Unclean Military Hard Drives Sold On eBay

An anonymous reader writes "The Daily Mail reports, 'Highly sensitive details of a US military missile air defense system were found on a second-hand hard drive bought on eBay. The test launch procedures were found on a hard disk for the THAAD (Terminal High Altitude Area Defense) ground to air missile defense system, used to shoot down Scud missiles in Iraq. The disk also contained security policies, blueprints of facilities, and personal information on employees (including social security numbers) belonging to technology company Lockheed Martin — who designed and built the system.' Scary that they did not wipe it to Department of Defense standards, which I believe is wiping the whole disk and then writing 1010 all over it."

Unclean?

[Nerdfest]

I guess we'll need to format them in a purifying fire then.

Re:Unclean?

[auric_dude]

Or use http://www.dban.org/node/68 - good enough for The Government Of Canada so good enough for these disks?

DoD wiping standards

[mati.stankiewicz]

"which I believe is wiping the whole disk and then writing 1010 all over it."

Taken from DoD 5220.22-M Wipe Standard:

"[...]DoD requires overwriting with a pattern, then its complement, and finally with another pattern; e.g., overwrite first with 0011 0101 [35h], followed by 1100 1010 [CBh], then 1001 0111 [97h]. The number of times an overwrite must be accomplished depends on the storage media, sometimes on its sensitivity, and sometimes on differing DoD component requirements. In any case, a purge is not complete until a final overwrite is made using unclassified data."

Financial Firms Do the Same

[__aajwxe560]

I perform computer forensics work, and part of my research towards obtaining my degree was going to the MIT Swap Meet (great event) and buying used hard disks from vendors on occasion. In about 90% of the cases, the user appeared to have simply "deleted" the files, with nothing more. Now, I would expect this for a normal home user, not knowing any better, but the biggest thing of concern was the number of drives that came from various corporate entities. I was able to see and read data from drives that clearly came from several major banks, including mortgage apps, SSN's, corporate planning documents, etc. Again, the files appeared to have been simply "deleted" by the IT folk, instead of securely wiped, making it trivial at best to read everything.

So while this example is no better, I believe it highlights an ongoing problem that involves better user education and disk encryption helps solve.

Little OT Anecdote

[rodrigoandrade]

I used to work for a major OEM whose clients included the military, along with other branches of the US government. The military in particular had a "strict" policy about hard drives: they did NOT RMA them EVER. If a PC of theirs was to be returned or sent in for service, it arrived without the hard drive.

What's the point of such strict policy towards your supplier if some dumbass from within will just pawn it off on Ebay?? It's not the first time this happens.

Re:Scary that they sold the disk at all

[rongage]

Modern drives have "servo tracks" on them - used for setting the head position. If you use an eraser powerful enough to wipe the drive, then the servo track is most likely also wiped - rendering the drive totally useless to most folk.