Memories of a Media Card

twistedmoney99 writes "Anyone who has upgraded their digital camera probably has a few older, incompatible media cards lying around — so why not post them on Ebay? Well, if you do, be sure to properly wipe them because the digital voyeurs are watching. Seth Fogie at InformIT.com purchased a bunch of used cards from Ebay and found recoverable data on most of them. Using the freely available PhotoRec application, he was able to extract pictures, movies, and more from apparently formatted cards. The picture is clear — wipe anything that can store digital data before getting rid of it."

I don't even bother to erase mine.

It adds to the value on auction sites. A lot of people are willing to pay a fortune to see images of my dick.

Re:I don't even bother to erase mine.

[DaveM753]

You should try using a zoom lens.

(Just kidding!)

Re:I don't even bother to erase mine.

[MS-06FZ]

You should try using a zoom lens.
 
(Just kidding!) <sigh>
He'd need a zoom lens if he were very tall - or if otherwise his dick or parts of it were very distant from the camera.

If it were small, he'd want a macro lens.

Re:I don't even bother to erase mine.

[baldass_newbie]

If it were small, he'd want a macro lens.

You seem to speak from experience...

Memory effect

Memory cards do not have nearly as strong of a memory effect as hard drives. With a hard drive you can write and rewrite multiple times and still have data recovered by someone willing to spend the time, effort, and money. But memory cards are much harder. You could be relatively sure of safety if you just:

1. Delete everything on the card.
2. Fill the card with something not private (maybe a text file that just repeats the same character).
3. Delete everything on the card.
4. If you're paranoid do 2 and 3 again.

If you don't have a computer handy, you can accomplish step 2 by taking photos of a blank sheet of paper or a lenscap or something of that sort.

Re:Memory effect

[ivan_13013]

Whoa there. It is NOT bullshit. In fact it is COMPLETELY POSSIBLE to recover overwritten data from a hard drive, even if it was written over several times with random or nonrandom data. Remember that magnetic media cannot really store 1 and 0. It can only store a magnetic flux using ANALOG electronic components!

The NSA today (and other people) can use Magentic Force Microscopy to extract enough detail to reconstruct what used to be on the drive. With only one or two overwrites, a sensitive oscilloscope could suffice.

Here's one paper from ten years ago that talks more about the recovery technique.
http://www.usenix.org/publications/library/proceed ings/sec96/full_papers/gutmann/

From the paper:

"In conventional terms, when a one is written to disk the media records a one, and when a zero is written the media records a zero. However the actual effect is closer to obtaining a 0.95 when a zero is overwritten with a one, and a 1.05 when a one is overwritten with a one. Normal disk circuitry is set up so that both these values are read as ones, but using specialised circuitry it is possible to work out what previous "layers" contained. The recovery of at least one or two layers of overwritten data isn't too hard to perform by reading the signal from the analog head electronics with a high-quality digital sampling oscilloscope, downloading the sampled waveform to a PC, and analysing it in software to recover the previously recorded signal. What the software does is generate an "ideal" read signal and subtract it from what was actually read, leaving as the difference the remnant of the previous signal."

Re:Memory effect

[plover]

The only issue I have with Peter's paper (and it's a good one, I read it several years ago) is that it's examining hard drives that are now over ten years old. The "residue" he found of previous passes of data was due in large part to sloppy manufacturing processes, machine tolerances, and out-of-spec electronics.

Modern drives now have data densities two orders of magnitude higher than those on which he did his research. Many of those stray effects have been largely eliminated by higher precision electronics.

Picture in your mind how a hard drive works: the head swings left-and-right, and feedback from a servo track tells the arm when it's centered over the desired data track. In the old days, that arm just had to be close enough. Reading overwritten data worked by checking the area around a bit to see if there was evidence of other bits written when the arm was in a different position. This shows up as higher or lower signal strength.

All that slop was robbing the drive of potential places to store data. By making the mechanics more precise, manufacturers are able to squeeze more cylinders onto a platter, and bits on a track. The slop Peter was able to discover has been largely eliminated.

Re:Memory effect

[Blkdeath]

I'm sorry, but I don't have any way of publicly contesting this argument and still seem credible. And no offence, but even if I put forth the effort to satisfy your curiosity and yours alone (IE, can it be recovered, or is the data gone)...I feel my time would have been wasted. I'm sure if the tables were turned, you feel the same way.

The fact that I know people who work in criminal forensics labs and recover data for a living aside, you're obviously set in your opinion. I know however that they can recover data from drives that are more seriously mangled than a simple three pass overwrite. If you want to bet your money or your freedom on your opinion that's one thing, but is it too much to ask that you stop posing yourself as some kind of expert on the subject until you become further educated on the subject?

An aside, BTW; I'm tired of reading of the so-called "DoD specifications" for wiping a hard drive. Yes, they exist in the form of software tools etc. but they're for NON CLASSIFIED DATA ONLY. For top-level classification their specification to ensure data destruction remains to this day in the belly of an incinerator. If you don't want a casual user to recover your data with freely available tools and a few hours of spare time the utilities and methods posed will work just fine. If, however, you don't want your {insert law-voilating material here} to be found by actual law enforcement agents, you'd be best served to turn your hard drive and all memory devices into a molten pile of materials and let them have at it.

Re:speaking of wiping data

[timeOday]

dd bs=1024 if=/dev/random of=/dev/sda1

That was my system boot partition, you insensitive clod!

As for erasing solid state media, I'd feel perfectly safe simply overwriting it with zeroes, one time over.

I realize years ago magnetic media were written sparsely (inefficiently) with sloppy positioning mechanisms, but those days are long gone. I'd be really impressed to see somebody recover overwritten data on a hard drive instead of just talking about it.

As for flash memory, I'll believe it when I see it.

As for leaking information through discarded camera memory cards in the first, place, it's about the 1000th thing down my list of privacy concerns, way down below "binoculars." If you want to see pictures of random people's snapshots of each other, they're all over the web. How many of us really use our digicams to capture super-secret info? I just can't bring myself to care when I know databases of thousands of credit card numbers and SSNs are being bought and sold on the black market.

Card not wiped because people don't care

[syousef]

I'm sure a lot of people don't wipe the camera cards because they don't care if someone gets photos of their pets or disney vacation or drunken stupor. They figure most people - ie. those not interested in writing an alarmist privacy article - will simply wipe and use the card. Unless you're a celebrity, or have a stalker why would you care? You're probably photographed more by traffic cameras these days anyway.

Re:speaking of wiping data

[Sylver+Dragon]

If it's data you care about someone else getting a hold of, I would recommend using Thermite. It's a wonderful, all purpose, cleanser of just about everything.

Re:speaking of wiping data

[croddy]

Better (and more convenient) than dd'ing from /dev/urandom is wipe(1). It will, at your option, overwrite the disk using 34 different byte patterns, 8 of which are random.

Its man page is also the only one I know of that uses the phrases "rising totalitarianism", "Department of Homeland Security", and "THIS IS AN EXTREMELY DANGEROUS THING TO DO".

Re:speaking of wiping data

[phalse+phace]

"What are the best methods for removing almost any record of data?"

Have Chuck Norris give it a roundhouse kick.

Re:dd /dev/random

Bols, I don't get it: are you actually saying there's NOT ENOUGH randomness out there?

Here, have some of mine: ldjaofp9 bpm ]ak e]-07

Re:speaking of wiping data

[Nazlfrag]

Secure Deletion of Data from Magnetic and Solid-State Memory is a good insight into magnetic memory issues, and his followup paper covers solid state devices. It's by Peter Gutmann, Department of Computer Science, University of Auckland. His homepage has more good info.

In a nutshell, for hard drives, "If commercially-available SPM's are considered too expensive, it is possible to build a reasonably capable SPM for about US$1400, using a PC as a controller". So it is in the reach of the hobbyist to recover up to around the last 20 items recorded on any magnetic media (easier for floppies, harder as drives become denser). On solid state memory, I believe an electron microscope is needed for analysis. Still, data that has been in one location in RAM for more than five minutes is in theory recoverable.

Re:Who cares?

[ivan_13013]

Throwing away or destroying manufactured items when they are working and reusable is irresponsible, because it does not attempt to minimize environmental impact.

Used items that are still in demand should be reused as much as possible, to reduce the demand for manufacturing these items (with all the power and waste involved in that) and the size of landfills.

Call me a packrat.

[Perseid]

I'd just keep the damn thing. You know that as soon as you sell it you'll have a desperate need for it. That's just how the world works.