Slashdot Mirror
'Destroyed' Hard Drive Found At Flea Market
Billosaur writes "From Yahoo News comes this tidbit about a couple who got a very shocking phone call. Henry and Roma Gerbus received a phone call from a man named Ed claiming he had purchased their old hard drive at a flea market. They had previously taken their computer to Best Buy to have the hard drive replaced and were told that the store would destroy it. Now it has turned up at a flea market, still containing their personal information, such as bank account numbers and Social Security numbers. The Gerbus' are a little perplexed and are very worried about identity theft."
Memo to store managers throughout the country: "Rotate a new batch of minimum-wage slaves into all positions, which demand technical skills and adherence to moral and ethical code, post haste!"
Gad! Whatever could motivate people who are compensated so well to scrap computers and sell parts at a flea market? I shall have to dwell further upon this great paradox this weekend at my summer cottage in the Hamptons.
A feeling of having made the same mistake before: Deja Foobar
Anyone that is taking a PC to Best Buy for a HDD replacement is probably sending money to Prince Abul Smith of Nigeria anyways.
If the information on the hard drive was so sensitive, why didn't the couple destroy it themselves? Even if Best Buy did destroy it, an employee would have had access to it anyway before its destruction. That's a security risk either way.
Help kill corporate productivity!
Tax records? Personal finance records?
A feeling of having made the same mistake before: Deja Foobar
Someone who has electronic account statements from their bank and/or brokerage.
Mea navis aericumbens anguillis abundat
If you want something wiped correctly, smash it yourself.
Even if Best Buy assured me they would destroy it, I would still grab a couple utilities to write nonsense bits onto the entire drive several times.
Of course, my biggest question is who is silly enough to throw out working storage space? My inner packrat insists that precious Gigabytes should coveted.
If this signature is witty enough, maybe somebody will like me.
I had, but luckily it got mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw'd.
Why would you pay a store to destroy something like a hard drive? Destroying it *yourself* is clearly way more fun.
The theory of relativity doesn't work right in Arkansas.
...do it yourself.
-Arthur
Cave ne ante ullas catapultas ambules
"I'm not leaving myself open to identity theft," said Gerbus.
Quick! Close the barn door! The horse has bolted!
If the drive was being destroyed the store had no reason not to hand it over. He should have asked for it, or at the very least asked to be present at it's destruction.
These posts express my own personal views, not those of my employer
Isn't it just great when your comppetition fucks themselves for you, saves so much on PR.
-Tim Louden
Why do people try to do physical things to "destroy" magnetic media?
Ideally one should do both. If the data is really that important, write ones and zeroes over it, take the drive out, and physically mutilate it (with a sledgehammer, industrial shredder, slag-pool-at-the-end-of-Terminator-2, et cetera). With the right forensic tools, those with a lot of resources could still theoretically recover some data from a magnetically wiped or improperly degaussed drive. Same with one that's been broken into 20 small pieces with a sledgehammer. But probably not both.
Ahhhh now this is by far the dumbest comment I have heard. Is he joking? Or does he not know that personal computers as well as business computers are used to assist users in managing things like oh ... taxes, perform banking, store financial records, act as an archive for scanned documents, so on and so forth.
... does this person think computers are used purely for playing games and watching a blue and red bar move as you defrag a hard drive? Or maybe people play games with folders to see how straight they can make the icons?
Or
In my world, computers are used for far more than entertainment, toys and gimmicks. It is a way for people to manage their day to day lives, simplify complex tasks or just act as a way to get away from a paper based society. Well, they can play games just as easy too, but you get the point.
Hard drives are often a wealth of private information and it is up to the person disposing of it to ensure that it cannot be read.
And to the people getting ready to reply with "well that is the problem with computers" or "never keep personal information on a HD". It is akin to countless people (yes there are many) throwing documents like credit card bills or ANY paper information with private information in the trash. Ultimately it is up to the person to ensure he/she SHREDS the documents FIRST before trashing. This is no different than electronic media.
I'd say they don't suck at attempting to sell extended warranties on everything.
Word of advice to anyone who doesn't do hardware themselves:
If your HDD craters and the system doesn't recognize it as a boot disk and you can't reinstall your OS on the drive, take a magnet to it before you EVER hand it over to anyone/throw it away. If it has even a shred of personal information (which today, they all do) you need to give it a ride on the magical magnet train. It takes literally two seconds. There's nothing wrong with a little healthy paranoia.
And here's another piece of advice: Find someone you know who's good with hardware. If you have hardware acting funny or generally dying on you, talk to them FIRST. Tell them you'll owe them a favor, offer to buy them a rack of beers, whatever the hell you have to do to keep it out of some commerical enterprise. This is what friends are for. If you don't have a friend who has this kind of knowledge... You must be Amish. To which I say, wtf are you doing with a computer anyway.
TLF
I do not respond to cowards. Especially anonymous ones.
isn't so much with the people who unwittingly failed to be uber-1337 and erase and zero-fill and nonsense-fill their hard drive. They are non-technical people, its wrong to expect them to be able to predict this sort of occurence because they arent as paranoid (mostly because they dont know what could happen).
So yeah, they dont know what they are doing. But the situation still shouldnt have occurred because frankly, best buy should do better than that. And if its not the companies failing but instead an individual, then they should know better than that. I know its fairly proselytizing to say that out of the three entities involved, two are wrong and one is right, but look at the relationship.
The people going to the store are paying for a service, they obviously cant or dont want to perform the task themselves, therefore they pay. In return the company has a responsiblity(?) or at least a vested interest in providing them with the service they have come for. Which in this case should have included (at the very least) some sort of fill.
The other possiblity of course is that someone dumpster dived the drive out of best-buy's trash. In which case, its still Best Buy's fault for not clearing the drive.
Can't we all just get along
Here's the problem: A low paid employee, rather than drill holes in a drive, took it home and sold it off at a flea market. It's a small object of possibly (depending upon contents) very great value.
Where are the controls to prevent such action taking place? Consider the bank teller -- not likely a very highly paid employee, yet thousands of dollars in coin and currency pass through their hands every day. Banks have worked out procedures to ensure their employees remain honest, whether balancing their drawers, surveillance cameras, or limiting how much they may hold in at their station at any given time (i.e. if Bill Gates walks in with a suitcase full of money, the teller must turn the large deposit over to a bank officer.)
Clearly as things of great risk assume different (smaller) dimensions people in charge have not adapted their procedures. This is a failure of Best Buy at the corporate level, not just some store. They need these items to be handled with full accountability.
A feeling of having made the same mistake before: Deja Foobar
DBAN, Darik's Boot And Nuke. Glancing over the list it has all eh same features of the "pro" one and doesn't cost a dime. Is even OSS, if that kind of thing makes a difference to you.
http://dban.sourceforge.net/
I send back, on average, one drive every few months under warranty. Most times the drives have failed so I can't even low-level format it. I've always wondered what happens to these drives. Are they destroyed? Re-used? As drives get bigger and more and more files are placed on them, it's not surprising that people may *think* the drives are clean when they are not. And I know it's easy to blame the folks for letting the drive out of their possession, but think about it: they were told it was to be destroyed; people put files on their drives (that's what they're for); if the store offered to "dispose" of their old PC (many places do this), there's a reasonable expectation (especially if they're told) that their data would be destroyed, if not the hardware.
That's true, and it appears that the couple not only did not have the decency to thank him for his deed but on top of that it appears that they suspect him. The article or they themselves presented it as if the guy is under suspicion for blackmail!
Yet they should be worried because most likely where accessed by the crooks that sold the disk to the good samaritan.
As a former BestBuy/GeekSquad employee I can tell you that the company procedure was: 1.) Drill holes in hard drive. 2.) Send Computer to Best Buy Service Center to be discarded. When a customer would bring a computer in to be recycled I would open the cover with them standing there. I'd remove the hard drive and take a drill and put multiple 1/4 inch holes through the hard drive. I'd have the customer watch me do this and drill until they were happy. After that I would put the hard drive back into the computer and send it to a service center. 90% of your GeekSquad/BestBuy Employees have no idea what they are doing. They are also only getting paid $10 / hr. Don't expect much. There are one or two in each store that generally know more then you'd expect. But they are also only getting paid $10 / hr. If you want great service, It helps to have boobs. I'm not joking.
I do not think this is the couple's fault at all. Best Buy supposedly was serviced to erase/destroy the hard drive. In a perfect world, people would take care of destroying their own data. Apparently, in this case, the couple seemingly didn't know how, so they hired Best Buy to take care of this - which is (usually) the next most responsible choice.
excpet Best Buy TOLD them it was destroyed. That's the crux of this issue.
If a gargae mechanic tells you the installed new valves, do you take the engine apart to be sure they're not lying?
The Kruger Dunning explains most post on
I just find it pretty shocking that Best Buy doesn't seem to have any set policy regarding handling of sensitive data.
I work for a small non-profit that refurbishes used computers for re-use, and we wipe every hard drive with an 11-pass system. (Probably overkill, DoD specifies just 7). Every volunteer who works on the computers is trained in how to do it, and in the importance of doing so. It doesn't take much person-time: Hook up the hard drive to a computer, boot from the Knoppix CD, and enter the command. A couple of hours later you have a clean safe hard drive with no trace of the original data.
Any employee capable of replacing a hard drive should be capable of understanding the importance of the data that may be on it.
If the masses can keep you down, you're not the Ubermensch.
I've never sold off or threw out or RMAed any of my hard drives. I give them a few good software whipes and use as paperweights or get an external case and there's another backup drive.
HDDs are around 50 cents or less per GB. Except those people who do their hardware shopping at BestBuy and arn't reading this.
If you really have to get it replaced look for someone who will let you keep the platters and just send back some of it. If they exist, have to keep the "refurbished" industry in business.
F7 doesn't work, ignore spelling and grammar
probably 80% of /. users have boobs, and we _still_ get lousy service!
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
If I have a disk with a bad bearing or head crash, I have to send the drive back intact to claim my warranty and so I'm trusting my data to someone else. At work thats a violation of our security policy so we don't ever send disks back unless we are very sure what data was on it which effectively means drives that died within a few hours of being installed in a machine.
What needs to happen is the S.M.A.R.T. software on the drive needs to be a bit smarter and allow the diagnostics tools to coordinate with the manufacturers web site so that the company is sure the disk is in fact defective and they know the cause. If they determine that they don't want the disk back anyway, then let the consumer dispose of it. If they can repair the disk, then its most likely not an internal problem so if its repairable, the data should still be on it when it gets back.
How did this thing end up at a flea market? I can think of a few scenarios where the BBY employee was unscrupulously selling broken or even working equipment at a flea market, but I kind-of doubt that. Not saying it's impossible just like to present a more likely scenario.
This is the fast-food of computer repair so the guy probably took out the old drive which reported several bad sectors in scandisk, dropped it in the trash and forgot about it. Later that day/week a bum that regularly dives their dumpster for crap to sell at a flea market did his normal job. Some dude out for the cheapest possible hard drive buys it then looks to see what is on it, because he's a perv and expects amature porn. Then because he rode the short bus he calls the previous owner to admit guilt.
Why is this hapless joe who accidentally mounted a hard drive then scoured it's contents closely enough to find social security numbers and the like guilty? It's like walking down a street and seeing a house with a door open. You can see the open door, and anything plainly visible from the street because of the open door. The second you walk through that door, you have trespassed.
But forget that amature porn collector.
Best Buy could solve all of this by issuing a 2lb hammer to all employees. It would help morale by providing an outlet for the rage incited by the latest management-speak directive from coorporate or the GM.
Several years ago, the small company worked for used a local mom & pop outfit to buy & repair the office computers. This particular shop made a point of offering "great deals" on refurbished and used equipment. Of course we bought only the best, all-new PCs from them...
Well, one cow-orker's HDD failed, and the aforementioned computer shop swapped it out for a new one. A little while later, we got a new employee in and ordered a new PC for him. When the "new" PC's C: drive was examined, it turned out to still have the first cow-orker's data on it!
I don't know which was worse, the fact that sensitive company data had been potentially exposed, or the fact that they sold us a used, known-bad hard drive as new?!
I actually used to work for the geeksquad and there was a lot of problems there, so I will list them. 1. Employees took parts from computers we threw out home, including hard drives, and the managers really didn't care. 2. Employees copied customers files from their computers onto the store computers (aka, found porn on the customers computers, often of customers or of the people they knew and kept it). 3. Employees often didn't fix problems completely because they thought it was too much work. 4. And to top it off, I often found managers browsing through the files that the employees kept and thought it was the coolest thing in the world.
It's never to late to start the day over...
I feel a Darwin Award coming up.
Visit http://ringbreak.dnd.utwente.nl/~mrjb/growingbettersoftware to download your free copy of the book