failed so I can't even low-level format it. I've always wondered what happens to these drives. Are they destroyed? Re-used? As drives get bigger and more and more files are placed on them, it's not surprising that people may *think* the drives are clean when they are not. And I know it's easy to blame the folks for letting the drive out of their possession, but think about it: they were told it was to be destroyed; people put files on their drives (that's what they're for); if the store offered to "dispose" of their old PC (many places do this), there's a reasonable expectation (especially if they're told) that their data would be destroyed, if not the hardware.
As a former BestBuy/GeekSquad employee I can tell you that the company procedure was: 1.) Drill holes in hard drive. 2.) Send Computer to Best Buy Service Center to be discarded. When a customer would bring a computer in to be recycled I would open the cover with them standing there. I'd remove the hard drive and take a drill and put multiple 1/4 inch holes through the hard drive. I'd have the customer watch me do this and drill until they were happy. After that I would put the hard drive back into the computer and send it to a service center. 90% of your GeekSquad/BestBuy Employees have no idea what they are doing. They are also only getting paid $10 / hr. Don't expect much. There are one or two in each store that generally know more then you'd expect. But they are also only getting paid $10 / hr. If you want great service, It helps to have boobs. I'm not joking.
I've never sold off or threw out or RMAed any of my hard drives. I give them a few good software whipes and use as paperweights or get an external case and there's another backup drive.
HDDs are around 50 cents or less per GB. Except those people who do their hardware shopping at BestBuy and arn't reading this.
If you really have to get it replaced look for someone who will let you keep the platters and just send back some of it. If they exist, have to keep the "refurbished" industry in business.
F7 doesn't work, ignore spelling and grammar
If I have a disk with a bad bearing or head crash, I have to send the drive back intact to claim my warranty and so I'm trusting my data to someone else. At work thats a violation of our security policy so we don't ever send disks back unless we are very sure what data was on it which effectively means drives that died within a few hours of being installed in a machine.
What needs to happen is the S.M.A.R.T. software on the drive needs to be a bit smarter and allow the diagnostics tools to coordinate with the manufacturers web site so that the company is sure the disk is in fact defective and they know the cause. If they determine that they don't want the disk back anyway, then let the consumer dispose of it. If they can repair the disk, then its most likely not an internal problem so if its repairable, the data should still be on it when it gets back.
Several years ago, the small company worked for used a local mom & pop outfit to buy & repair the office computers. This particular shop made a point of offering "great deals" on refurbished and used equipment. Of course we bought only the best, all-new PCs from them...
Well, one cow-orker's HDD failed, and the aforementioned computer shop swapped it out for a new one. A little while later, we got a new employee in and ordered a new PC for him. When the "new" PC's C: drive was examined, it turned out to still have the first cow-orker's data on it!
I don't know which was worse, the fact that sensitive company data had been potentially exposed, or the fact that they sold us a used, known-bad hard drive as new?!
I actually used to work for the geeksquad and there was a lot of problems there, so I will list them. 1. Employees took parts from computers we threw out home, including hard drives, and the managers really didn't care. 2. Employees copied customers files from their computers onto the store computers (aka, found porn on the customers computers, often of customers or of the people they knew and kept it). 3. Employees often didn't fix problems completely because they thought it was too much work. 4. And to top it off, I often found managers browsing through the files that the employees kept and thought it was the coolest thing in the world.
It's never to late to start the day over...