Unclean Military Hard Drives Sold On eBay

An anonymous reader writes "The Daily Mail reports, 'Highly sensitive details of a US military missile air defense system were found on a second-hand hard drive bought on eBay. The test launch procedures were found on a hard disk for the THAAD (Terminal High Altitude Area Defense) ground to air missile defense system, used to shoot down Scud missiles in Iraq. The disk also contained security policies, blueprints of facilities, and personal information on employees (including social security numbers) belonging to technology company Lockheed Martin — who designed and built the system.' Scary that they did not wipe it to Department of Defense standards, which I believe is wiping the whole disk and then writing 1010 all over it."

I have to wonder

[Lord+Grey]

The article states that this finding was the result of a study where a few hundred drives (300+) were purchased from various places and then scanned.

A spokesman for BT said they found 34 per cent of the hard disks scrutinised contained 'information of either personal data that could be identified to an individual or commercial data identifying a company or organisation.'

Later:

For a very large proportion of the disks we looked at we found enough information to expose both individuals and companies to a range of potential crimes such as fraud, blackmail and identity theft.

Where are the corresponding crimes? If a third of the used hard drives on the market really contain such detailed personal or business information, wouldn't you think that at least one group of criminals would be buying as many of these drives as possible? Granted that there would be capital outlay, but a lot of that is recovered by selling the drives again through the vary same channels, and the risk of getting caught would be extremely low. Quantity of information is lower than with network-based methods (eg, keyloggers, sniffers, etc.) or other information-gathering methods, but I would think the quality of the gathered data would be much, much higher. Good enough to resell for a relatively high amount.

It seems, to me, that there is a bit of hyperbole going on here.

Re:I have to wonder

[drinkypoo]

Where are the corresponding crimes? If a third of the used hard drives on the market really contain such detailed personal or business information, wouldn't you think that at least one group of criminals would be buying as many of these drives as possible?

Uh, what makes you think that they aren't? Your comment is utterly devoid of value unless you can prove a negative somehow. Good luck!

Re:I have to wonder

Your comment is utterly devoid of value unless you can prove you have something worthwhile to respond with. Good luck!

Re:I have to wonder

[noundi]

... wouldn't you think that at least one group of criminals would be buying as many of these drives as possible?

Well the black market is a quite complicated. The only groups with enough funding and enough motive to even try to obtain this information (disregarding the middlemen that you're mentioning) would be other nations. Let's say you're an exceptional nerd with enough skills to extract this data into usable form (I think it would be fair to say that many /.-ers fit or could fit this profile given some time to research). How would you go about selling this information to let's say North Korea? Who would you contact? Better yet, who would they allow you to speak to? I doubt you can just pick up the phone and ask the operator to "hook you up with the illest of Kim Jongs". But let's say you actually do get to speak with him (or anybody of importance really). How's your Korean? Ok final hypothesis, let's say you actually do speak Korean. What are you going to say? It's not like you're calling from AT&T to offer him 5$ less monthly fee if he subscribes to the service for 24 additional months.

Basically I see where you're coming from but I wouldn't take the procedure so lightly. Plus there's possibly a lot more important information floating around somewhere that never "got in the wrong hands" as well.

Re:I have to wonder

[Hyppy]

You're on the right track. Quite a few crimes of this nature are not reported, at least not publicly.

Re:I have to wonder

[sadness203]

Your comment is so fat it was... oh ... no, wrong joke.

Re:I have to wonder

[gadget+junkie]

people always underestimate the dangers of physical delivery.
Let's think this through: I am a smartie who knows computers and is interested in blackmail. Where do I get thosehard disks? you see, ebay and such are markets, so you have to tell them where you want those disks sent, under what name, on which credit card....then you must retrieve them, probably giving some proof of identity.
So, given that my objectives are:

1. get rich;
2. do NOT get caught in the process;

I do not think that's the best option.
For example, if I had sold the THAAD data to North Korea, i'd probably get a free ticket to some strange place, with refreshments.Waterboarding anyone?

Re:I have to wonder

Do retorts like yours really pass for good reasoning on Slashdot?

What makes you think that the Universe isn't containing within the eye of a pink singing elephant? Your view on the Universe is utterly devoid of value unless you can prove a negative somehow. Good luck!

Concentrate carefully: when event e happens, we can make a list of events f_1...f_n that we think might lead to e. Let's hypothesise that one such event f_j leads to e. Our first mission is deductive - to demonstrate that f_j can lead to e, and that e can occur.

Our second mission, however, is philosophical induction - has it actually been observed sufficiently often that f_j leads to e for us to assume that it is typical for f_j to lead to e?

You've collected enough points to complete the first mission, and assumed that the second just magically happens. No Western philosophical approach follows the "well that could be the cause, and the set of prerequisites have occurred at least once, so who's to say it's not the cause?" line of argument. It could be used to argue so many nonsenses that the scientific approach would be overwhelmed.

Re:I have to wonder

I think you missed the point, you paraphrase just says "we found enough information to expose ", which means in the wrong hands it would be a problem. Fortunately for us, anyone who actually got their hands on one these unclean either didn't know what they had or had a shred of decency and didn't decide to rape the government.

The other thing of note, is that because of our well publicly advertised security policies, the bad guys were probably either unaware or didn't believe they could obtain this type of information so easily.....until now....since they decided to make this info public I'm sure some evil groups are gonna start buying up used drives on ebay and then resell the ones which had crap on them, keeping the ones juicy intel.

Re:I have to wonder

[DZign]

After reading the book 'spies among us' I've learned that making contact for selling information is just as simple as walking
to an embassy/consulate from the specific country and asking to speak with someone about information..

Re:I have to wonder

[sandbenders]

Hmm. I could probably round up half a dozen Korean-speakers who can run a disk-recovery application properly, given an hour or two. Ok, so, I live in a university town and I have an advantage, I'll admit it.

But I think that it's entirely possible that someone who has run a couple of small scams successfully could parlay that cash into buying several hundred hard drives. Finding name/SSN sets on one of these hard drives has plenty of value for identity thieves right here in the U. S. of A. It's not only the launch codes that have value, it's also all the other data.

Re:I have to wonder

[MikeBabcock]

First off, blackmail doesn't hit the news, that's the whole point. You tell the company what you've got and threaten to use it against them and get paid off.

Personally I wouldn't blackmail a defence contractor, all things considered but there are those with larger gonads than I though.

Secondly, a lot of criminals go with what they're good at. Just because a new avenue of crime exists doesn't mean it will be taken advantage of immediately.

Just think how long the Internet was a big open place before we started getting inundated with scams and before online database theft started hitting the news.

It seems to me that you give criminals way too much credit, and should also take security more seriously.

Re:I have to wonder

Sell them to Israel, then you get to be a congressperson.

Note: I'm not one of Jew-bashing ACs, I'm one of the makes-fun-of-current-events ACs.

Re:I have to wonder

Just don't forget, inside workers selling non-wiped hard drives on ebay is the very reason P2P networks must be banned for being insecure!

Sorry, couldn't help it after the story the other day...

http://tech.slashdot.org/article.pl?sid=09/05/06/158211

Re:I have to wonder

[Lost+Race]

Your comment is utterly devoid of value unless you can prove a negative somehow. Good luck!

"prove a negative"?

Follow any of the links and never use that idiotic phrase again.

Re:I have to wonder

[rant64]

Don't forget to see Burn After Reading for an example of how to get killed in the process. Hilarious.

Re:I have to wonder

[DoofusOfDeath]

Uh, what makes you think that they aren't? Your comment is utterly devoid of value unless you can prove a negative somehow. Good luck!

You really can't prove the negative of a proposition like, "Not (all triangles have three sides)." ?

I suspect you're appealing to some scrap of wisdom that you misheard or misunderstood.

Re:I have to wonder

34% out of a sample size of 300+? This is madness!

Re:I have to wonder

[cayenne8]

"Personally I wouldn't blackmail a defence contractor, all things considered but there are those with larger gonads than I though."

Yep...a lot going on there. You might 'disappear' before you could collect anything...

Re:I have to wonder

[Nutria]

You really can't prove the negative of a proposition like, "Not (all triangles have three sides)." ?

Sure you can. "Tri" means "3". Thus, if the shape has something other than 3 sides, then, by definition, it's not a triangle.

Re:I have to wonder

[noundi]

I never said it wasn't entirely possible, I simply said that the task is not all that easy as the parents fundamental argument is based on this assumption. In addition to this you have to consider another factor. There's a reason that for example you (as you used yourself as an example), even with the alleged resources, don't conduct this, right? Once again I'm not saying the opposite is impossible but it's worth taking to account that educated people generally tend to think things through, at least for a project with this magnitude. And in the end most of us simply leave it as a slashdotted article, since criminal masterplans aren't really our thing, even if we would be able to execute them. This is called profiling. I'll give you an example. If you would go to your university and ask every person that you consider competent for this task, how many would you actually (honest now) get on board? Now what would happen if you would conduct the same test but instead in a prison (let's say that hypothetically the prison holds the same percentage of competent peers). What would you estimate the outcome to be? Of course the paradox that I'm talking about is that statisticly education != crime. Thus the university would be both a good and a bad source. However as mentioned before, I'm not saying it's impossible, but I would go so far to say that it's highly unlikely, and definetly not as easy as the parent claims.

Re:I have to wonder

[asdf7890]

Where are the corresponding crimes? If a third of the used hard drives on the market really contain such detailed personal or business information, wouldn't you think that at least one group of criminals would be buying as many of these drives as possible?

My gues is that the value of data on an average drive sourced that way is too low to be worth the average outlay and effort, mainly because the information is out of date (you can have all my bank details from a couple of years ago if you like, it'll get you nowhere as I've changed banks for *everything* since then) or incomplete (i.e. you need some info the user noted on paper and not on the drive as well as the info on the drive).

Now if the criminals knew with any certainty that the drives being bought were from a certain source and/or had been used up to a particular time, then it might be worth their time and expense to get and scan them. Otherwise they would get better RoI on time spent creating worms/trojans/viruses to collect the data remotely somehow than buying and analysing second hand drives.

Re:I have to wonder

[drinkypoo]

I'm so sorry I got caught speaking English. Next time I'll try to translate into nerd-speak so that those of you with slide whistles in your assholes will pipe down.

Re:I have to wonder

[houstonbofh]

I can go to a local computer recycler in town, pay cash and walk out with a trunk full of hard drives. If you want bulk, go wholesale.

Re:I have to wonder

[Burkin]

You really can't prove the negative of a proposition like, "Not (all triangles have three sides)." ?

You mean except for the fact that your proposition violates the very definition of a triangle?

Re:I have to wonder

[BrokenHalo]

Well, in this case one area of hyperbole is where the OP says "The disk also contained ... blueprints of facilities..."

Now, forgive me if I'm being overly picky, but does anyone here (apart from an old fart like myself) even remember what a blueprint is?

Re:I have to wonder

[Plekto]

Ok final hypothesis, let's say you actually do speak Korean. What are you going to say? It's not like you're calling from AT&T to offer him 5$ less monthly fee if he subscribes to the service for 24 additional months.
****
Easy, actually. USB flash drive in your pocket. Plane ticket.

The actual number of critical/important documents on any hard drive is usually under a gig or two. Stupidly easy to move about and get to people who have bad intentions - if you have a mind to.

And simply "deleting" the files - almost any idiot can recover data from that - just get a copy of Easy Recovery Pro or Norton or similar.

Deleting or destroying the data properly is the only recourse, obviously. But saying that it's too difficult to engage in corporate espionage... It's not 1989 anymore, folks...

Re:I have to wonder

[Skevin]

Maybe it's the caliber of the government IT workers...

Military Official: Davis, I need you to wipe every hard drive in this container.

Minimum Wage IT Contractor: Okay. [Opens a pack of lemon-scented WetNaps and starts wiping the outside of the hard drives.] Hard drives wiped, sir.

Officer: Then I need you to write "10101010" repeatedly on them, until there's no more space!

MWITC: Okay. [Pulls out Sharpie and draws alternating dashes and circles on the enclosure until there's no more place to put any.] Done, sir.

Officer: Good. Sign off on this ticket, and we're ready to liquidate them on Ebay!

Re:I have to wonder

[mhall119]

Sure you can. "Tri" means "3". Thus, if the shape has something other than 3 sides, then, by definition, it's not a triangle.

But "angle" means, well, "angle", not side.

Re:I have to wonder

[Arancaytar]

i'd probably get a free ticket to some strange place, with refreshments. Waterboarding anyone?

Warning to ESL speakers like myself: Waterboarding, despite the misleading name, is not, not, the same as windsurfing. :P

Re:I have to wonder

[inode_buddha]

Actually, yes. --From another olid fart.

Re:I have to wonder

[Nutria]

But "angle" means, well, "angle", not side.

You can't have angles on a shape without also having sides.

Re:I have to wonder

[dumuzi]

But "angle" means, well, "angle", not side.

You can't have angles on a shape without also having sides.

But you could have three angles and three sides without connecting the three sides to make a triangle. Though this would not prove the negative of a proposition like, "Not (all triangles have three sides)."

To prove the negative of "Not (all triangles have three sides)." You would just have to show a triangle that does have three sides. Most three year olds can do that.

Though the scrap of wisdom that Doofus was likely trying to convey might have been something more like: You really can't prove the negative of a propostition like "all triangle have three sides"

Or perhaps the intention was more like "you really can't prove "NOT(all triangles have three sides)"

Though this still represents a misunderstanding of some scrap of wisdom. One definition of a triangle is "In Euclidean geometry any three non-collinear points determine a unique triangle", therefore a triangle does not need to have any sides, it may consist of three points where the points are not actually connected.

Re:I have to wonder

[aamcf]

Etymological fallacy/p?

Re:I have to wonder

[Nutria]

Except that triangle still means "3 angles", so there is no etymological fallacy.

Re:I have to wonder

Your "other thing of note" is complete BS. You don't think the US buys the same in other countries? Oh noes! I mentioned it. Sorry CIA, Russia is going to stop selling you old drives.

Re:I have to wonder

[tacarat]

You really can't prove the negative of a proposition like, "Not (all triangles have three sides)." ?

Sure you can. "Tri" means "3". Thus, if the shape has something other than 3 sides, then, by definition, it's not a triangle.

But a square is a rectangle as it meets all the criteria. There's also the "Which month has 28 days in it?" argument in which every month has 28 days. Every shape, except for circles (I hope), has three sides. Some just have those extra value sides included.

Re:I have to wonder

[Meski]

It could be, if you were really bad at windsurfing, be a voluntary form of it.

Unclean?

[Nerdfest]

I guess we'll need to format them in a purifying fire then.

Re:Unclean?

I agree. If you have sensitive data on a disk (or paper or anything else) DESTROY it. Fire is best and most useful but other methods are possible.

Re:Unclean?

[auric_dude]

Or use http://www.dban.org/node/68 - good enough for The Government Of Canada so good enough for these disks?

Re:Unclean?

[Mendoksou]

It's finally time to start up my competitor to the NSA. The American Security Service (acronym to be determined) will, for the cost of hard drives on ebay (as well as some key other components... you never know what might be hidden in all those GPUs... we'd better test them. And those CPUs... and that RAM... and those computer games...), provide quality security and defense against our enemies. Especially if those enemies happen to be in the games I'm playing at the time.

Re:Unclean?

[Hyppy]

Most DoD member units approve DBAN already. Especially when it's set to the platter-melting 35-pass Guttman Wipe.

The problem is when someone DOESN'T follow proper procedures. Rules are great and all, but someone is always going to break them in some way

Re:Unclean?

[Nimey]

Since you apparently don't know what you're talking about: the 35-pass wipe is bullshit, and even the author says so.

http://en.wikipedia.org/wiki/Gutmann_method#Criticism

Essentially some of those patterns are specifically for obsolete MFM drives, and others are specifically for equally obsolete RLL drives. Nowadays you should just use random patterns, and even the DoD is fine with 7 passes.

Re:Unclean?

[socsoc]

I don't get why everybody doesn't use DBAN, private or government (as long as it meets their needs). I proudly tell my staff members that machines have been wiped to DoD levels before disposal.

Re:Unclean?

[NotQuiteReal]

Aww, you just went for a cheap laugh.

When you said The American Security Service (acronym to be determined) I thought for sure, you were going to start a wiping service!

Re:Unclean?

[Hyppy]

I said "member units." Not every IASO is completely familiar with Peter Gutmann's full paper. Either way, a 35-pass Gutmann wipe is better than a 1 or 2-pass zero wipe. They're erring on the side of caution, but that doesn't mean you need to personally attack me.

Don't be a prick with such a short fuse.

Re:Unclean?

[Big+Nothing]

There are faster methods for most drives: http://ultraparanoid.wordpress.com/2007/09/12/securely-erase-hard-drives/

Re:Unclean?

[Rastl]

We had to send back a personal notebook under an in-warranty replacement. I used DBAN to make sure that disk was going back devoid of anything of potential use. I know there's a faint chance of someone using forensic tools to recover it but FFS at least it takes care of the casual user problem.

And yes, I was "assured" that they wipe the disks before refurbing them but a quick run of DBAN is just common sense.

Oh wait, we're talking about a government contractor here ...

Re:Unclean?

[Nathrael]

Fire is best and most useful but other methods are possible.

Nuke it from orbit. It's the only way to be sure.

Re:Unclean?

The new DoD policy states that the old method of just doing the "DoD Wipe" was insufficient. DoD hard drives are now supposed to be wiped and THEN physically destroyed.

Re:Unclean?

[Runaway1956]

Same or similar reason that not everyone uses network security? Ignorance. I have a PILE of hard drives from old computers that I have browsed through. One of them contains an ancient NT4 network server. Not much on it - but the really funny thing is, I can log onto that company's network as administrator, because it STILL HAS the same admin password. If I were dishonest, there is SO MUCH I could do......

Re:Unclean?

[longrangebunnykiller]

Instead of 0's and 1's, I've found that it's better to write 2's and 3's to the disk. 2-3 times better, in fact.

Re:Unclean?

[Barny]

even the DoD is fine with 7 passes.

Funny that, I know SIGINT (Australian signals intelligence) don't trust ANY form of drive erasure, with the cost of drives, they just burn them.

Considering the amount of budget these departments, why would they take the risk?

Re:Unclean?

[neomunk]

Do you (or anyone else reading) know of an actual case in which data was recovered from a 1 or 2 pass 0 wipe on modern drives?

I don't think it's been done successfully, but would be interested in being proven wrong.

Re:Unclean?

[Kirth+Gersen]

This issue has come up before. My conclusion was that a single pass might indeed be insufficent and it was hard to say how many would be enough.

Why would an attack method which would recover very small fractions of the data from the disk be valuable to the attacker? One suggestion I thought was plausible was this: with sufficiently advanced techniques some good data may be retrieved (for instance, a drive may mark a failing sector as bad and never allow it to be accessed again by normal means, but it may occasionally be readable by drive-specific utilities).

This acts as known plaintext and may reduce the time needed to break encryption (of a separate data source which was fully available to the attackers because it was believed to be safe) from several universes to a few days.

Btw, this known-plaintext idea makes me think it's probably a bad idea to encrypt a system disk which also contains data.

Re:Unclean?

[jgalun]

even the DoD is fine with 7 passes.

Funny that, I know SIGINT (Australian signals intelligence) don't trust ANY form of drive erasure, with the cost of drives, they just burn them.

Considering the amount of budget these departments, why would they take the risk?

I'm not so sure the original poster is correct that the DoD is fine with 7 passes. Consider ISL 2007-01. It says that "Sanitization of memory and media is required when the memory or media is no longer needed to store classified information. Clearing is required before and after periods of processing as a method of ensuring need-to-know protection, and prior to maintenance."

And if you look at the matrix on page 19, overwriting is not acceptable for sanitization. Only degaussing or destruction are acceptable. It sounds like whoever disposed of this hard drive just did not follow guidelines, or that the drive was disposed of before ISL 2007-01 was released.

Re:Unclean?

[Nimey]

I think you're right, actually. Change that to say "DoD used to be fine with 7 passes".

Re:Unclean?

[tzanger]

I keep an eye on the Canadian government surplus auctions. Every single computer going through there is sold WITHOUT hard drives.

I imagine they either re-use them internally or destroy them.

Re:Unclean?

[couchslug]

"I guess we'll need to format them in a purifying fire then."

Hard drives are of trivial value, as are obsolete computers. Mandate that every Federal agency destroy all their discarded computers by shredding. Don't try to save a nickel, just destroy the machine. It is trivially easy. Just do it.

Re:Unclean?

[calmofthestorm]

Even zeroing the device in a single pass is enough to deter most criminals or dragnet methods, shred is enough to defeat all but the most expensive cryptanalysis.

There are levels of paranoia between strategic high-yield nuclear weapons and selling unwiped.

Re:Unclean?

The "highly sensitive data" comment in the story sort of blurs the real nature of the data. Is it unclassified, unclassified no foreign, secret, top secret, other special restrictions, etc...? If it is just interesting data but unclassified, could this be from an employee who did some remote work at home over a VPN connection? That would be my guess, but without more information, we'll never really know.

Mij

Re:Unclean?

I don't get why everybody doesn't use DBAN

Speaking as someone who owns a box of obsolete unwiped drives (some of them have been sitting in that box for over a decade), here's how it happens.

At some point, I need to replace drives; either the box just can't physically hold more (so I'm taking small drives out and putting bigger ones in) or I'm upgrading to a totally new computer and for whatever reason I don't want to use the old drives.

Somehow I move my old data to my new drives. Now I have the old drives. They need to be wiped, but..

For the next few days, they're a good backup. Maybe that new drive is going to fail. This is a time when failure does happen to be more likely than usual. So, I shouldn't wipe 'em right away.

I want 'em disconnected from the box right away, though.

So the "plan" is .. um, I'll wipe 'em, but I'll do that .. later because (in all seriousness) later really is better than now. Some limited procrastination (and "limited" really is the key, here) is not only acceptable, but actually The Right Thing.

It's just that I never get to it. And then things happen, and I eventually I can't even talk to my old drives. I don't have a SCSI adapter. I have these SCSI drives, with personal information sitting on them, but no way to get at it myself. (If I wait much longer, the PATA drives are going to have the same problem.) The only practical(?) solution is a sledgehammer and fire, rather than "wiping."

And so they sit there in that fucking box. I can't use 'em and I can't throw 'em away. :(

Re:Unclean?

[TehDuffman]

I don't know if its just the Marines but we just get a sledge hammer and take turns beating the shit out of the hard drives. Seems to do a good enough job to me.

Re:Unclean?

[Jah-Wren+Ryel]

even the DoD is fine with 7 passes.

Not for classified data - there is no official procedure to declassify a hard disk. 7 wipes may be sufficient in some cases for moving a classified disk from one classified program to another related classified program, but never for complete declassification.

Re:Unclean?

[BrokenHalo]

I think I might have mentioned this before, but it's still relevant:

Once upon a time, I used to be a blacksmith, and I've still got my tools. The best way I've found to deal with unwanted HDDs is to heat them up to ~700-800 deg. C in my forge, then wallop the hell out of them with my power-hammer. Hot things, sparks and lots of noise == Fun. ;-)

Incidentally, why won't Slashcode implement the standard &deg (;) html entity?

Re:Unclean?

[TemporalBeing]

There's really two states of operation here that can be answered by one question: Did the system in question have sensitive (e.g. classified) data on it?

If no, then the 7 pass is okay.

If yes, then it must be destroyed and may never be used for non-classified uses again.

So if it did have sensitive/classified data on it, then whoever disposed of it did not follow procedure - in which case there will be prison time for someone after an investigation occurs. Otherwise, the consequences will be unknown - though prison is likely, but not likely for as long.

Re:Unclean?

[zerocool6900]

Actually yes I have recovered usable data from a HDD that was wiped twice and had started on a third. I just installed my Ontrack Data Recovery Pro and let it run....granted the files weren't perfect and didn't recover many either but some jpgs, rtfs, and a few short mp3s survived.

Re:Unclean?

[TemporalBeing]

7 wipes may be sufficient in some cases for moving a classified disk from one classified program to another related classified program of equal or greater classification, but never for complete declassification.

There fixed that for you.

Moving to a lower classification level is the same as declassifying.

Re:Unclean?

[stile99]

I guess we'll need to format them in a purifying fire then.

Ummm...nobody picked up on the Thomas Covenant reference, or did I read a little too deeply?

Re:Unclean?

[Nimey]

Wiped with what? I've had someone get lots of data back from a hard drive that was slow-formatted with the WinXP installer, but we haven't tried this stunt with something that's been run through DBAN.

Re:Unclean?

Redundant much?

An exploding nuke CREATES A LOT OF FIRE, the very thing the parent quote mentioned as useful for destroying hard disks with sensitive information on them.

And anyway, any hard disk capable of surving the electromagnetic pulse and star-hot temperatures of thermonuclear bombardment is a hard disk worth buying, eh? :D

Re:Unclean?

[iwein]

Disappointing really. Especially in a military organization you'd think they could think of some cool ways to increase the entropy of a hard disk.

Re:Unclean?

I guess we'll need to format them in a purifying fire then.

That would not be a bad thing to do. Why bother reselling the hard drives used for a project that costs billions of dollars?

Re:Unclean?

[Chris+Mattern]

"enough to deter most criminals"

"enough to defeat all but the most expensive cryptanalysis"

Or you can just take a ten-pound sledgehammer to them and be sure. If the data on them is of any importance at all, the pathetic prices they'll fetch on Ebay are in no way worth it.

Re:Unclean?

[rts008]

What about as you said, formatting with the Windows installer(say XP/NTFS), then reformatting with a Linux live cd in ext3?
I've no reason to ask except curiosity, but have often wondered how effective this would be regarding 'wiping' a HDD.

Re:Unclean?

[Nimey]

No idea, but it's an interesting idea. I don't have the time to try it, though -- that recovery I mentioned took most of a day to run.

Re:Unclean?

[rts008]

Well, thanks for the reply!
I was just curious in relation to the topic of discussion, and thought you might have some insight here for me. :-)

If you can 'spill the beans*', what software did you use for this so I could find out...I am recovering from surgery and on 'temporary disability' while I recover.
If you check my posts, you can confirm that I have had way too much time to hang out here!(too much time to post while drunk!- check my 'foes' list!)

*If not, any ideas of what I can use with GNU/Linux(Kubuntu 9.04) to check this?

Don't put too much effort in this, as it is more of a 'what if' thing for me, and not a vital 'need'. (don't be afraid to just 'blow it off', as it would just be an 'academic exercise' for me:-)

My brother does this kind of stuff for the US State Department, but we are not 'exactly' on speaking terms for the moment.(my next project to tackle, but it's complicated)

Re:Unclean?

[Nimey]

The program was some commercial package for Windows. When I see my co-worker who did that I'll ask him.

We're just a Midwestern public university, no classified stuff here. Basically I screwed up and we had to try to recover someone's data.

Re:Unclean?

[metaforest]

Back in the day, I used to ride around on an old 3-speed bike collecting techno-fruit that had fallen from the corporate trees in and around Montain View, CA....

My arch nemesis: Atari Security Service.... They drove around in white Ford Broncos(the shift supervisor) or white CJ-5 Jeeps( the rank & file) they caught me a couple of times, but I altered my raid tactics and they never knew I was there.

Along with valuable caches of ICs, engineering prototypes, demo units, cosmetic QA failed units, and retired test equipment, many coffee stained "Confidential" documents passed through my paws... HR reports with employee data, engineering documents, source code, executive policy memos, and even legal documents, litigation and contract drafts....

I do miss being a larval geek in the Sillycon Trench....

Scary that they sold the disk at all

You can wipe a disk with "dd if=/dev/zero of=/dev/sda" and nobody will get anything from it after that, but the problem isn't the technical feasibility of securely wiping a hard disk: It's a problem of procedure. If hard disks are sold, there's always going to be a mishap where disks which were supposed to be wiped are not and sold with the data intact. Also, why was this data not encrypted? Anyway, hard disks are just not worth enough to take these risks. Destroy the disks and do it in-house.

Re:Scary that they sold the disk at all

[bleh-of-the-huns]

There are much quicker ways then that. In fact, at my old office, we had NSA approved degaussing equipment for hard drives, that destroyed the data permanently (no amount of forensics will be able to retrieve it), but left the drive itself intact for reuse or resale.

The fun part of course is that when you turn it on.. 2 or 3 floors of lights all dimmed at the same time for a few seconds while it powered up and it hummed.. loudly... Thats a powerful magnet :)

Re:Scary that they sold the disk at all

[s0litaire]

i'd use "dd if=/dev/urandom of=/dev/sda" Urandom is slower but better..

Re:Scary that they sold the disk at all

[rongage]

Modern drives have "servo tracks" on them - used for setting the head position. If you use an eraser powerful enough to wipe the drive, then the servo track is most likely also wiped - rendering the drive totally useless to most folk.

Re:Scary that they sold the disk at all

Degaussing a hard drive permanently damages it (if you can do it, that is). Not only will all servo information be lost, modern hard drives also store the firmware on the disks. Deleting the firmware significantly reduces the reuse potential and resale value of a hard disk.

Re:Scary that they sold the disk at all

There's no point doing that. If you could recover anything which has been overwritten with 0s, you could recover it just as well if it has been overwritten with something else. Hard disks do not write the pattern directly. Everything is encoded in a way which guarantees certain signal properties. A stream of zeros does not end up on disk as a constant magnetization.

Re:Scary that they sold the disk at all

[A+beautiful+mind]

You've got it backwards. Urandom reuses the entrophy pool, so it will not block, but will be slower. /dev/random is the real deal.

Re:Scary that they sold the disk at all

[chad.koehler]

But if you use /dev/urandom you never know WHAT they'll be able to get off of your harddrive! For you know you SS# could be there! ;)

Re:Scary that they sold the disk at all

[samos69]

Yup, we just purchased a Verity degausser to wipe some drives before donating them to charity and have found that the servo track is wiped and they become completely useless... £1800 wasted, but it's damn fun to wipe things with!

Re:Scary that they sold the disk at all

No, there is a probability that the random data is the same as the original. Would you take that chance?

Re:Scary that they sold the disk at all

um guys.... hard drives have metal cases...magnetic fields flow through metal...If the field flows though the case it doesn't flow through the disk(pretty much part of the design)...disk is not erased.

are you one of those idiots that still thinks using an electric screwdriver on a PC will erase the hard drive

Re:Scary that they sold the disk at all

[multisync]

i'd use "dd if=/dev/urandom of=/dev/sda" Urandom is slower but better..

If you have access to dd, you probably have access to shred. It makes several passes using different patterns (25 by default), and has the option of zeroing the drive on the last pass. I believe it meets DOD standards. I'm not sure how effective it is with slack space, which often holds recoverable data even after running utilities that are supposed to wipe data off drives, but dd wouldn't be any better.

Re:Scary that they sold the disk at all

[c6gunner]

To be fair, he did say "for reuse or resale". He didn't specify what KIND of use. You could use it a a paperweight, a doorstop, a hammer ... the possibilities are endless! And then you're done using it, you can always sell it on e-bay.

Re:Scary that they sold the disk at all

[pipatron]

The comparison was between /dev/zero and /dev/urandom, /dev/random was never involved.

Re:Scary that they sold the disk at all

[GargamelSpaceman]

Military standards are to write 1010 all over the drive... Hmm. I bet the FBI could get those top secrets afterwards. Really I don't even know if I'd trust degaussing for anything really important. Or fire for that matter, unless it were hot enough to actually melt the entire drive to a puddle of slag. How many times has someone burnt a paper in a fireplace only to have the ashes remain, still clearly readable? Opening the drive, removing the platter and using a grinding wheel to turn it into iron filings seems pretty foolproof. Also grind away any and all chips on circuit boards that may have cached data ( not sure if they do but why take the chance ). That would seem appropriate for matters of national security.

Re:Scary that they sold the disk at all

[Teferison]

It doesn't have to end up as a constant magnetization for someone to be able to recover the data. A predictable pattern would suffice.
Actually not even overwriting the disc with random data might be enough to ensure that noone can recover the data. Dedicated forensic experts can read overwritten data, by distinguishing between a 0 -> 1 and a 1 -> 1 magnetization (Simplified example).

Re:Scary that they sold the disk at all

While you're having fun, note that there is a good chance that the degausser just fries the electronics (by inducing strong currents where they don't belong) but leaves the data on the platters intact. Magnetic information on hard disk platters is very durable, unless the platter is heated to a temperature above the material's Curie temperature or shredded mechanically. If the data is still on the platters, a forensics team can replace the electronics and read the data.

Re:Scary that they sold the disk at all

[wvmarle]

Exactly what I was thinking.

OK the US military has some mighty expensive wars to finance, but I doubt they are this short on cash that they would have to sell hard disks on e-bay of all places. Instead of simply tossing them in a shredder. It is not that they are worth much or so.

I would expect that this is a drive from some employee's personal computer who took home data (either on USB or copied it to his home computer over the VPN) to work on it, and later sold his hard disk on eBay.

Re:Scary that they sold the disk at all

[BetterSense]

the shred man page specifically says that it is ineffective on journaling file systems. From TFMP:

CAUTION: Note that shred relies on a very important assumption: that the file system overwrites data in place. This is the traditional way to do things, but many modern file system designs do not satisfy this assumption. The following are examples of file systems on which shred is not effective, or is not guaranteed to be effective in all file system modes: * log-structured or journaled file systems, such as those supplied with AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)

http://linux.die.net/man/1/shred

Re:Scary that they sold the disk at all

Every single-pass pattern is "predictable": Just read it. In fact, if you can recover data from a single pass wipe, you also have the generation before the current data, so you can theoretically recover data further back. The patterns don't matter. What matters is the signal to noise ratio.

Dedicated forensic experts can read overwritten data

That is a myth. Granted, there is a theoretical possibility due to magnetization processes not being 100%, tracks having widths and heads not always being in the same position over the track. If you believe in any of these effects making recovery of overwritten data possible, then the number of overwrites is just a matter of how paranoid you are. If that possibility bothers you, your adversaries must have technology which is unavailable to all commercial data recovery businesses (and probably doesn't even exist). If that is the case, destroy the drive: It's the only way to be sure. For everyone else, "dd if=/dev/zero of=/dev/sda" is exactly as good as specialized wiping software. (Beware of people hawking 35-pass overwrite software: These patterns are historic and have no relevance to modern hard disk technology. Touting this procedure as somehow better than a single pass zeroing proves that the person does not understand the topic at hand.)

Re:Scary that they sold the disk at all

[systemeng]

The mistake in thinking that it's a bad thing to never have the data be the same is roughly speaking part of how the Germans lost WWII. The British broke the Enigma cypher by figuring out that a given letter was _NEVER_ encoded as the same letter. That tiny blip in the probability function allowed breaking many coded messages if they could get a small amount of cleartext such as the weather report.

Re:Scary that they sold the disk at all

[Thaelon]

You've clearly never worked for the DoD. I have. And I highly suspect that the drive wiping procedures dreamt up by the DoD are more as a result of some middle manager, or pseudo techie wanting to get bullet points on his resume for making some procedure "more secure" or something rather than real technical reason.* Add a few generations of this crap and you get the procedure we have today.

There's no sound technical reasoning for doing anything than a dd if=/dev/zero of=/dev/sda or /dev/random as you like. It's just that too many people adhere to the brain dead fallacy of "if wiping it once is good, wiping it twice is more betterer!"

dd it once, that stuff is gone. Me, I'd just use DBAN cause it's easier.

Unless the hard drive manufacturer specifically built in hardware methods of hiding the data from normal use, or making copies to hidden locations, dban or dd are more than sufficient for even the most sensitive data. All else is senseless wankery and a waste of time.

*People who look for jobs in the government are typically more after something stable, possibly with decent pay and long term with good benefits more than they're after challenging problems to sharpen their skills. As a result it's chock full of cruft.

Re:Scary that they sold the disk at all

[Barny]

unless the platter is heated to a temperature above the material's Curie temperature

Thermite is damn cheap to make :)

Re:Scary that they sold the disk at all

[Orgasmatron]

Don't forget that modern drives use material with obscenely high coercivity so that the domains don't spontaneously flip their neighbors. If you use a magnet powerful enough to randomize the platters, you'll warp all the steel parts.

Re:Scary that they sold the disk at all

[jimicus]

The problem with shred (and indeed any such utility) is that it doesn't account for application behaviour. What if some application that uses the file re-writes it - eg. because of some change to the file - to a different filehandle than the one the file was originally read from?

What if at some point the file was read into memory and that memory was swapped out by the OS? There are lots of quite reasonable scenarios where there are fragments of the file sitting around indefinitely.

Re:Scary that they sold the disk at all

[nick13245]

i'd use "dd if=/dev/urandom of=/dev/sda" Urandom is slower but better..

If you have access to dd, you probably have access to shred. It makes several passes using different patterns (25 by default), and has the option of zeroing the drive on the last pass. I believe it meets DOD standards. I'm not sure how effective it is with slack space, which often holds recoverable data even after running utilities that are supposed to wipe data off drives, but dd wouldn't be any better.

Shred works on a filesystem level to delete individual files on the drive. Worse than that, it only works on a subset of filesystems (primarily Linux and Unix based).

You want something that wipes *everything* from the drive, no matter what the filesystem is. dd, or dcfldd (which is what I prefer to use) does a sector by sector copy of data from a source to a destination. So the following command:

dd if=/dev/urandom of=/dev/sda

Will effectively fill the hard drive with random data making and data recovery impossible.

Re:Scary that they sold the disk at all

[Amouth]

http://www.ontrackdatarecovery.co.uk/columbia-drive-recovery/

that one allways gets me..

http://news.sky.com/skynews/Home/Sky-News-Archive/Article/20080641316604

love to qoute this

"
He said it was the most challenging project every undertaken by Kroll, especially when you considered "it had been through re-entry, hit the earth and then sat in the outdoors".
He added that even though a modern disk could not have been recovered in the same way, he said: "Disks that may have been unrecoverable five years ago may be recoverable today - never assume that your data may not be recoverable."
"

Re:Scary that they sold the disk at all

I wouldn't trust NSA approved anything

Re:Scary that they sold the disk at all

urandom is the non-blocking rng. random is the "better" one, but you won't ever fill a terabyte drive using /dev/random, even if you furiously shake the mouse and mash the keyboard while getting DDOS'd.

Even faster (20x on my machine) to use

openssl enc -in /dev/zero -salt -k /dev/random -aes256 -out /dev/sda

, but I guess you might be vulnerable if 256 bit aes is ever broken. On the other hand, urandom (and random too, actually) is just a massive number of repetitions of MD5, so who knows, aes of zeros might be more secure AND faster. Now, if only there were a way to inject a new random key periodically as the entropy pool fills up.

If you're less concerned, rc4 is quite a bit faster than that, but on my machine at least, aes256 is faster than my disk speed, so there's no benefit to using an even faster algorithm.

Now, if you'd been encrypting the entire time, you wouldn't have to worry about wiping the disk at the end.

Re:Scary that they sold the disk at all

[Spoke]

Dude - shred is used to write directly to the disk. No files or applications involved here.

The disk's data is completely gone.

What I typically do is stack up disks to be wiped in one box and when I get a bunch of them, plug them into a system with a bunch of IO controllers and boot up DBAN - Darik's Boot and Nuke. A lot easier than wiping disks one by one.

Re:Scary that they sold the disk at all

Thing is, hard drives silently mark areas as corrupted as usage goes on. Those areas cannot be accessed with dd and thus whatever data was on those sections can be retrieved by competent powers

Re:Scary that they sold the disk at all

[couchslug]

I treat any hard drive I discard to a couple of shots with a hand sledge.
The defaulting to a techy solution like wiping is understandable, but why bother?

Re:Scary that they sold the disk at all

[calmofthestorm]

I'm more worried about secret NSA firmware that backs up all the data to a second set of platters in the bad sectors or something than I am about being able to recover past a round or two of shred. Which is to say, not really because I don't care about any data /that/ much. Keeping my nosy neighbor (granted, I'm at a nerd school) out is good enough for me. So cryptroot, full 33 pass of shred on LUKS storage, and a pass or two of shred on the full device followed by 0 is good enough for me.

Would mod you insightful but...yeah... mouse so far away.

Re:Scary that they sold the disk at all

[rrohbeck]

Also, the coercivity of the magnetic coating keeps going up. Yesterday's degausser may not be strong enough for today's drives.
This applies even more to tape cartridges. Insufficiently degaussed DLT tapes have been a problem every now and then (LTO uses magnetic servo tracks but DLT doesn't so degaussing them is common.)

Re:Scary that they sold the disk at all

[rrohbeck]

Doesn't make a difference for modern (PRML) drives. The data is randomized before it is encoded and written because pathological data patterns decrease the signal/noise ratio in PRML.

Re:Scary that they sold the disk at all

[Frank+T.+Lofaro+Jr.]

How would the drive read the firmware if it has to have firmware to tell it how to read the disk?

Now, firmware UPDATES could conceivably be stored on the disk...

Re:Scary that they sold the disk at all

[greed]

There's a better reason. Thermite is damn FUN to make. Well, damn fun to watch melt stuff.

Re:Scary that they sold the disk at all

How does a computer start? In stages. The flash memory only has enough code to read from the service area on the disk, which contains the bulk of the firmware (among other things).

Re:Scary that they sold the disk at all

[Chris+Mattern]

You can wipe a disk with "dd if=/dev/zero of=/dev/sda" and nobody will get anything from it after that

Sure they can. It takes some specialized equipment and some know-how, but it can be done. The problem is that magnetic bits retain a faint impression of their previous setting. If you just do a one pass writing of zeros, somebody with sensitive magnetometers used correctly will be able to pull off just about everything that was on that disk.

Anyway, hard disks are just not worth enough to take these risks. Destroy the disks and do it in-house.

No argument on this one; the fact that erasing your disks *isn't* so cut-and-dried makes it an even better idea.

Re:Scary that they sold the disk at all

it can be done.

Prove it. There have been several challenges to perform this "miracle" and there is commercial value in offering the reconstruction of data which has been overwritten even just once, yet nobody has publicly shown or announced to have this ability. All there is is people like you claiming that a "faint impression" remains and that some unnamed person can use it to reconstruct previous data.

(I understand the theoretical possibility. That's not the point. The point is that it is very unlikely that it can be done in practice, because if it were possible, somebody would offer it as a service.)

Re:Scary that they sold the disk at all

[Agripa]

Most hard drive cases are composed aluminum and stainless steel. Neither of these will provide significant shielding against a magnetic field used for degaussing.

Steel, iron, and mu-metal are commonly used for magnetic shielding.

Re:Scary that they sold the disk at all

[metaforest]

Modern drives have "servo tracks" on them - used for setting the head position. If you use an eraser powerful enough to wipe the drive, then the servo track is most likely also wiped - rendering the drive totally useless to most folk.

This wasn't the case on SCSI drives up to about 4GB. They had enough smarts to rewrite their own servo tracks if you did a low-level format.

Most PATA drives of the same vintage had relatively dumb controllers and could not be recovered. They were also less than half the price of comparable SCSI drives, and a lot less reliable.

From personal experience, it was fairly simple to recover data from a SCSI drive with a control board failure by replacing the control board. There was no assembly specific information stored on the drive controller for units made from the same line of drives. This was true even if the swapped controllers we from drives with different capacities, as long as the controller was the same model.

Not so with ATA drives... Servo tracks are written using a special machine that determines the unit specific parameters. Those unit specific parameters are then stored on the controller during final controller/CAN assembly, calibration, and test.

It is likely that this is also true of modern pSCSI and SAS drives, as it seriously reduces the complexity of the drive controller. This also reduces QA costs and QA failures at final assembly.

please...

[VMaN]

Before people start discussing if drives should be overwritten 32 or 2^32 times, please show me ONE proven example of a regularly zeroed drive being recovered.

This challenge has stood for more than a year.
http://16systems.com/zero.php

Re:please...

[canix]

It is possible that the people most likely to have the resources and expertise to do this (i.e. govt. security depts.) don't want to announce that they have this capability ...

Re:please...

[sakdoctor]

In the UK, the government uses magnetic fields generated by train seats to erase sensitive data.

Re:please...

[zombie_monkey]

> Should someone win, they get to keep the drive. They also will receive $500.00 USD and the title "King (or Queen) of Data Recovery".

Oh my, some schmuck on the internet is offering to send us a used hard drive and promises to give us $500 (in another place on the same site, $40). Our company must definitely do this!

Re:please...

[RivieraKid]

If only I had mod points.

It's both funny and tragic because it's true.

Re:please...

[tsalmark]

Even if it is doable, no one is going to buy random 0'ed drives to run through an electron microscope just to see if there maybe a few thousand dollars worth of blackmail on it.

Re:please...

[WoLpH]

Why would any company enter a challenge like that? What data recovery company would comply to this: "You also must publicly disclose in a reproducible manner the method(s) used to win the challenge."?

Regardless of wheter it is possible or not, it is definately not worth the trouble for anyone.

Re:please...

[Hyppy]

$500 to recover a drive, eh? If I had a data recovery business, I'd hang up on you too. If you want people to take you seriously, then perhaps you should present yourself in a serious manner. Offering $500 and a basement-made "King of Data Recovery" title is not a serious challenge. It's a slap in the face to any legitimate data recovery business to be "challenged" like that.

Re:please...

[phillips321]

I thought the same thing. Surely dd is good, but i prefer to use shred, especially if I'm deleting some 'ill shit'!

Re:please...

[tiananmen+tank+man]

The reward is a $60 harddrive with a 80gig capacity, yea who wouldnt want to spend a lot of time recoverying data for that.

That site mentions that they will send the harddrive to any "established, professional data recovery company" with free shipping and then down the page it says "Send a self-addressed, postage-paid box with packaging material to the address listed below and we will mail the drive to you."

Re:please...

[fulldecent]

No matter that you must include reproducible instructions on how to do this.

Re:please...

[MikeBabcock]

The last reputable data recovery company I dealt with charged us $1500 to recover a dead laptop drive. They gave us a new drive that was nearly perfectly recovered from the old dead, dropped, damaged drive.

That may seem like real money to some people, but it was worth it to the client in question. Why on earth would they do even more work for one third the money?

Re:please...

Hmm, what will a person with a pacemaker do in an UK train then ?

Re:please...

[rcamans]

Actually, there are companies in the data recovery business, and they do advertise this capability. Some actually post success stories.
All you have to do is google drive recovery. Duh.

Re:please...

[commodoresloat]

It's a slap in the face to any legitimate data recovery business to be "challenged" like that.

But I thought a slap in the face was the proper way to announce your challenge!

Re:please...

[wvmarle]

They would still only go after hard disks that are known to have contained interesting information. Dragnet scanning like was done for TFA doesn't sound feasible at all with zeroed disks.

Assuming such a drive can be recovered in the first place, it will not be a trivial task to do. AFAIK there are currently no commercial offers to recover such a disk, so it may be so that the government/CIA/MI5 are be able to, it's then for sure really really tough.

And why should they in the first place? Enemies that want to keep their data secret will use encryption for a start, and then presumably destroy disks physically when disposing of them. It is easier to kidnap someone and get the information that way.

Re:please...

[LanMan04]

Yeah, because labs with electron microscope really need that $500...

Re:please...

[canix]

Since "drive recovery" seems to show just companies who deal with deleted data or disks which have had a mechanical failure, do you think you could post a direct link to a company that can recover data from a disk that was deliberately and completely overwritten rather than a pithy comment?

Re:please...

If I had the capabilities to do this (I'm not saying that I do or don't), I wouldn't do it for $500 and a tiny bit of prestige. I'd do it for a couple of million and a nice cushy job at a desk at whatever intelligence agency I could get to bite.

In other words, that challenge will stand till the ends of time, even if someone's able to do it.

Re:please...

[maxume]

Not even for $500 and an obsolete drive?

Re:please...

[Hyppy]

Touche, monsieur!

Re:please...

[Wierdy1024]

Nice find - I've bookmarked that page to send to people who argue about which "secure shredder" program is better...

Re:please...

[Tycho]

That method works, but for the day or more it took them to do that, using the Secure Erase ATA command on that drive would have been more secure and taken only an hour or two. The Secure Erase command is part of the ATA standard and present on every ATA drive larger than 15GB. The command "dd" cannot access and erase every sector as ATA drives do not allow access to certain sectors, like reallocated sectors. Even though SCSI drives do not have this limitation, I still wouldn't erase one with "dd", there are probably better open source tools. An even better and faster option for even more secure erasure on ATA drives, is to use the drive in encrypted mode. When done with the drive, toss the encryption key. This makes any data on the drive practically unusable. Reuse of the drive is still possible with a standard reformat after unlocking the drive.

More reading:
Hard Drive data erasure methods are described on page 27 of the PDF or page 19 as printed on the document:
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf

Describes different methods of data sanitization on magnetic hard drives. Discusses hard drives exclusively, unlike the NIST paper above.
http://cmrr.ucsd.edu/people/Hughes/DataSanitizationTutorial.pdf

Page from the author of the above paper with a DOS program that can send a Secure Erase ATA command to a drive, no source though:
http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml

However, t13.org the website of the ATA standards body is here, and has the last drafts of standards available here (nearly as good as the actual standards, which cost money):
http://www.t13.org/Documents/MinutesDefault.aspx?DocumentType=4&DocumentStage=2

Start here though for the Secure Erase Command:
http://www.t13.org/Documents/UploadedDocuments/docs2009/d2015r1a-ATAATAPI_Command_Set_-_2_ACS-2.pdf

Re:please...

[calmofthestorm]

http://hardware.slashdot.org/article.pl?sid=08/09/06/189248

Anyone who can do it isn't biting.

Re:please...

[Torg]

Hard drives do not write to the *exact* same position all the time. Additionally when they do so they effect more then the precise amount of magnetic medium below the write heads. It is technically feasible (with modification of the firmware on the drive or physically removing platters) to half step the read heads and read the spaces next to where data was written.

Devices that do this generally take one drive and attach another that can hold the recovered data. A simple search in your favorite search engine with "forensic data recovery" will revel companies that can do this and hardware available for the task.

Re:please...

[MarkGriz]

It is possible that the people most likely to have the resources and expertise to do this (i.e. govt. security depts.) don't want to announce that they have this capability ...

And even more likely is that these people have no interest in recovering your deleted tax returns, novel you've been working on for 3 years, or your 100 GB collection of porn

Re:please...

[VeNoM0619]

Zombie porn?

Re:please...

In Soviet Russia, drive erase you.

Be gentle, it's my first time.

Did I do it right?

Later.....

Re:please...

[BikeHelmet]

One of my Uncle's HDDs (almost?) lit itself on fire.

It was an external Samsung drive. Something happened to the motor, and then smoke started streaming up out of it, and there was an awful putrid smell. I was quick to unplug it before it lit anything on fire. (it was sitting on a desk ontop of piles of paper)

Data recovery was quoted at $2800, so my Uncle opted to do nothing, despite having plenty of important documents stored on it. Years later he made a new friend that worked at a data recovery place, and the guy did it for him for about $180. :)

What really pissed me off, was Samsung wouldn't replace the drive or cover the data recovery costs. They wanted his old one to be sent in, but if he had sent that in he'd lose any chance of getting his data back.

I wonder if he'd have faced the same arguments if their HDD had burned his house down when it died. Somehow I think those cheap bastards got off lucky. I'm never recommending Samsung drives again!

Re:please...

Before people start discussing if drives should be overwritten 32 or 2^32 times, please show me ONE proven example of a regularly zeroed drive being recovered.

This challenge has stood for more than a year.
http://16systems.com/zero.php

That challenge does not prove anything. Saying that it is impossible to recover one specific file from that specific hard drive is probably true, at least with technology that is easily available.

Here are the problems with the challenge:

The drive has never been subjected to real-world use, they installed an OS on a brand new clean drive, added a couple files to "prove" out the challenge, and then wiped it.
Sound like a good setup right? Wrong.

For starters, most hard drives do not get sold off until they have been used for a good bit of time. They also generally contain/have contained more than one file of interest.

If I took the same type of setup, but instead of wiping the drive I simply deleted the file, and then used the drive for a good bit of time, chances are that the file that "proves" out the challenge is gone for good. So even if I could recover the rest of the OS on their test drive I would still fail because I didn't get the one they require me to get.

There are a host of plausible (note I don't say possible) recovery techniques for a drive that has been used in the real world for any period of time. In most cases these will not give you everything back from the drive, but they do have a chance to give SOME data back... but you can't just say "i'll recover THIS file" you recover what you can and then see if the data is still worth anything.

So if you were to fill a hard drive up with thousands and thousands of files, none of which you want to ever be seen, then the chances of being able to recover one usable file isn't all that bad... but the chances to recover one SPECIFIC file are nearly zero.

In short, this is a carefully crafted "challenge" that is set up for failure to start with.
No reputable company would waste their time on this, especially not for the $500 pittance that they offer as a "reward".

If they are really serious, then they should do the following:

Purchase several dozen new hard drives, from different manufacturers and different product versions.
Create several hundred thousand test files, some encrypted some not. These files should range in size from smaller than a single cluster up to large files that span multiple clusters.
Write these files across all the drives, repeatedly, and fill the entire volume.
Take some of the files and write them to the drive within a small range of sectors over and over, several hundred thousand write cycles at least. (This will simulate frequently cached data)

Now that the drive is properly salted with data, run their suggested wipe process.
This will give you a much more scientifically accurate example of a real-world target drive.

Then up the ante and, since they are SO SURE they are right, offer a million dollars as a reward. After all, if they are so confident then they won't have to pay, right?

Re:please...

[noidentity]

Yes, I have a drive with some uh test data on it that I am challenging anyone to recover. The prize is $100, and you must send me all the data (including the 3 GB direcory named "dissertation") so I can er verify that you have properly recovered it. This isn't data I've lost! It's a real challenge of data I've specially crafted for the test.

Re:please...

[Chris+Mattern]

Wow. $500. Kiddo, this type of data recovery typically costs TEN TIMES that. You can't find anybody willing to do it for a 90% discount. What a surprise.

Re:please...

[rts008]

I was 100% with you until...

...or your 100 GB collection of porn

No self-respecting geek would pass up adding to their pr0n collection!

DoD wiping standards

[mati.stankiewicz]

"which I believe is wiping the whole disk and then writing 1010 all over it."

Taken from DoD 5220.22-M Wipe Standard:

"[...]DoD requires overwriting with a pattern, then its complement, and finally with another pattern; e.g., overwrite first with 0011 0101 [35h], followed by 1100 1010 [CBh], then 1001 0111 [97h]. The number of times an overwrite must be accomplished depends on the storage media, sometimes on its sensitivity, and sometimes on differing DoD component requirements. In any case, a purge is not complete until a final overwrite is made using unclassified data."

Re:DoD wiping standards

In Australia the defense wipe standard is to crush the disk into little bits, I think we win :)

Re:DoD wiping standards

As it should be. We do that here, at just a University. It becomes a nice powder.

Re:DoD wiping standards

[Hyppy]

For sensitive drives, many U.S. units do in fact destroy the platters. Usually, it's a matter of smashing the drives into teeny little bits, then melting them.

Re:DoD wiping standards

[bleh-of-the-huns]

Certain 3 letter facilities in the US do that.. in fact, any electronic equipment going in.. never leaves. I have seen the destruction of a thumb drive that accidentally made it into the facility (many people arrived for a meeting there), but was caught on the way out and destroyed.

Same facility provides all electronic equipment needed for various press events and what not.

Re:DoD wiping standards

Will It Blend?

Re:DoD wiping standards

[mevets]

Oblig,
In Soviet Russia, the drive wipes you...

Re:DoD wiping standards

[Sancho]

I can't find that anywhere in the actual document. Which page is it on, and which edition of the document?

Re:DoD wiping standards

[infalliable]

I heard of DoD personnel taking hard drives to drill presses to render them useless. I'm not sure if they were also degaussed/erased prior to or what information was originally on them.

Re:DoD wiping standards

Platters used to be made of metal (the older the thicker) and you could use a nibbler or some heavy snips to cut them up. Since about 10 years ago most platters are made of a glass like material (ceramic?) and can be easily shattered into tiny bits.

It scared the hell out of me the first time I went at a newer style platter with some snips and the first bite of the blades caused the whole thing to shatter in my hands into a poof of shards (the tension or something, similar to how a small rock can cause a whole window pane to shatter instead of just knocking a small hole in it).

Re:DoD wiping standards

[TheLink]

Yep don't bring your phones, ipods in too...

I wonder:

What if you had photographic memory and were a good artist. Would they let you out?

What if you had memory issues with your brain and thus have a prosthetic memory installed to help you?

Re:DoD wiping standards

[drinkypoo]

What if you had memory issues with your brain and thus have a prosthetic memory installed to help you?

What if the aliens came, and took you back to your home planet?

Re:DoD wiping standards

[dragonjujotu]

Actually, it really depends on how good the IT/ET units are. A good unit will follow that DoD reg. for overwriting the drive, then proceed to vent some frustration on the hard drive through creative means, and then they will turn them in to the proper disposal authority. Lazy/greedy units will just sell them on eBay or throw them in a dumpster where may civilian will pick it up and sell it on eBay or use it.

Re:DoD wiping standards

[Barny]

Yeah, we got a local installation of SIGINT, I have a friend or 2 who work there (and are allowed to talk about the destruction of drives).

They don't bother with erasure, ANY media, usb sticks, cds, dvds, HDD... ANYTHING, gets put in the furnace before it leaves a building, and is made all nice and melty.

They don't take chances to make back a pittance on second hand parts, and for that I am glad :)

Re:DoD wiping standards

Is that actually from the DoD standard? The hex value is wrong.

followed by 1100 1010 [CBh]

Should be CAh.

Re:DoD wiping standards

[Runaway1956]

"In any case, a purge is not complete until a final overwrite is made using unclassified data."

This. Wiping, randomizing, etc, yada yada yada is all fine and dandy. But, when you OVERWRITE the damned platters with SOMETHING, then you have pretty much screwed the pooch when it comes to data recovery. Gonna sell a hard drive? Use a couple different wiping tools like DD and /dev/urandom. Then, make sure it's full of music. Download a few dozen songs without burdensome copyrights attached, and fill the drive up. A script can easily create a directory structure, so that you can write the same songs 25,000 times to ensure the disk is entirely overwritten.

Doing so ensures that data recovery people don't have to merely search for clues and listen to echoes of ghosts - first they have to unearth the clues and the echoes.

Re:DoD wiping standards

[Erich]

Typical government:

1100 1010 [CBh],

Can't even convert 0b1010 to the correct hex digit (A).

Re:DoD wiping standards

[Amazing+Quantum+Man]

I've seen this. I was talking with our IT guy while he was drilling some drives.

Re:DoD wiping standards

[internerdj]

All you hardware guys can kiss it. This is just further proof that at the smallest level a computer is just bits...

Re:DoD wiping standards

[TheLink]

Depends on the state of the planet I guess.

Anyway it's just a matter of time till prosthetic memories become possible.

1) We already have PDAs and phones with "reminder" apps, cameras, microphones etc.
2) Already people can control devices by just "thought" alone.
3) The blind can see in low res via eye implants, or they can see via other means - mesh on tongue (while that's not so practical, it proves that alternate channels can be used for seeing).

When the technology provides this, there would be other issues as well - e.g. DRM.

The **AA might want to prevent/charge people for using their augmented memories and sensors. Whether just to replay or to "telepathically" (wireless) communicate with others.

They'd probably want a lot more than a penny for "your" thoughts.

Re:DoD wiping standards

[Cboyd0319]

The DSS (Defense Security Service), the guys that came up with the wipe standard, updated this June 28, 2007.

Section 54 of this document details the update.

Basically, the deal is that wiping a drive is no longer an option for sensitive or classified material. The media HAS to be physically destroyed.

"Effective immediately, DSS will no longer approve overwriting procedures for the sanitization or downgrading (e.g. release to lower level classified information controls) of IS storage devices (e.g., hard drives) used for classified processing."

Financial Firms Do the Same

[__aajwxe560]

I perform computer forensics work, and part of my research towards obtaining my degree was going to the MIT Swap Meet (great event) and buying used hard disks from vendors on occasion. In about 90% of the cases, the user appeared to have simply "deleted" the files, with nothing more. Now, I would expect this for a normal home user, not knowing any better, but the biggest thing of concern was the number of drives that came from various corporate entities. I was able to see and read data from drives that clearly came from several major banks, including mortgage apps, SSN's, corporate planning documents, etc. Again, the files appeared to have been simply "deleted" by the IT folk, instead of securely wiped, making it trivial at best to read everything.

So while this example is no better, I believe it highlights an ongoing problem that involves better user education and disk encryption helps solve.

Re:Financial Firms Do the Same

[Moschaef]

At our company the policy is to destroy all drives withdrawn from operations. The problem is with our local IT support telling management they've destroyed the drive but then selling them for their own personal gain. They're already stealing property so I doubt that they're much concerned about proprietary/sensitive data.

We had a similar problem several years back when we switched 1,000+ CRT monitors to LCDs. The CRTs weren't the issue, no one wanted them, rather it was the DVI cables. The techs used the old VGA cables and sold the DVI cables on EBAY for $5 bucks a piece.

Of course this is something no reader of SlashDot would ever condone... Right...

Re:Financial Firms Do the Same

[notarockstar1979]

I created the secure wiping policy for my department. It involves an axe. I get to use it on anyone who tries selling old drives instead of having them shredded.

Re:Financial Firms Do the Same

[Abcd1234]

Of course this is something no reader of SlashDot would ever condone... Right...

Because the typical Slashdot reader is a thief?

Stupid thing is, your post actually had an interesting anecdote and made a good point. And then you decided to close off with a nice, unnecessarily dickish comment.

Re:Financial Firms Do the Same

I can one-up that. I was given a 'broken' laptop by a friend of a friend, who worked at 'Big Bank'. I plugged it in, turned it on... and found no one had bothered even trying to delete the data. It was all just sitting right there. There wasn't even a password prompt to log in.

Bonus hilarity: The user of this laptop apparently had aspirations to joining the FBI, if the documents I couldn't help but read were any indication. I wonder if they ever made it.

I contemplated mentioning something to 'Big Bank', or at least the friend to tell his friend, but opted to destroy the HD (by removing it and smashing it to pieces) instead.

I am not naive enough to believe other people would have done the same thing in this situation. It was a very sobering revelation to the security of my info at my bank, to be sure.

Re:Financial Firms Do the Same

[Moschaef]

And then you decided to close off with a nice, unnecessarily dickish comment.

Funny thing, I didn't make any comment regarding the "typical" Slashdot reader. I used the term "any". Are so naive to believe that people who do this would never patronize this site?

Maybe you should read a little more carefully before you accuse someone of being dickish? Maybe grammar isn't your thing? Maybe you shouldn't be so damn sensitive?

Re:Financial Firms Do the Same

[Abcd1234]

Funny thing, I didn't make any comment regarding the "typical" Slashdot reader. I used the term "any".

Uh. No, you didn't. You said, and I quote:

Of course this is something no reader of SlashDot would ever condone... Right...

Any sane reader of the English language would interpret that statement as a sarcastic indictment of the Slashdot community. ie, <sarcasm>no reader of Slashdot would ever condone theft<sarcasm>.

'course, when it comes right down to it, it just sounds like your grasp of the English language is far weaker than you realize. You should work on that. Maybe then your otherwise insightful posts won't languish without modpoints.

Re:Financial Firms Do the Same

[Frank+T.+Lofaro+Jr.]

Because the typical Slashdot reader is a thief?

Not a thief, a copyright infringer!

Re:Financial Firms Do the Same

[BikeHelmet]

Recently my HTPC/NAS's primary HDD died. It was a PATA one, because linux doesn't like booting from my board's SATA controller.

(but all the data drives are SATA)

I decided to pick up an old PATA HDD to act as a replacement OS drive while I RMA it. I picked up 4GB PATA Maxtor drive from a local business selling old computer parts for cheap. A working install of Windows XP was still on it, along with MS office license keys. My Documents still had piles of files sitting inside it, including letters and invoices containing names, dates, phone numbers, etc..

I stopped investigating there, and wiped it. Had to get my HTPC back online in time to record TV shows!

When I went back to the business to ask them about it, they said they do ask if there's any personal info on the drive, but people probably incorrectly answer "No", thinking delete means it's gone. Go figure.

Little OT Anecdote

[rodrigoandrade]

I used to work for a major OEM whose clients included the military, along with other branches of the US government. The military in particular had a "strict" policy about hard drives: they did NOT RMA them EVER. If a PC of theirs was to be returned or sent in for service, it arrived without the hard drive.

What's the point of such strict policy towards your supplier if some dumbass from within will just pawn it off on Ebay?? It's not the first time this happens.

Re:Little OT Anecdote

[Hyppy]

Either way, the point of a policy is not to be broken. I'm sure Private Murphy or Contractor Black wasn't following proper procedure when he decided to sell some old hard drives for beer money.

Re:Little OT Anecdote

[bleh-of-the-huns]

The problem is not necessarily from a gov branch, but most likely a supporting contractor, in this case Lockheed martin.

Same reason why those same contractors are forbidden from using VPN from gov facilities (DOD and Federal atleast) to their home offices. In the past, a certain contractor from a certain company at a certain 5 pointed facility introduced some lovely malware that spread like wildfire fromthe contractors company to the gov facility.

However, like I said, while policy says what not to do, deadlines and management looking the other way sometimes to meet those deadlines and whatnot go against those policies, sometimes nothing happens, sometimes bad things happen.

Re:Little OT Anecdote

[Pontiac]

I'll back this up.. No data devices are allowed off site. The security team has a rather large shredder that all data devices are disposed of in.
Even systems with small embedded flash drives..
If it stores data it's ground to tiny pieces.

Re:Little OT Anecdote

How about apple when you will void the RMA / warranty by taking the hd out of some of there systmes. The army likes to use mac minis as severs that must be a bitch to RAM.

Re:Little OT Anecdote

[reddburn]

Why's it gotta be a Black contractor, man? You racist?

In other news..

[__aanmys7397]

..the market is being flooded with Chinese made ground to air missile defence systems, available for a quarter of the price, and half the accuracy.
Fine Print: THERE IS NO WARRANTY FOR THE SYSTEM, TO THE EXTENT PERMITTED BY APPLICABLE LAW

Re:In other news..

[Icegryphon]

I eagerly await them to come up on ebay. I do love cheap chinese knockoffs.

Why not just destroy these disks?

[JackassJedi]

Why does the DoD not simply destroy the disks in question?

Re:Why not just destroy these disks?

[snspdaarf]

Exactly. Grind them up. If they can grind up cars in a junkyard, surely someone can make a smaller device to grind up a hard drive.

Re:Why not just destroy these disks?

[bleh-of-the-huns]

My guess was that this was not a DoD system, and probably not at the DoD facilities, but rather at the contractor facilities.

They are however (which is written into the contract that was signed when the project was awarded) required to comply with DoD regulations. It appears that in this case, probably during a technology refresh would be my guess, that there was a shit ton of old equipment, and the IT folks got lazy, since securely wiping a drive without a degausser of sorts takes a very long time.

Re:Why not just destroy these disks?

To make a few bucks ?

Re:Why not just destroy these disks?

[camperdave]

Why does the DoD not simply destroy the disks in question?

Sometimes it's easier to detect a security problem by letting some information leak.

Re:Why not just destroy these disks?

[eth1]

Especially if they have fingerprints of the data on each drive, and tracked which one went where for disposal.

Re:Why not just destroy these disks?

They do.
http://www.eendusa.com/edata.php

This company first degassed the drive then a device that looks like huge shrub clippers that shreds to pieces and they melt the pieces. Cool process to watch.

Re:Why not just destroy these disks?

[systemeng]

They said it was sensitive information, not classified information. While the rules for military and contractor handling of classified material differ slightly, sensitive information is not protected by the same rules that govern classified information. Leak a classified drive: a bunch of people go to jail. Leak a sensitive drive and everybody goes to slashdot and gets sent to bed without a cookie.

Re:Why not just destroy these disks?

So, you have the contract for chaff?

Uhh

[ShooterNeo]

Why does anyone sell hard drives second hand, anyways? Most organizations and people buy them, and keep using the old disk until it either dies or becomes so obsolete that it's no longer worth using. How much value does some old 60 gig hard drive have on ebay, anyways? New 1 terrabyte drives are a mere $70 at newegg!

Re:Uhh

[linzeal]

The problem is when people have a whole bunch of them and 100 40 gig hard drives sold at a flea market can pickup 2000 dollars some weekends. I did a pull once where the guy was savvy enough to wipe the hard disks but did not check all the CD-Rom drives, half of which had CDs in them with corporate information. Looking it over I could of easily sold the info to an unscrupulous competitor but decided to just send them to him COD for cost of postage.

Re:Uhh

[cowbutt]

The end-users probably aren't (officially) selling their used drives; they're probably selling their three year old machines by the kilo to an authorised disposal agent, who in turn wipes the drives (or is contractually supposed to do so) then either sells the machines as used, or breaks them into components for sale as used.

Re:Uhh

[kannibal_klown]

Why does anyone sell hard drives second hand, anyways? Most organizations and people buy them, and keep using the old disk until it either dies or becomes so obsolete that it's no longer worth using. How much value does some old 60 gig hard drive have on ebay, anyways? New 1 terrabyte drives are a mere $70 at newegg!

I can imagine that the drives might come from retired PCs. Many companies replace their PCs every X years for various reasons: their lease ran out, the PCs are too underpowered for current software, or upgrading/maintaining the old machines becomes too much of a hastle.

After disposal/donation/selling those PCs have to go somewhere, so I'd imagine they get broken up into their main components and sold off. Selling a PII-266 might be a tall order but someone might want that 60GB HD.

Re:Uhh

[ShooterNeo]

100 * 40 gigs = 4 terrabytes. Or 4 $70 drives off of newegg.com, shipped to you brand new. With warranty. Who is dumb enough to pay anything for a crummy worn 40 gig drive? I shudder to think of the power draw of 100 drives grinding away.

Re:Uhh

[iccaros]

for my Alesis HD24 http://www.alesis.com/hd24 old IDE drives is what this multi-track recorder users.. a 500 or even a 100 gig drive is a waste in the machine as you are limited in number of songs and audio tracks. Plus I have had issues with the machines undo features and modern drives. and sadly the newest version still expects the same old IDE drives.. which are hard enough to find. now to hard drives containing classified information.. agency's are only allowed to reuse drives on systems of the same classification or higher.. so if the data was on a secret system, once wiped can only be used on other Secret or higher systems. other wise must be destroyed. a lot of this supposed classified information is sensitive but unclass. which is not a classification but a handling instruction. The unclass part is a classification, and the lowest protection level, so things slip, solders send computers to DRMO with out following procedure as its only unclass, but they forget the handling as procedure as SBU, and news stories like this get out. also most of this looks like corporate design information or even some engineers stored information on projects he is working on and all may be SBU or even fouo, but most companies do not have a requirement to wipe drives before reselling them or returning them from a lease, and if he did work on his home computer all bets are off.

Re:Uhh

[bleh-of-the-huns]

Same reason you can still buy new technology 40g drives... because 100 striped 40 gig drives will absolutely destroy 4 1tb drives in performance and redundancy....

Atleast when it comes to SAN infrastructure..

Re:Uhh

[Barny]

striped drives ... redundancy

Oh, you did not just say that striped drives are redundant did you? :)

Re:Uhh

Because most people like to pretend they know more about technology than they do. All you have to do is put up a sign, "Great drive to backup an Mp3 player" and people will buy them.

Re:Uhh

[jtev]

100*40 gigs=100 drives each of which is capable of holding the operating system for a workstation. Also since he mentioned CD drives, maybe he is selling the entire used system. Also depending on drive technology, you may be able to work them into a RAID array, or the buyer might just want to slag them anyway for the component material.

Re:Uhh

[Zakabog]

I sold a 386 just a few years ago for $175.

How did I get so much for a computer you could find in a dumpster? Easy, the customers 286 was fried in a lightning storm. He used the thing with some very very old DOS based software that ran his embroidery machine. I happened to have a 386 lying around that ran everything just fine. Even installed Windows 3.1 on the thing.

Sometimes a 40 gig drive is a lot more valuable than a 1TB drive. Especially when it's the difference in replacing one old broken component vs buying all new hardware/software that you're not even sure will work with what you've got.

Nearly right...

[LoyalOpposition]

scary that they did not wipe it to Department of Defense standards which I believe is wiping the whole disk and then writing 1010 all over it.

That's nearly right. The actual procedure is to wipe it to DoD standards, and then load it up with fake documents.

-Loyal

Re:Nearly right...

[H0p313ss]

scary that they did not wipe it to Department of Defense standards which I believe is wiping the whole disk and then writing 1010 all over it.

That's nearly right. The actual procedure is to wipe it to DoD standards, and then load it up with fake documents.

-Loyal

So you're saying this Area 51 map and Build-Your-Own Nuke instructions I have here might be bogus?

Who is really to blame?

[sunking2]

Did lockheed actually own these machines, or do they lease them? My guess is LM (like most larger companies) has a contract with someone like CSC/IBM/etc who actually owns, maintains, and replaces machines. This is probably where the ball was dropped. Every 3 years here CSC replaces 10s of thousands of PCs that they are itching to sell off before they depreciate into worthlessness. I can certainly see them taking short cuts, or missing a few. This is the problem with outsourcing IT infrastructure. They don't always really understand or care about the same thing as you.

Re:Who is really to blame?

[Senator24]

Did lockheed actually own these machines, or do they lease them?

They do. I use to work for Lockheed and I was a sub contractor and we basically handled all the PC's. I was hired through a temp agency and most of the guys I worked for were also part of the temp agency. A lot of those guys didn't care if the HD was wiped good enough or not. Just as long as the PC wouldn't boot up. Then the HD's were shipped off and I'm guessing resold.

Re:Who is really to blame?

Actually they care more about something like that. If it was determined the outsourcing company failed to follow procedures for a classified project; they could lose the entire contract (multi million dollar). I know one thing that motivates companies and that's money.

(btw, I work for CSC)

Re:Who is really to blame?

The DoD Contractors that I have interfaced with have Service agreements that the Drives never leave the premises. Even when one fails. A replacement drive is shipped and then the bad drive or out of service drive is Wiped if it still functions, written over with "Fake" data, then shredded. All drives are shredded. This is likely a theft and resale. And the contractor(s) involved should all have their security policies reviewed and audited.

Re:Who is really to blame?

[trekie86]

Most likely lockheed didn't own the boxes. They are government owned but managed by lockheed. SOmeone said earlier that they were probably illegally sold and that is probably true. Our HDs are all marked if they contain classified data, never leave the building unless they are transported by a cleared courier, and destroyed upon completion. Just not booting isn't the standard, they are totally destroyed, not going to work anymore. As for replacing PCs, it hardly happens, especially in classified environments. We run them until they are so old that the government doesn't use them anymore or they die. Even then, the harddrives stay.

Re:Who is really to blame?

[sunking2]

Reality is that once a company takes over the infrastructure at a large company it is next to impossible to get rid of them. In the end, the ones who own every single machine that runs your entire business are the ones who have the other by the balls. Oh sure there are slaps on the wrist, but its a marriage with a prenup that neither party would ever be willing to pay. How does a fortune 30 that doesn't own a single desktop/server/infrastructure/help desk dump their provider? They can't.

Re:Who is really to blame?

They can and do. They just usually wait until the 5 or 10 year contract comes to an end.

Re:Who is really to blame?

I work for a medium sized insurance company and we lease machines from Dell/HP/etc. Before we return the leased hardware, we zero out the drives three times over before it leaves our hands.

So, even if Lockheed didn't actually own these machines, they are still responsible for not wiping the data off the computers before returning them back to CSC/IBM/etc.

Plus I doubt that they replace thousands of PC all at once every three years. More likely, every computer is on a different 3-year cycle and gets replaces at different times.

Re:Who is really to blame?

LM maintains it's own machines

Probably illegally sold

[roger_that]

The drives were probably illegally sold. DoD requires the destruction of classified drives, and contractors are supposed to follow the same rules. If the drive(s) in question held classified data (which they apparently did), they should have been wiped, then physically destroyed. Sounds like someone bypassed the last step, and tried to make a little profit on the side, by selling the "destroyed" drive.

Disclaimer: I work for a contractor on a US Government contract, working with classified data. (at the five-sided building)

Re:Probably illegally sold

Disclaimer: I work for a contractor on a US Government contract, working with classified data. (at the five-sided building)

You worked in a square pyramid?

Re:Probably illegally sold

[T+Murphy]

the five-sided building

...most buildings have a roof and 4 walls, so that doesn't exactly narrow it down.

Re:Probably illegally sold

[Renraku]

Sounds like someone has been selling government information. Send them to jail for doing so.

Re:Probably illegally sold

[DoofusOfDeath]

the five-sided building

...most buildings have a roof and 4 walls, so that doesn't exactly narrow it down.

Yes, but let's assume his building also has a floor.

He works in The Triangle!

Re:Probably illegally sold

A roof is only a side if you're being a pedantic turd

Re:Probably illegally sold

[chris-chittleborough]

Yep. Procedures that senior officials spent weeks designing defeated because someone way down the hierarchy saw a chance to make a few hundred bucks.

There's a lesson in here somewhere.

Re:Probably illegally sold

If you really worked at the Pentagon, you would know better than to lump all sensitive data under the non-descriptive "classified." There are many classifications and not all require the media destroyed.

Re:Probably illegally sold

[Ecuador]

You are forgetting the floor. It is obvious he works at the Luxor.

Re:Probably illegally sold

[dysan27]

especially when the building he is probably alluding to actualy has 201 sides when you add up the all the rings corridors and the roof.

Re:Probably illegally sold

You're probably right. It's ridiculous how much taxpayer money is wasted in a fraudulent manner by gov't contractors. Not just stuff like this, but also like contractors going to a local hardware store to buy parts that are supposed to be QC'd or doing below standards and unsafe work for base construction in Iraq and Afghanistan.

Anyhow, I think they should STFU a bit about trying to deal with P2P in an idiotic fashion until they also get their shit togehter with this kind of thing. (Gov't should secretly buy a portion of drives auctioned by its contractors for inspection in this regard.) I wouldn't be too surprised if the Marine One blueprints were originally leaked in this manner rather than directly to a P2P network.

Re:Probably illegally sold

Sure it does!

http://en.wikipedia.org/wiki/The_Pentagon

It's the most famous five-sided building on the planet for sure.

Re:Probably illegally sold

[Elbowgeek]

That's what happens when you assign the duty of hard drive destruction to the lowest person on the totem pole, no doubt someone only a little better than your average fast food employee.

The fact is that with many thousands of computer systems being turned over in a large corporation there's bound to be some rogue drives out there whether innocently or not.

Is it just me...

[s0litaire]

Or are these types of stories probably sponsored by E-Bay's PR department..

Just think of all those people now bidding on old hard drives now... Probably won't be able to pick one up for under £99 by the end of the week :D

That reminds me... Got a few old ones to sell myself... :D:D

Re:Is it just me...

[halcyon1234]

Just add to the listing "Drives are being liquidated from the assets of bankrupt mortgage company."

Why resell?

[baker_tony]

I can't understand why they sell them rather than destroying them! Mental. Hard Drives are so freaken cheap these days, how much money would they make weighed against the risk of data recovery?

For Highly Classified Data, it's more than a wipe

[sirwired]

I worked in a highly classified facility once. The wipe "standard" was to hire a lowly intern (such as myself), remove the platters from the case, take them out back, and sandblast them. The agencies scientists had decided degaussing wasn't good enough.

SirWired

Sounds like gruntwork to me

First part of story. scary that they did not wipe it to Department of Defense standards which I believe is wiping the whole disk and then writing 1010 all over it.

I just had a mental image of a private being assigned a sharpie and a room full of hard drives, furiously writing 1010 on each one.

DoD standards

[konigstein]

Are to overwrite the harddrive 9 times, then degauss (which makes a loud POP and the magnetic information is GONE, and THEN to drill 6 holes through the drive. The DoD policy memo can be found here http://www.drms.dla.mil/turn-in/usable/cpu-memo-jun01.pdf

Re:DoD standards

[Sancho]

Note that document only covers unclassified data.

Re:DoD standards

[Nukenbar]

It think most people simply put hard Drives in industrial shredders that spit out little pieces of the drive the size of a small nail.

The procedureâ(TM)s more than *that*!

[kuleiana]

The procedure is actually to write random bits (01101111010110000 etc) at least seven to 13 times! This doesnâ(TM)t 100% guarantee nonrecovery, but it comes very close. Also, most hard drives are *not* regularly zeroed out (in free space), unless thereâ(TM)s a security policy in place at that particular facility/organization/office that implements a daemon thatâ(TM)s going to handle it for you.

Re:The procedureâ(TM)s more than *that*!

[Sancho]

[citation needed]

Not trying to be an ass, but there's a lot of misinformation out there on these "DoD wipe standards." Lots of people are throwing around these things, but I've only seen one person trying to back it up with something from the DoD.

How to dispose of SECRET media

First, everything that is SECRET must be serialized and fully accounted for at all times. Paperwork must be done when it is decommissioned.

It must be physically destroyed. If it's a CD, then it must be broken or otherwise scratched to the point where reading any data off it becomes not only unlikely, but impossible. Fire is good.

Hard drives (I had one fail on my in Iraq) must be double packaged, clearly labeled SECRET, and escorted by authorized personnel the entire way to somewhere a lot higher than the infantry battalion I am in to get properly destroyed.

Since it's got Lockheed Martin employee information on it, it's a Lockheed Martin hard drive, and their accountability is probably not as demanding as the Marine Corps...probably a guy in the tech department wanting to make some extra money.

Re:How to dispose of SECRET media

[jtev]

Ummmm... the procedure for hard drives seems a little overdone to me. Wouldn't a thermite grenade out in the middle of nowhere mean that the drive would be destroyed with less risk of interception than shipping it back to where it can be "properly" destoryed?

Re:The procedure's more than *that*!

[kuleiana]

OK, obviously /. has a problem with UTF8, which my browser's inserting by default. sorry

Say what?

[minsk]

wiping the whole disk and then writing 1010 all over it.

Did exactly that. Removed it from a computer. Wiped all over the disk. Then took a marker and wrote all over it. For additional security, wiped it *again* to remove the marker. And you nuts are still claiming there's secrets on it...

</fiction>

A+++++ Vendor!

[xonar]

A++++++++++++ service! Quick shipping, and free military secrets included! Would buy from again.

Re:A+++++ Vendor!

Did he include a bobcat?

Wiping the whole disk by writing 1010

[Gathers]

The problem with writing 1010 all over the disk is that it only covers an extremely tiny fraction of the disk. Most modern drives are much larger than 4 bits.

It is also highly inefficient since the OS would always have to read a whole sector (typically 512 bytes) and modify it in memory before writing it back again to avoid changing any bits outside of those 4 that are to be wiped!

So, why not just sell it on eBay and hope the buyer wipes the disk before using it?

Re:Wiping the whole disk by writing 1010

That got modded informative???? I've never seen a more utter lack of computer knowledge in my life! First off--assuming an 8-bit byte size--writing 1010 to a byte does NOT preserve the upper four bits! That would be nonsensical! Second off, the reason for caching has nothing to do with "avoiding changing unmodified bits." That's idiotic because bits are not read/written individually. The are written as entire bytes (even using serial drives).

Re:Wiping the whole disk by writing 1010

I don't know what's more sad, the cluelessness in the GP post, or the fact someone found it "informative".

Re:Wiping the whole disk by writing 1010

[Gathers]

Yes, I know that addressing a nibble (4 bits) to a byte is not possible unless you have a 4-bit computer like the Intel 4004, Toshiba TLCS-47 etc. That's the whole reason why you, to get that effect, have to read-modify-write the whole byte.

It is actually kind of the same as how you must read-modify-write a whole sector to change one byte on a disk.

Also, and perhaps more importantly; I was only joking/trolling and I have no idea why anyone would want to describe my post as Informative. Perhaps they found "Most modern drives are much larger than 4 bits." to be informative? :P

Cheers!

Close Enough For Government Work...

Rings true once again. Good thing we're on track to making EVERY aspect of our lives "Government Work".

Does the IRS do it better or worse?

[BenEnglishAtHome]

I work for the IRS and we supposedly use the DOD standard. Our wiping software actually has a "/DOD" switch. However, unlike the standard quoted in another post, our software just reinitializes the MBR and then does 7 random overwrites. Is that better or worse than writing patterns? I dunno.

I do know, however, that we never let a drive out of our inventory without a wipe. If the drive has failed completely, we have a big magnetic blanker we use. (Local option - in my office, we then take those drives apart, abuse the platters, and one of our techs makes sculptures from them. Neat stuff.)

As an aside, we never RMA drives, either. If a drive in our possession fails, we call for a warranty replacement and send back in the return box a signed statement swearing that we destroyed the old drive. If a laptop has a failure that requires a contractor tech to replace parts, we make them come on-site then have someone stand over them the whole time to make sure they don't try to actually read anything off the drive.

I would expect the military to do at least as well. Am I wrong?

Re:Does the IRS do it better or worse?

How's it feel knowing the bad guys know all they have to do is call enough times and the friendly IRS support staff will provide them any information they want?

Must make ya feel even better about working for the taxman. [/Troll]

Re:Does the IRS do it better or worse?

[querist]

The patterns are better because you KNOW what is happening. I do computer forensics work as part of my day job.

While the chances are very, very slim, it is possible that a "random" wipe could write the exact same 1111 1111 or 0000 0000 every time to the same area. Also, how random is your random source?

Recovering anything from a drive wiped with

      dd if=/dev/zero of=/dev/sda

requires highly specialized hardware and training - not what your average criminal will have handy (especially the hardware).

Governments, OTOH, may indeed have that hardware, though the "official" story is that modern hard drives have such high data density on the platters that doing a /dev/zero wipe as shown above would render the disk completely unreadable. Keep in mind that those DOD standards were created back when drives had MUCH lower data densities.

Personally, I like the sandblasting suggestion that someone else posted. That should do it - that or a vat of acid.

However, if you want to be able to use the drive again, /dev/zero should do the trick.

Re:Does the IRS do it better or worse?

[inject_hotmail.com]

Nope...I would say you are right. I recommend something like this to everyone that asks me about getting rid of their old computer(s) (and hence: hard drives). I usually can't believe it when seemingly intelligent human beings maintain a cavalier or the "well, it's going back to the factory, what could go wrong?" attitude.

Very few people have been interested in paying for such a data protection service.

I don't like to RMA drives I can't properly wipe...does the sworn statement actually work?

I wish more people were security minded...

Re:Does the IRS do it better or worse?

[BenEnglishAtHome]

Yes, the sworn statement works, but only because it's part of our contract negotiation from the beginning. We set it up as a part of each acquisition that we won't be returning any drives. Since we buy more that 30,000 computers a year, the people who sell them to us (currently, mostly HP) are OK with it. Occasionally there's some tension when a particular run of drives fails at a high rate; the contracts can be unprofitable if things go badly enough. But that's rare.

Such arrangements are far more common than most people realize.

Re:Does the IRS do it better or worse?

[WarlockD]

Yea, Nokia does the same thing too. Hell, they have a BONDED guy come by to shred the damn things once we fill up the bucket. Thats after the DOD wipe too.

Did I mention all laptop drives there are encrypted as well? Even if you could recover from a DOD wipe, you got an encrypted drive.

It REALLY irks me. This just shows they have no overall security policy and let everyone do what they want. I am just glad the IRS has precautions.

Re:Does the IRS do it better or worse?

who needs your drives anyway. Your systems are compromised daily! Your such an IT stud!

SInce When

[cfkboyz]

I just got out of the Military and was in there for 6 years. Not one time did we ever wipe a hard drive, not because we did not care nor to lazy. We never sold the hard drives or gave them away. We either reused the drive or we smashed it and then recycled it. The Army is so paranoid that we even had to take RAM out of old computers that processed classified information just because it MIGHT have information left...

Perhaps we should find new ways to motivate them

[AnalPerfume]

Every time a piece of hardware which wasn't properly cleaned to the recommended levels, the individual responsible for letting it leave the premises should be held accountable....personally. How about sharing state secrets with the enemy? You can't know who it was destined for so there's every possibility it will go overseas. To my knowledge this carries a harsh sentence, but we can allow a prison sentence if they co-operate with the authorities and ensure the command level personnel are also charged.

My guess is that most of this stuff happens through employee laziness, and contractor unaccountability. If you have lobbyists lairing in government to ensure that you keep the contracts no matter what and are able to hide anything under the "national security" red herring then why bother enforcing rules like wiping stuff properly? The idea of being held PERSONALLY responsible, with potential jail time will make people stop and think, specially if the command level have no loophole to blame their underlings for anything the press find out about.

Contractor drive, not military

[gatkinso]

For all anyone knows it could have been stolen.

Re:Contractor drive, not military

[coolsnowmen]

I'm almost positive they are. Any security clearance room I've worked in, you can't take anything out of the room, let alone selling them on ebay.

So I definitely think someone stole these for the cash, because defense contractors who work on classified projects don't sell hard drives on ebay (wiped or otherwise).

THAAD not used in Iraq

I think the blurb is incorrect. THAAD was not used in Iraq, in fact its not even a deployed system at this point.

Obligatory Down-mod

-1, Dumbass

wipe? destroy!

[anonieuweling]

Why wipe a disk?
Media is cheap nowadays. Just destroy the disk.

Re:wipe? destroy!

[butlerm]

I take a hammer to all my old drives...who wants a five year old drive anyways?

Mandatory

[lufo]

Wiping hard drives is no rocket science. It's HARDER than rocket science, indeed.

Great Quote

[clickclickdrone]

One of the researchers, Professor Andrew Blyth said: "It's not rocket science..."

Induction Cooker

[Sponge+Bath]

Has anyone here ever used an induction cooker to wipe/destroy a hard drive?
It seems that should be effective and entertaining.

Disks full of porn "sold to military"

[David+Gerard]

[probably to post tomorrow]

Gigabytes and gigabytes of pornography and highly sensitive login details for gentleman's art sites were bought by a US military missile air defence base second-hand on eBay.

The artistic pamphlets were found on a hard disk for the SPLORT (Super-Powered Less Obviously Retronymed Thing) ground to air missile defence system, used to shoot down Scum missiles in Iraq.

Dr Andy Jones, a researcher at the base, said "This is the fourth time we have carried out this research and it is clear that records left on hard disks are the twenty-first century equivalent of random pornographic magazines found in bushes and parks by masturbation-crazed eleven year old boys. PHWOAR, LOOK AT THE TITS ON THAT ONE! I'm sorry, I'm just reviewing a birdwatching site. Fabulous display of Cyanistes caeruleus.

"Of significant concern is the number of large organisations that are still not disposing of confidential information in a secure manner. Thank fuck."

The disk also contained login details, credit card numbers and 18 USC 2257 information on ... "prospective military contractors," said Dr Jones. "Really. Prospective contractors. We're getting in touch right away."

These assertions clearly false

[Timwit]

A hard drive contained records from human resources *and* classified THAAD information? No way that's true. Classified information would be on its own network, and there would never be any reason to copy it to HR. Even if a contractor neglected to destroy or wipe a disk, only one type of information would be found on it, and not both.

Re:These assertions clearly false

[Culture20]

Could be a spy's drive.

This doesn't make sense...

[LoneAdmin]

I worked for a government contractor at Tinker AFB in Oklahoma back in 2005-2006. I was on a contract doing server/desktop support for a wing on the base. Whenever we had a failed drive in a desktop, laptop or server there were certain protocols that we had to follow to make sure the data was compromised. We had to remove the drive and then take it apart completely. Once it was dismantled we had to scratch the platters to make sure they couldn't be reassembled in a different drive. I was also in on a server upgrade and they were going to sell the old server in a surplus auction. We were told to run a wipe of the drives and then REMOVE THEM because DOD regulations stated that the drives couldn't be sold at all. Then we had to destroy the drives in the same way I described above. Obviously this situation is someone not doing their job or just taking drives to make money.

Re:This doesn't make sense...

[clickclickdrone]

>there were certain protocols that we had to follow to make sure the data was compromised
There's your leak right there!

Screw the 1s and 0s

Maybe a DOD wipe should have been the first step. But this should have been the last step http://www.youtube.com/watch?v=yd_O7-rqcHc

Re:For Highly Classified Data, it's more than a wi

[jandoedel]

?? why would sandblasting an intern help in wiping the disk?

Erase and 0 7 times

[olddotter]

Last time I read the military specs for harddrive disposal, moderately sensitive data disks should be deleted and zero'ed 7 times. (That options is on the Mac Disk Utility, BTW.)

I'm sure the gov't will be more careful with...

all of our personal health care records once they "overhaul" everything and run every citizen's personal health care with the same level of efficiency and fraud rates as MediCare, MedicAid, Social Security, etc...

Not the individual, but the senior brass.

Every time a piece of hardware which wasn't properly cleaned to the recommended levels, the individual responsible for letting it leave the premises should be held accountable.... personally.

Nope, don't hold the grunts responsible.

Hold the management at the very top responsible. For example if a megacorp like Lockhurl Moron hired a subcontractor to handle the sensitive data, then the CEO of L.M should be arrested in 3:00AM at his home, by a SWAT team who busts down
the doors, shoots the family dog, and holds his wife and children to the floor with machine guns to their heads, then all his assets get seized and he goes to federal pound in the ass prison for the rest of his life.

One or two of those events happening, and all the defense contractors in the country will suddenly shape up their security.

What a joke

[TheLink]

That challenge is a joke.

1) If I could recover data from a zeroed drive, I'd charge a lot more than USD500 to do it. Why? Because there will be people who would pay.
2) I'd charge a LOT more to show you how to do it with NDA etc.
3) I'd charge even more to publicly disclose to everyone how to do it.

Secondly this from the website is even funnier: "Yes, if your company is an established, professional data recovery company (see below). Send a self-addressed, postage-paid box with packaging material to the address listed below and we will mail the drive to you."

Go look at Pwn2Own as an example of a competition that gets some serious entrants. The last I checked, USD10000 plus a Macbook is worth more than USD500.

I'd say hacking OSX is easier than recovering zeroed drive - especially since involves using far more expensive hardware.

terrible article

1) Very little about THAAD is at TS level
2) THAAD wasn't deployed to Iraq-- it's still in testing
3) Test procedures (think detailed countdowns) aren't themselves classified, but generally are FOUO
4) the picture in TFA is of a launch of an Israeli Arrow interceptor, not a THAAD

All that still doesn't mean the HD should have gone anywhere without being overwritten.

Fact check, story makes false claim.

THAAD was never used to shoot SCUD missiles down. That was PATRIOT.

THAAD is still in development with very limited fielding (if any).

The sad part is I stopped reading the otherwise-interesting story at the first falsehood.

microwave?

Would microwaving the platter accomplish this?
Heating it above the Curie temperature that is.

best tool

the best disc cleaning tool is thermite!

DBAN!

[LanMan04]

DBAN to the rescue!

http://www.dban.org/

Truely poor standards.

[TheMightyFuzzball]

When last I checked the military's policy on wiping hard drives was to wipe it, write 1s and 0s and then cut the drive in half and send each part to separate locations to be destroyed. Maybe they wanted to make a little money from selling them on Ebay instead of just destroying them. See what this economy is doing to people!

It's...They are~

[Shard.Oglass666]

UNCLEAN!

From the cash cow department

[dbIII]

I doubt they were illegally sold - it's more likely to be a breach of procedure due to incompetance considering where it was from and what was on it. Also does it really matter in this case? Where is the real SCUD missile that the system managed to shoot down? That's right - there wasn't one and there has been press about that. Leaked plans for Starwars snakeoil are unlikely to do much damage but it's now a good excuse to get rid of projects that show incompetance at all levels. Lysenkoism drove funding for a lot of things that just sounded cool and never had to actually work, and once a company is aware of that it just becomes a cash cow tended by those without the ability to succeed elsewhere in the company or those that lose hope when they become aware that they are working on a sham project.

Why risk it?

[Godskitchen]

The data is much more valuable than the $20 or $30 bucks they can recoup from selling the drives on Ebay; I don't know why a government agency would risk doing this.

man shred

Here's the important bits. I have a gOS boot disk for this specific purpose.

shred - delete a file securely, first overwriting it to hide its contents

...
Delete FILE(s) if --remove (-u) is specified. The default is not to remove the files because it is common to operate on device files like /dev/hda, and those files usually should not be removed. When operating on regular files, most people use the --remove option.

CAUTION: Note that shred relies on a very important assumption: that the filesystem overwrites data in place. This is the traditional way to do things, but many modern filesystem designs do not satisfy this assumption. The following are examples of filesystems on which shred is not effective:

• log-structured or journaled filesystems, such as those supplied with AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
• filesystems that write redundant data and carry on even if some writes fail, such as RAID-based filesystems
• filesystems that make snapshots, such as Network Appliance NFS server
• filesystems that cache in temporary locations, such as NFS version 3 clients
• compressed filesystems

In addition, file system backups and remote mirrors may contain copies of the file that cannot be removed, and that will allow a shredded file to be recovered later.

-bash-3.00$ cat /etc/passwd > foo
-bash-3.00$ shred -v foo
shred: foo: pass 1/25 (random)...
shred: foo: pass 2/25 (222222)...
shred: foo: pass 3/25 (924924)...
shred: foo: pass 4/25 (000000)...
shred: foo: pass 5/25 (555555)...
shred: foo: pass 6/25 (333333)...
shred: foo: pass 7/25 (111111)...
shred: foo: pass 8/25 (cccccc)...
shred: foo: pass 9/25 (6db6db)...
shred: foo: pass 10/25 (db6db6)...
shred: foo: pass 11/25 (ffffff)...
shred: foo: pass 12/25 (aaaaaa)...
shred: foo: pass 13/25 (random)...
shred: foo: pass 14/25 (eeeeee)...
shred: foo: pass 15/25 (b6db6d)...
shred: foo: pass 16/25 (444444)...
shred: foo: pass 17/25 (666666)...
shred: foo: pass 18/25 (999999)...
shred: foo: pass 19/25 (492492)...
shred: foo: pass 20/25 (bbbbbb)...
shred: foo: pass 21/25 (888888)...
shred: foo: pass 22/25 (dddddd)...
shred: foo: pass 23/25 (249249)...
shred: foo: pass 24/25 (777777)...
shred: foo: pass 25/25 (random)...

Anonymous Coward

Lol Good One!

"A++++++++++++ service! Quick shipping, and free military secrets included! Would buy from again."

Re:For Highly Classified Data, it's more than a wi

[silver007]

link please

Plasma Furnace

When I was "in", procedure was for something this sensitive the whole drive went into an electric plasma furnace.

No, really.

These drives primarily come from defense contractors which are the biggest source of information leaks. Hell, H1B's just walked off the job with it.

Re:Plasma Furnace

[cayenne8]

"These drives primarily come from defense contractors which are the biggest source of information leaks. Hell, H1B's just walked off the job with it."

H1B's can't work on classified systems. If you're not a US citizen, you aren't even considered for those positions.

Re:Plasma Furnace

[muridae]

You don't necessarily need to be working on the classified system to have access to the computer. Someone has to clean up the computer labs.

Re:Plasma Furnace

[cayenne8]

"You don't necessarily need to be working on the classified system to have access to the computer. Someone has to clean up the computer labs."

They don't let just anybody into any area that contains either classified materials, or classified machines. You have to be cleared to even enter those areas much less access information. An unclassified person would not even be able to enter the room, much less touch anything in it. You're not going to be classified if you are not a US citizen...at least not normally.

No such thing as a "DOD standard" for classified

Long-time defense contractor here. I don't know about the rules for unclassified but "sensitive" data, but if you've got classified media, there is no "DOD standard" for wiping a drive. It's supposed to be physically destroyed, not reused and certainly not sold on eBay.

No more disks in workstations

[jhfry]

With PXE network boot, remote desktop, virtualization ect. There is little reason that any information higher than "sensitive" would ever need to be stored on a disk that is outside a secure data center. I would like to see the governemnt do away with desktop computers completely in favor of thin clients or something similar.

Re:No such thing as a "DOD standard" for classifie

[CannedTurkey]

Where I work we purchased a plasma cutter for the sole purpose of destroying platters.

Unclean Military Hard Drives?

[clone53421]

Doubleplus ungood!

DoD 5220.22-M no longer canonical

Taken from DoD 5220.22-M Wipe Standard:

These have been superceded by NIST Special Publication 800-88:

http://en.wikipedia.org/wiki/Data_remanence

Generally speaking, for modern drives you only have to overwrite once to clear the data. However, the US gov't is paranoid, so for any data that is SECRET or TOP SECRET you usually have to degauss the magnetic media.

Please don't cite 5220.22-M; it's no longer pertinent (and overkill).

What a load of crap

Sure, the DoD stores all the sensitive data on a single desktop style hard drive. "Oh look, we have a 300GB drive we bought at the electronics store." "Awesome, lets use it to store the missle defense blue prints" "oooo, can I use to store social security numbers? Sure why not."

Information like this would undoubtedly be stored on some type of array, be it server or local. The information it contained would essentially be garbage, sans a pixel here and there; and only if it wasn't encrypted in the first place. Good luck with a cipher in which you only have broken segments.

DoD policy

[JTsyo]

Scary that they did not wipe it to Department of Defense standards which I believe is wiping the whole disk and then writing 1010 all over it.
You would think the policy is to destroy them not sell them on e-bay,

Re:DoD policy

[Bobfrankly1]

You would think the policy is to destroy them not sell them on e-bay,

Yeah, but the government is throwing money at GM and Chrysler...they gotta raise that money somehow, oh wait, they just print it, my bad...

Consider the source

[soniCron88]

Everyone's so caught up debating the possibilities of recovering data from discarded hard drives that nobody seemed to notice this "article" is from the UK's finest tabloid, Daily Mail.

Wake me when we have a legitimate source.

Re:Consider the source

[Bobfrankly1]

Point made. When the sidebar is entitled "FEMAIL TODAY" and features Lindsay Lohan, you have to question their journalistic ability.

Re:Consider the source

[JustNiz]

You have no exceuse. Everyone knows that for professional journalism you should read The Sun.

Hmmm...

[Bobfrankly1]

Unclean Military Hard Drives Sold On eBay

*Starts yelling from the distance* UNCLEAN!!!! UNCLEAN!!!

Seriously though, somehow I picture this ending up on a Red vs Blue joke...bow chika wow wow!

GET A MAGNET!

[TheLeopardsAreComing]

It's amazing to me in this day and age that highly sensitive information is leaked via old hard drives. My understanding is this: a.) you have highly sensitive information on a hard drive b.) you thoroughly destroy the disk( magneto, powerful magnet, baseball bat) c.) you check to see if the information was destroyed d.) ? e.) PROFITS If this is not done, some sneaky cheeser is going to find a way to get your info. -- this does not include intentional leaking of info

Does it matter

[Jeez01]

Considering IT work is more or less outsourced to Bangalore even among Pentagon contractors, i doubt companies like Wipro, TCS do much in terms of keeping their client's work secret.

Good Indicator

[Jaysyn]

Just another indicator that any screams of "terrorists!" coming from our military-industrial complex are nothing more than a dog & pony show.

EPIC FAIL

[kheldan]

Why the hell is the military selling used hard drives in the first place? If there is ANY chance of there being ANY sensitive data on a drive, even in deleted files, they should physically destroy the drive or at least completely degauss it to the point of it being scrap. Even the private sector knows better that this! When I worked as a contractor for Intel, they would run ALL used drives through a conveyor belt driven degaussing machine that would render the drives unusable scrap because they did NOT want any I.P. recovered by third parties. Doesn't our own military know better than this?

Re:Obligatory oxymoron -- See parent

[oDDmON+oUT]

Truth hurts doesn't it?

Re:For Highly Classified Data, it's more than a wi

[tippe]

I prefer the muriatic acid formatting approach myself. You know, just in case there are any confidential bits or bytes left in the drive's PCB traces or ICs, or sticking to the side walls of the platter enclosure. You can never be too careful....

Poor CmdrTaco

[samjam]

Hats off to CmdrTaco who was arrested at home a few moments ago as a terrorists dangerous to national security, through publishing information likely to give comfort to and support the cause of terrorists, and disseminating information likely to aid terrorists and other enemies of the state.

found that out the hard way

in fact, any electronic equipment going in.. never leaves.

The fsckers' took my microporcessor controlled artifical leg and crushed it. Then they laughed their fsckin' heads off as I hopped to my car in the car park. Fsckers.

Smash 'em

I used to work on classified tactical systems. When our drives were being discarded, we ran them through a heavy-duty degausser and then too a sledgehammer to them, making sure the platters were thoroughly shattered.

That cuts both ways

[kaladorn]

It is possible that the people who want to sell you a product don't want to announce the capability they wish to sell you is not necessary.

Besides, if the government is after you, they have such a variety of options to figure out what goes on (pin cameras, laser mics, various other forms of mics, analysis programs that can guess what you are typing, installation of keyloggers, and just simple acquisition with legal means like a warrant) that worrying about whether they may, beyond all known capabilities of industry, be able to recover data off your drive is absolutely hilarious.

If you're that paranoid, just never, ever do or say anything the government will pay attention to. In the maxima, this means never doing or saying anything. Ever.

THAAD was not used in Iraq

[Thagg]

The THAAD system has never been deployed. It's always been a sore point for me -- typical headlines in Aviation Week are "THAAD fails tests for the third time in a row", or "THAAD deployment delayed yet again", or "THAAD does not live up to promises."

Kinda pisses me off.

Thad [just one A!] Beier

it's hammer time!

It's hammer time!

mod parent up!

[someone1234]

This was the first thing that came in my mind too!
They blame P2P when they put sensitive data on computers accessible on the net, or just sell it outright.
This latter could happen even if the internet wouldn't exist at all.

Even easier: BIOS wipe utilities

[davidwr]

Some major vendors include "wipe hard drive" as one of the functions built into the BIOS.

It would be way cool if drives had a jumpers that if set on drive-power-on, would cause the drive to not connect to the bus but rather start writing random data to wipe the drive. Add a status LED that blinked a pattern based on the pass number in progress: "flash pause" for "in the middle of pass 1," "flash flash pause" for "in the middle of pass 2," etc., with a special blink sequence if any pass failed to write to all sectors including previously-marked-bad sectors. Store the results in the drive's nonvolitile RAM for read-back later and you have the means to certify that the drive was wiped.

Since on modern drives all but the most sensitive data is safe after a 1-pass wipe, this would make recycling computers much easier.

Re:No such thing as a "DOD standard" for classifie

Where I work we purchased a plasma cutter for the sole purpose of destroying platters.

Where I worked we had a BFG9000 solely for destroying hard drives.

IF they wipe 'em and write 1010 all over them...

[Mucky+Pup]

They'd be easy to spot: just look for shiny hard drives (wiped) with the numbers 1010 written (hopefully using a sharpie) all over it!

All that data on one hard drive?

[novalis112]

Am I the only one that finds it peculiar that all that wildly different data was found on one hard drive? Security policies, social security numbers, facility blueprints, ...etc.? I mean, of course it's *possible*, but it seems a bit odd to me that such disparate kinds of data would all be on one server, let alone one hard drive.

Use shred on the disk device, like dd.

[emil]

This is addressed in the shred man page:

"The default is not to remove the (original) files because it is common to operate on device files like /dev/hda, and those files usually should not be removed."

If you shred the disk device, rather than individual partitions or filesystem entries on the disk device, you will get the swap areas and other relevant metadata. In the above example, /dev/hda1 may be your swap, and /dev/hda2 may be your filesystem. If you shred /dev/hda, both will be overwritten. If you shred only /dev/hda2, the swap will be preserved (which is not what you want). Under no account would you mount /dev/hda2 and shred files within it and expect secure erasure.

The shred manpage has specific warnings about journaling filesystems and other cases where your erasure will not be as secure as you would like.

The Hard Drive That Never Was

[ses114]

Hang on....let me adjust my tin foil hat.....ok..... This hard drive might have been deliberately put on ebay with the hope it would fall into the "wrong" hands.

MCI standards

[HTH+NE1]

Scary that they did not wipe it to Department of Defense standards, which I believe is wiping the whole disk and then writing 1010 all over it.

I've been using MCI's standard: writing 1010220 all over it, then taking the sale of the drive as a tax deduction for advertising expenses.

A novel invention for that in the Netherlands...

[thrill12]

...is the hard drive shredder, a machine that simply shreds complete hard drives to pieces. Apparently some large defense institutions showed interest at the time this invention was presented at "Dragon's Den" (a TV-show where people can request money from private investors).

DBAN

[GodfatherofSoul]

Mindlessly easy to use, you can burn it onto floppies or CDs as a boot image, and effective.

Exactlly what is the news here?

[lorg]

They do this "experiment" several times a year and they all come to the same conclusion; OHH WE FOUND THE SECRET DATA!

So is it really even news anymore? Shouldn't the new really be "We learned nothing since last time!".

THAAD

Isn't that a boss in Naxxramas?

room full of them

[slashdime]

A friend of mine who worked IT for a firm that provided processing for insurance companies told me that he constantly took hard drives home and had ready access to lots more. Why? Because there was a storeroom, completely filled with hard drives ranging back to 10gig ones. The company has a policy that formatting the hard drives aren't enough, they have to be put through a machine where the entire hard drive is basically ripped apart and turned into screw sized scrap metal. The cost of this is roughly $20 per hard drive (iirc). At some point, it became cheaper just to warehouse them then actually destroy them. New hard drives that were to be destroyed then didn't have such a priority to be wiped. "Oh, just leave it there for now, we'll throw it in the room later." If it went missing, no one really cared.

harddrive obviously stolen

[societyofrobots]

The DoD does not sell harddrives on EBay, however gov't contractors that steal harddrives do (fact).

What I've been told is that all old harddrives are sent to specialists who wipe all data, then incinerate the drive.

I occasionally work for the Navy as a contractor.

Re:For Highly Classified Data, it's more than a wi

yeah, degaussing should be good enough on him.

unclean?

Vampire hard drives?

Hamma Time

[PalmKiller]

I whack my old drives several good licks with a heavy hard-faced ball-peen hammer, then dispose of them. Much more secure than any DoD standard way of wiping the drive, especially if you peen the disk platters into a nice curved and sometimes cracked surface.

Re:For Highly Classified Data, it's more than a wi

?? why would sandblasting an intern help in wiping the disk?

It doesn't. But it sure is fun!

Re:For Highly Classified Data, it's more than a wi

Who says it helps? It's just fun.

Hint

Embassies. They're your one-stop-shop for selling intelligence off the street.

Re:Hint

[noundi]

I'd like to see you try. Hell I'd even pay to watch.

This needs to be a TV show

[Twyst3d]

At least a mini series. Kinda like Mythbusters except they destroy hard drives each week a different way and then see what kind of information can be salvaged off them by real experts.

DoD 5220.22-M; other DoD standards

[DragonHawk]

"Taken from DoD 5220.22-M Wipe Standard:"

GAH!! Not this again. DoD 5220.22-M, full title "National Industrial Security Program Operating Manual", more commonly called NISPOM, is not and never was a wipe standard. It is a 150 page document that covers all aspects of the National Industrial Security Program (NISP). NISP is the jurisdiction for most commercial contractors doing classified work. Sanitization is about two paragraphs in this document. In every edition published within the past 15 years or so, I've never seen seen it get into specifics about methods -- it just says the CSA (Cognizant Security Authority) gets to set them. I've seen one document of uncertain origin, dated 1995, which did provide a list of methods, but there were several options depending on the nature of the medium and the data.

You can download the NISPOM from the official source here: https://www.dss.mil/GW/ShowBinary/DSS/isp/fac_clear/download_nispom.html Sanitization is Section 8-301(b) on page 8-3-1 (ordinal page 75).

Most NISP jurisdictions have to follow the DSS Clearing and Sanitization Matrix. As of ISL 2007-01 (Oct 2007), the C&SM does not permit overwriting for destruction. Only degaussing or physical destruction is acceptable.

Further, the degaussing standards require one to remove and degauss each individual platter. As someone else noted, degaussing a modern hard drive erases the factory formatting and renders it unusable.

For physical destruction, it's not enough to drill a hole through the platter, either. Every bit (pardon the pun) of surface area must be obliterated. Grinding, sandblasting, incineration, liquidation, vaporization, pulverization, etc.

NIST 800-88

[DragonHawk]

"These have been superceded by NIST Special Publication 800-88:"

NIST does not have jurisdiction over DoD. NIST 800-88 doesn't supersede 5220.22-M. 5220.22-M is still in effect; the most current edition is 2006. (See my post here for where to get it.) It doesn't specify methods, though; as far as I can tell, it never did.

Most DoD and NISP jurisdictions are under DSS authority; the DSS publishes their own Clearing and Sanitization Matrix for this sort of thing. I discuss that in that post, too.

NSA degaussing

[DragonHawk]

"While you're having fun, note that there is a good chance that the degausser just fries the electronics (by inducing strong currents where they don't belong) but leaves the data on the platters intact"

Any degausser being used to sanitize a hard disk which contained classified information must be purchased from the NSA's Evaluated Products List, and used in accordance with NSA standards. Those typically include removing the platters from the drive enclosure and degaussing them individually. I'm pretty sure it's more than just the electronics. Mission objectives aside, the NSA knows what they are doing.

Re:NSA degaussing

samos69 mentioned that they bought a degausser so that they could quickly erase whole hard disks and donate them to charities. Even though they realized that it doesn't work like that, they appear to keep using the device for degaussing hard disks. I don't think disassembling the drives is part of their procedure.

Damn Jarheads...:-)

[rts008]

Man, you Marines...
This should get added to the USMC mission planning. Have all branches/departments of the Fed. Gov't. turn over their HDD's to the USMC for destruction.
Use it as a 'punishment detail' for minor infractions.

Sounds like a perfect solution:
HDD's need destroyed
Marines needing punishment for that brawl in the bar
Marines are Masters of Destruction

Note:see 'subject', as I was 'smiling when I said that!'[former US Army dogface here]

Tremble before the mighyty Vulcan, HDD!!

[rts008]

I'll bet that results in some interesting 'pattern welded' trinkets!

Re:Tremble before the mighyty Vulcan, HDD!!

[BrokenHalo]

I'll bet that results in some interesting 'pattern welded' trinkets!

Unfortunately, the heterogeneous mixture of stuff in those things ends up as an amorphous mixture of very, very thin flakes. :-)

That's ridiculous

That's ridiculous. Their IT guys should be ashamed of themselves. We get through ~6000 disks a year, and the wipings done by someone popping in for like 10 or 20 minutes 3x a day in our secured wiping room to change the drives out. One person could handle everything if it was just pulling disks, wiping em, and shipping out empty machines with boxes of wiped disks to a recycler or reseller.

        I work at a university computer surplus, and we've been running the computer section (getting about 6000 machines a year through) on about 2-3 "full time equivalents" for years (that is, 80-120 hours a week). I think a military contractor can afford that. It was 2 full-time plus students, more recently one full-time (me) plus student labor. This includes a sale day 1x a week.

          No equipment budget, but this is no problem since we have a stream of surplus hardware coming through.

          Hard disk wiping? DBAN, set up so it requires no key pressed to start wiping on CD. Eight stations, with some old Promise TX2-100 cards (that mysteriously tend to outrun the on-board IDE..) in them with 2 ide cables poking out. each card. 8 of these stations, so like 32 drives if the drvies cooperate, typically closer to 16.. if two drives don't cooperate on the same cable, to avoid dicking around with jumpers, finding out "those two models don't work on the same cable" (which happens far more often than it should), etc., we just put those two uncooperative drives by themselves on two cables. We also have a SATA station (not very many SATA disks yet..), one for laptops, and a few SCSI stations to handle 4 or 5 SCSI types, HP/Compaq Netserver disks and Dell PowerEdge disks.

          To allow auditing, we have a Ubuntu, Apache, MySQL, PHP setup so to track a hard disk, we scan the serial number, scan brand off a barcode page with most brands listed, scan size off another page of barcodes. (There is a keyboard to handle Quantum drives (that all have unreadable barcodes...), and other contingencies.) An olllld mailing label printer (which we made sure to keep several spares of...) prints a label that we put on the drive, then when it's put back in a computer put the label on the computer (it has blanks for CPU, RAM, and "O" to handle other info, size printed on it, and barcode on it.) After it's wiped, it's scanned wiped and a small "wiped" sticker put on the drive. When a drive or machine is sold or bad drives taken to recycle, we scan 'em out "sold" or "recycled". If it's Ebayed it's scanned out "Ebay". Since barcodes are used for everything this adds under a minute to the whole process.

          For systems we sell we have an automated ubuntu 8.04.1 install off an install server (which, right now, is older and slower than most of the boxes we're installing on to...). To install, we open 'er up, look for obvious blown caps, missing RAM, etc., (pop out the old hard disk if it's there), take the label off the hard disk and pop it in the machine (thank goodness,most Dells use drive rails..) Power it up, if it works put the label on, go in the bios, write down CPU speed and RAM amount. Set boot order to "floppy, CD, hard drive, network boot". If it doesn't support PXE booting, put the GPXE CD in. That's it! The install takes like 15 minutes but 0 user interaction so you can just go on to the next machine. Sounds like a lot of steps but if the machine's healthy it all takes maybe 1-2 minutes. This does make a nice burn in test, if it crashes, locks up, etc. it's faulty.. some *cough*GX270*cough* machines that pass visual inspection pop a cap during this stage.

          In conclusion, what a bunch morons, they're either criminally cheap for not spending for like 1 drive disposal guy, or lazy & negligent.

Degaussing without disassembling drives

[DragonHawk]

"I don't think disassembling the drives is part of their procedure."

I remembered that being permitted, provided certain requirements were met by the degaussing equipment. I just double-checked, the EPL and it seems there is more such equipment than I remembered. Perhaps things have improved since I last looked, or perhaps my memory was just faulty. I know we were only interested in the cheaper hand wands, which do require disassembly, so perhaps my memory magnified that part of the document.

You can find the NSA Evaluated Products List online:

http://www.nsa.gov/ia/_files/Government/MDG/NSA_CSS-EPL-9-12.PDF

Waterboarding Time

[Moe1975]

Good Lord, and to think that the unfortunate soul who ended up with the drive is probably being waterboarded already for his/her troubles, as I write this.

Ok, back to work, this is too depressing.

MOE

Re:Perhaps we should find new ways to motivate the

They are.

If you have a government security clearance and you leak out any information, you are escorted out, while they bring up charges against you. It is all clearly laid out in a form you sign when you get a clearance(SF 312?)

As for the issue with RMAing, either we get the parts shipped to us and replaced in house or just give them a new PC. All old ones are kept in storage until they decide to get rid of them. Unclass is DBANed/reimaged with random junk, and anything higher is either burned or physically destroyed in some way.

I was there

Some years ago I worked for Lockheed. One day some confused person checked some secret data into CVS. It was manually deleted from that server, and enforcement guys went around to every developer station which had done an update in that time window, collecting hard drives and tossing them into a tiny highly-secure room. You could ask to go in there and view your old HD for any important data, but no digital media could be removed.

It was the roach-motel doctrine for data security...

Encryption

[Neoro]

Why don't they have the entire hard drive encrypted anyway so if one leaks through their deletion protocol, it isn't quite so bad?

Standard Procedure

[Demonantis]

Aren't those drives supposed to be degaussed. I think the procedure the author is talking about is dated. The company that sold the drive is probably kicking themselves since the sale of that hard drive is probably not going to cover the penalties and lost contracts the military will punish them with.

Physical destruction of disks

I was under the impression that any storage media which has ever contained top-secret data must be physically destroyed as the last step in the wiping process. Makes me wonder... was the information declassified? The patriot missile system has been around for ~30 years now.

Insecurity

[lsatenstein]

I thought standard procedure was to run over the disk with a steam roller. A new disk is required to make use of the diskless remainder.

THAD has never seen combat

THAD has never seen combat. It was not used in Iraq or anywhere else. It was a proven weapon in late 1999 and 2006 was where things were really looking good but it still is not mission ready. I used to work for LM, we would do DOD erase on all HDD's and we never sold them or outsourced there distruction when I was there. I wasn't allowed to have my datalink watch at work because it could hold data. We did things right. I was layed off at the end of a contract. Maybe times have changed but I suspect this was not a result of policy but maybe a very bad decision made by an individual. I wouldn't want to be that person when the figure it out...