Study Finds 1 in 10 Used Hard Drives Contains Old Personal Data

Lucas123 writes "A newly published study by Britain's data protection regulatory agency found that more than one in 10 second-hand hard drives being sold online contain recoverable personal information from the original owner. "Many people will presume that pressing the delete button on a computer file means that it is gone forever. However this information can easily be recovered," Britain's Information Commissioner, Christopher Graham, said in a statement. In all, the research found 34,000 files containing personal or corporate information were recovered from the devices. Along with the study, a survey revealed that 65% of people hand down their old PC, laptop and cell phones to others. One in ten of those people who disposed of their old devices, left all their data on them. The British government also offered new guidelines for ensuring devices are properly wiped of data."

Whoopdie-doo

[timeOday]

Who is going to bother with a time-consuming forensic-analysis style attack with a 10% chance of success when you can break into some company and get thousands of credit card numbers and/or SSNs? Sheesh, if you want credit card numbers, just get a job at any restaurant as a waiter.

Re:Whoopdie-doo

[YodasEvilTwin]

This figure actually seems extremely low. 90% of people know how to properly wipe their drives? Yeah right. And there's essential 0 risk in stealing data off a drive you legitimately own or find in the garbage -- not so for screwing around at work.

Re:Whoopdie-doo

[agm]

Sheesh, if you want credit card numbers, just get a job at any restaurant as a waiter.

I don't understand this comment - I have never been to a restaurant where my credit card (or debit card) leaves my possession. And I always pay by either one of them. You actually give someone else your credit card and they then leave your sight with it?

Re:Whoopdie-doo

Yes, you put the credit card in the payment book, then they take it away and run it. When they come back you sign the slip.

Re:Whoopdie-doo

[whoever57]

- I have never been to a restaurant where my credit card (or debit card) leaves my possession. And I always pay by either one of them. You actually give someone else your credit card and they then leave your sight with it?

In the USA, yes. That's what normally happens.

Re:Whoopdie-doo

Um, I'm assuming you don't live in the US, or are new to credit cards. Roughly 80% of the restaurants I've eaten in take your card with them to their register, swipe it, and then return it to you. Pretty common.

Re:Whoopdie-doo

He also always does this (when he goes to a restaurant). And yet he also always never has it leave his sight. Hint: he doesn't leave his parent's basement; this is slashdot.

Re:Whoopdie-doo

Forensic-analysis? I don't think it's very difficult or time-consuming at all.

And it could be an individual looking to benefit off of it. They needn't have thousands of targets.

Re:Whoopdie-doo

[agm]

In the USA, yes. That's what normally happens.

Damn, that's just asking for trouble. There's no way I would let anyone take my credit or debit card out of my sight. The majority of times I do the actual inserting of the card into the machine before entering my pin - the retailer never get their hands on it.

Re:Whoopdie-doo

[icebraining]

Or maybe (s)he lives in a country like mine, where GSM-connected portable card readers (with keypads for PINs) are ubiquitous? I know you're used to your broken payment systems, but you shouldn't assume everyone is.

Re:Whoopdie-doo

how many card numbers do you think you can get working as a waiter before fraud detection homes in on you and sends your ass to felonyland?

Re:Whoopdie-doo

[thepyro1]

But how many of the people that buy new HDD's to put in their computers know how to wipe them? I know a lot of people who can't even open the case, so the sample is going to be of more "Tech savvy" people.

Re:Whoopdie-doo

[realityimpaired]

Not so long ago, it was like how he's describing it everywhere else in the world.

As with any new technology, the more densely populated areas are the first to get it. Here in Ottawa, Canada, we've had the cellular and wireless card readers for years, and they're pretty much everywhere. Hell, even my pizza delivery guy has a cellular credit card reader. But if I get more than 100km from the city core, the chances of finding a wireless card reader drop off significantly. When you get out into the sticks, the chances are virtually nil. They're expensive, and more rural areas don't move enough money to make it worth upgrading until the previous device dies.

Heck in some parts of the world they're still using the mechanical imprint devices that use carbon paper and hand-written prices.

Re:Whoopdie-doo

Always shoot my hard drives with 9mm hollow point before disposing them. Good luck recovering my files. Really, I can't understand why people don't think something so obvious as the need to shoot some holes in your hard drives before disposing them.

Re:Whoopdie-doo

[slippyblade]

I live in Phoenix, AZ. Over 5 million in the metro area so we are not a rural area by any stretch yet wireless card readers are amazingly rare. When I ran my small business I tried to get a wireless card terminal, it was almost impossible. For some reason the banks had no problem with me having a normal wired terminal, yet they wanted all kinds of extra checks, deposits, and payments for a wireless one. It was nuts.

Re:Whoopdie-doo

[CFD339]

How many Apple "Genii" (Genuses?) will bother to do a drive wipe? What about Geek Squad types? The red shirt guys (now there's a good name) in Staples? Even the ones who know -- will they wait the hour+ while the drive wipe happens?

If I still did stuff like that for a living (thank FSM I don't and haven't in 20 years) I'd b pulling the drives as untouched as possible until I new the data transfer worked as well as possible. Then I'm done -- would I have the discipline to then waste and hour more wiping a drive? Probably not when I was that age.

Re:Whoopdie-doo

[greg1104]

I tried running an in-home computer cleanup firm under the name of the Red Shirt Guys, but every time one of the consultants went on-site they died.

Re:Whoopdie-doo

[hairyfeet]

Or just keep an eye out by the dumpsters. You'd be amazed how many time companies would just sit computers out without even bothering to wipe squat. I've gotten to be friends with the handyman for my apt building and since he works also at some of the city buildings as well as a few businesses and he picks up any machines they are tossing because he knows i refurb PCs for poor folks and it just blows my mind how many times I've found CC numbers, tax forms, you name it on these machines.

Hell he called me once to bring out my truck because one of the local telecos were tossing their old towers when they upgraded. i got nearly 40 towers with nothing but the windows password between me and ALL their data. Of course being an honest man I simply nuked the drives and did clean installs but if I'd have been a bad guy the amount of data I'd have would have been insane. So think about that when you are giving your data to some company, you never know if they just sit their old machines on a curb somewhere.

But I have yet to see anyone recover data from a 3 pass DoD (sure a single zero out will do it, but I've found more companies will hand me machines if I tell them i'll DoD the machine) so please don't go for that insane "hey we'll shoot the drive!" kinda crap as there are a LOT of poor folks hurting in this economy and those old PCs can really help folks. So please just wipe and freecycle, its better for the environment and better for the poor folks around you.

Re:Whoopdie-doo

[agm]

I have not been to a restaurant that does this, and I eat out a lot. I always pay on my way out, and I do this by inserting my card into the little machine and entering my details. My card never leaves my possession (and nor should it). You're not assuming I live where you do are you?

Re:Whoopdie-doo

[agm]

Um, I'm assuming you don't live in the US, or are new to credit cards. Roughly 80% of the restaurants I've eaten in take your card with them to their register, swipe it, and then return it to you. Pretty common.

I live in New Zealand. Paying by "plastic" is pretty much the norm here, and increasingly so the retailer never gets their hands on our cards. The vast majority of restaurants here have you pay on your way out at the counter.

Re:Whoopdie-doo

[hairyfeet]

Well I can only answer that with an anecdote, but from a friend that worked for awhile at a GS to get some extra cash the answer to that question would depend on this one...is there any porn on the drives? MP3? Movies? how about pics of your GF? because he said that roughly half the guys he worked with had USB HDDs that had batch files that looked for anything they might want to snatch, which would explain why you always here of the CP guys getting busted by GS, they trip over the files looking for stuff to snatch.

While I haven't done this personally, in fact i pride myself on not knowing a damned thing about what is on a customer's PC as i don't snoop I just do my job, I can say i have seen this behavior at other shops in the past I even had a creepy coworker that used to brag about how large his MP3 and porn video collection was because he snatched any chance he got. Just one more reason to ask around and find out the rep of the shop you are going to AND to use encryption, hell even something as simple as a password protected zip or rar file would block most of these guys because they are looking for easy targets.

Personally after seeing that the transfer went fine I ask what the customer wants done with the drive and if they don't want it it gets boot and nuked and stuff in the spare drawer and since I keep an old machine in the corner just for that job it isn't a hardship. Many of the newer minitowers can't hold but a single drive at a time so I often end up with a pile of 80Gb-300Gb drives that i then use on refurbed machines for the poor, but it really creeps me out to think there are guys snooping around people's computers just looking for stuff to snatch, its too much like going through someone's underwear drawer...yuck.

Re:Whoopdie-doo

[BluBrick]

Always shoot my hard drives with 9mm hollow point before disposing them. Good luck recovering my files. Really, I can't understand why people don't think something so obvious as the need to shoot some holes in your hard drives before disposing them.

Wrong tool for the job.

A couple of decent blows with a hammer or the back of an axe will do the same job. There's no need to break out the firearms.

Re:Whoopdie-doo

So I guess the used PC market is going to dry up pretty quick....

Re:Whoopdie-doo

[Rick17JJ]

I could start by inserting the free Darik’s Boot and Nuke self booting CD, and wiping then hard drive. Then just to be extra thorough, I could shoot it several times with my .357 magnum. After that, I could take it back home and drop it off of a nearby hundred foot high cliff a couple of times. That should be more than adequate.

As BluBrick mentions, there are various alternatives to using a gun. After wiping the hard drive with Darik's boot and Nuke, I suppose I could just whack it repeatedly with the pointed end of our thick, heavy, 7 foot long steel digging bar, that I occasionally use for prying loose large rocks when digging by hand. The long, heavy steel bar, is an alternative to using a pick, when inserted into a crack, and prying loose large rocks.

A few blows with a sledge hammer would probably also smash the hard drive adequately.

Here is the link for getting the free Darik's Boot and Nuke self booting CD:

http://www.dban.org/

Re:Whoopdie-doo

9 in 10 probably moved the files to recycle bin. 1 in 10 forgot to do so.

Re:Whoopdie-doo

[tbird81]

I'm from NZ. We tend to do what you do, pay at the door as we leave.

When I've dined in the States I've felt obliged to leave the card in their little leather book thing. I think they do it that way to make tipping easier with cash. (You'd just add your tip, then round up, leaving the notes)

Fortunately in NZ we don't have to tip, so the waiters don't help to make an artificial situation where your credit card is at risk of being stolen by restaurant staff.

Re:Whoopdie-doo

[hey_popey]

Maybe 90% of people who sell their old drives before they stop working know how to properly wipe them... Do you sell your drives that still work?

Re:Whoopdie-doo

[advocate_one]

UK, they bring the portable reader to you for you to enter the PIN to authorise the transaction... manual swiping is very rare...

Re:Whoopdie-doo

[ckaminski]

I used to have this 10 pound industrial rare earth magnet. This thing was so tough I could put it on an i-beam and suspend 300+ pounds from it. I put it on a monitor once and fucked it all up for eternity.

That's what I used to use to wipe my hard drives. A trip through the tumbler with that thing and GOOD FUCKING LUCK getting anything useful.

Now I just use thermite and turn it into slag.

Re:Whoopdie-doo

[ckaminski]

If they weren't encrypted, you wouldn't even need that. Boot up Knoppix and mount the disks and have it at. I used to use Knoppix as a cheap version of Ghost and data recovery tool for years when I was doing helldesk.

Re:Whoopdie-doo

[mcgrew]

Hell he called me once to bring out my truck because one of the local telecos were tossing their old towers when they upgraded. i got nearly 40 towers with nothing but the windows password between me and ALL their data.

The Windows password doesn't protect shit. Just put a Linux install CD in, run it in the "test this out to see if you like it mode" and all those data are there for you to take.

All the Windows pasword does is protect Microsoft.

Re:Whoopdie-doo

[tlhIngan]

Always shoot my hard drives with 9mm hollow point before disposing them. Good luck recovering my files. Really, I can't understand why people don't think something so obvious as the need to shoot some holes in your hard drives before disposing them.

Wrong tool for the job.

A couple of decent blows with a hammer or the back of an axe will do the same job. There's no need to break out the firearms.

Obviously not from the US, I take it. Sure there's no need to use a firearm to destroy hard drives, but damn, if you have the weapon, the time and opportunity, why not?

Hammers work, yes, but still.

Re:Whoopdie-doo

[drsmithy]

I don't understand this comment - I have never been to a restaurant where my credit card (or debit card) leaves my possession. And I always pay by either one of them. You actually give someone else your credit card and they then leave your sight with it?

Yes. Completely normal in Australia [for restaurants that have table service].

Also par for the course in other places I've lived and/or spent any significant amount of time - UK, Switzerland, France, USA.

Re:Whoopdie-doo

[rnturn]

Not at McDonald's.

(I don't consider that a ``restaurant'', though. I'm guessing the grandparent poster does.)

Re:Whoopdie-doo

I think he knows that.

Re:Whoopdie-doo

Agreed. I know that I saw a study on this, within the last year too. The outfit acquired drives from multiple sources. As I recall, 60-90% of ALL mass storage devices had data on them.

That wouldn't all be super sensitive data mind you, but at those rates you know there is some stuff that shouldn't really be public.

Don't sell hard drives!

Take them out, smash it with a sledgehammer and toss the scraps.

Re:Don't sell hard drives!

All the hard drives I've purchased, beginning around the 2TB mark, are self-destructing in about 2 years, anyway. Who needs a sledge hammer?

Re:Don't sell hard drives!

[pkinetics]

I prefer the ballistic solution. The reflective coating makes them a little easier to follow with open sights...

Simple solution

[AmiMoJo]

Require vendors to accept HDDs back for wiping, the same way they are required to accept batteries back for recycling. When you are done with your PC you can take it back to where you bought it for secure erasure, or optionally they could just send you a CD (or why not just include it in the box) that wipes the HDD and maybe puts it back to factory settings.

Re:Simple solution

[YodasEvilTwin]

So it will be the vendor or its employees selling your data instead. Or perhaps the government will force them to scan for any terrorist plots you might have been concocting before forcing them to wipe the drives.

Re:Simple solution

[DigiShaman]

Used HDDs are not worth reselling due to the MTBF rate being met or exceeded. So you want secure your data by recycling your drive? Shred them!

Re:Simple solution

[couchslug]

That would increase what I pay for hard disks.

A shot with a hammer is cheaper than postage. Boom, done.

Re:Simple solution

[carnivore302]

Put your data on a raid5 or 6 array. Every once in a while one fails, but you won't have to fear anybody can recover the data on it. For that, they would need the other disks as well.

Simple!

Re:Simple solution

[allo]

i think you do not understand statistics. MTBF does not mean, your drive will fail at the MTBF date.

Re:Simple solution

[allo]

this is not true.

on a raid5, you can have the disks arranged like:
disk1: data, AS IS
disk2: more data, AS IS ...
diskN: disk1 XOR disk2 XOR ... XOR diskN-1

diskN is quite useless to get the data, but the other disks contain the data the way it is.

Re:Simple solution

[carnivore302]

well, let them have my porn then.

Re:Simple solution

[DigiShaman]

I never said it did. But like an odometer, S.M.A.R.T. Power_On_Hours gives a good indication whether or not you're getting closer to the end of a theoretical lifespan.

Re:Simple solution

they could just send you a CD (or why not just include it in the box) that wipes the HDD and maybe puts it back to factory settings

I see what you did there.

I've never sold a working harddrive in my life

[CubicleView]

And won't until this worrying trend of not including magnets in hard drives catches up to me.

Re:I've never sold a working harddrive in my life

[DarwinSurvivor]

You obviously have no idea how a harddrive works...

Re:I've never sold a working harddrive in my life

[realityimpaired]

You obviously have no idea how a solid state drive works....

Re:I've never sold a working harddrive in my life

[Gaygirlie]

I suggest both you and the OP take a good look at the ATA-specification's part called 'Secure Erase': https://en.wikipedia.org/wiki/Write_amplification#Secure_erase

The ATA Secure Erase - feature is a process where the hard-drive itself re-initializes all its content, including the spare sectors - area, thereby erasing more than you can regularly access via an operating system and as the whole process is handled by the drive itself it does not consume any other resources from the host except power. More importantly, ATA Secure Erase is supported by SSDs, too.

Re:I've never sold a working harddrive in my life

[CubicleView]

Interesting but not really necessary for me. The point of my joke/ completely truthful comment is that I've never owned an SSD and I've never sold a HDD. I have owned several 10 gig etc worthless (to me) harddrives which I've, without exception, torn to bits to get at the magical rare earth toys they contained. Oh and word to the wise, wear eye protection when unwrapping your magnets, those platters can shatter.

Re:I've never sold a working harddrive in my life

[allo]

you really trust the drive vendor not to fuck up / implement backdoors? They could just implement the wipe by storing in the controller firmware "return only 0s for blocks not written since 'secure erase'", so i.e. some TLA-Agency could still recover data by using another firmware.

Re:I've never sold a working harddrive in my life

[Gaygirlie]

Your tinfoil hat might be a tad bit too tight there, mate.

Re:I've never sold a working harddrive in my life

[realityimpaired]

Interesting reading, but what does it have to do with the presence or absence of magnets in an SSD? :)

The OP commented that he was fine simply removing the magnets from hard drives, leaving them unusable (which isn't exactly true, because you can still read the information if it's on the platter and the platter hasn't been destroyed), and that this would continue to work until the trend of there not being magnets in hard drives (meaning SSD's) caught up with him. The person he replied to said that this clearly meant he didn't understand how hard drives work (which is true... magnetic storage drives can still be read even without the magnet, but wasn't what the OP was talking about). Thus my reply, pointing out that there's no magnets in an SSD. :)

I usually hang on to hard drives for at least a year after removing them from computers, in case there's some information I missed when copying my data over. Even then, until I need the space, I still have old hard drives. And when I am ready to recycle them, I pass them through DBAN before taking them to the computer recyclers. That last bit is theoretical, though... I haven't actually tossed a hard drive in almost 10 years now.

Re:I've never sold a working harddrive in my life

[Gaygirlie]

The OP commented that he was fine simply removing the magnets from hard drives, leaving them unusable (which isn't exactly true, because you can still read the information if it's on the platter and the platter hasn't been destroyed)

That was kind of my point: removing magnets from the drive does not make the data there unreadable, it only makes it a tad bit more difficult. Ie. if he is removing magnets as a means of trying to make the data inaccessible he should rather do a Secure Erase first. Of course, if he doesn't care about that and just wants the magnets to toy with then I got no complaints :)

I pass them through DBAN before taking them to the computer recyclers.

With DBAN one must make certain to use the ATA-6 wipe method to also clear out remapped sectors, something it doesn't do by default. And DBAN apparently does not support wiping out HPA at all. How important it is to wipe out remapped sectors and HPA is certainly an entirely different matter and for most regular users is irrelevant because of how difficult it is to access those, but with today's drives having multiple gigabytes -- even tens of gigabytes -- of sectors reserved for remapping it is entirely possible for passwords and other important bits to end up there and thus it would likely make sense to be properly prepared and clear those out, too.

Anecdote

[PPH]

A few years back, I happened to visit my dentist's office just after he had all of his workstations upgraded. By the medical/dental s/w maintenance vendor's technician. While the tech was standing there, I asked my dentist what he was going to do with all his old PC's. Donate them to a local school, he said. I asked if there was any patient data on them. He told me that the vendor's tech had reformatted the hard drives, so that wouldn't be a problem. I asked him (within earshot of that tech) if he had ever heard of the 'unformat' command. I then suggested that he have the vendor investigate DBAN before letting these machines off the property.

I don't know who is responsible for the loss of patent data under HIPAA regulations. But I'd hope that vendors specializing in medical IT support would.

Re:Anecdote

[The+MAZZTer]

A "quick" format does not erase the data on the drive. A full format would, however (the drawback being a quick format is extremely fast and does not scale in time based on the drive size).

A full format should be enough to keep most people from recovering the data without cracking the drive open and examining the physical platters.

Re:Anecdote

[SecurityGuy]

I don't know who is responsible for the loss of patent data under HIPAA [wikipedia.org] regulations

Your dentist is. They can transfer or share that responsibility with the IT vendor through a business partner agreement, but there's no magic claim of "Oh, I thought the IT vendor would know what to do!"

That said, pretty much nobody gets fined under HIPAA. The first fine wasn't that long ago:

http://threatpost.com/en_us/blogs/hipaa-bares-its-teeth-43m-fine-privacy-violation-022311

Re:Anecdote

> full format
I don't think that means what you think it means.
"Formatting" means writing data which is required for normal operation. That may include writing a partition table, root directory and FAT (high-level format), or it may involve writing sector headers (low-level format).
A high-level format won't erase sensitive data, and modern hard drives cannot perform a low-level format.

Only 1 in 10?

[hahn]

I would venture to guess that most people don't realize that deleting a file doesn't completely wipe it. The bigger question is, how many people who buy or receive those second hand-drives are looking to recover the data, and what % of them would do something with it that would NOT be okay with the original owner. I'd like to think not that many. But then again, I wouldn't be surprised if there were scammers who look to buy cheap used drives to see if they can dig up some useful info on it. Seems to me that would be higher yield than trying to phish for it with spam, and easier than trying hack websites.

Stop saving hard drives. They aren't valuable.

[couchslug]

I don't go over handwritten documents with a fucking eraser to re-use the paper.

Take a hammer (nearly everyone has one of those) and smash the hard disk to destroy the platters. Hard disks are cheap enough to be expendable if they have "classified" or confidential information on them.

HIPAA should mandate drive destruction when the drive is no longer needed.

Re:Stop saving hard drives. They aren't valuable.

[Gordonjcp]

Taking a hammer to them is too much effort. A single pass of "dd if=/dev/zero of=/dev/sd" will utterly destroy all the data beyond any hope of recovery.

Re:Stop saving hard drives. They aren't valuable.

A hammer is more fun, and you might lose some weight.

Re:Stop saving hard drives. They aren't valuable.

[Trogre]

Well the weight of an eye at least, if you happen to strike a drive with glass platters.

Re:Stop saving hard drives. They aren't valuable.

[greg1104]

Let's say a typical drive is 100GB and writes at 100MB/s. That will average over 15 minutes to write zeros to every sector on the drive. The destructive throughput of a hammer is pretty fast compared to that.

Re:Stop saving hard drives. They aren't valuable.

[tunapez]

Bonus benefit, free neodymium super-magnets to amaze your friends! If it's a platter device, anyway.

Re:Stop saving hard drives. They aren't valuable.

[Gordonjcp]

Yeah, but you actually have to *do* it, as opposed to typing a single command and then going and doing something more fun for 15 minutes.

And at the end of it, you've got a working totally blank hard disk, or it shows up incipient failing sectors.

Re:Stop saving hard drives. They aren't valuable.

[1u3hr]

Let's say a typical drive is 100GB and writes at 100MB/s. That will average over 15 minutes to write zeros to every sector on the drive. The destructive throughput of a hammer is pretty fast compared to that.

Depends whether you value you own time more than the computer's.

It's a lot more time and effort to open the case and take out the drive, get a hammer, get a bag or something to wrap the drive in, dispose of the pieces of the drive, close the case, put the hammer back in the shed, than to insert a nuke boot CD and do something useful while it chugs away.

Re:Stop saving hard drives. They aren't valuable.

[couchslug]

More people own hammers than know Unix.

The problem is not a geek problem.

Re:Stop saving hard drives. They aren't valuable.

[careysub]

Taking a hammer to them is too much effort. A single pass of "dd if=/dev/zero of=/dev/sd" will utterly destroy all the data beyond any hope of recovery.

This does not cover the case though of the hard drive being taken out of service due to flaky behavior developing with age. In that case you cannot assume that the drive ill erase itself properly (or at all if is fails out right). Now such a drive is not likely to be ever resold or reused, and it might require a malefactor to actually fix the drive in some way before recovering data from it, but the platter is still readable and a security risk.

Besides whacking with a hammer is fun. Get a big hammer! (But wear eye protection.)

Re:Stop saving hard drives. They aren't valuable.

[ckaminski]

For the average Joe, yes. But writing zeroes introduces a pattern, and high-tech equipment can pick up "leakage". Better to use if=/dev/urandom instead.

Still not enough to protect you from industrial tools, but enough to protect you from Joe Hacker who also has access to dd.

Re:Stop saving hard drives. They aren't valuable.

[Gordonjcp]

No, there is no "leakage" to speak of, and no way to separate out the old data that may have left residue. Once a bit is overwritten, it's *gone*.

No, the NSA do not have a big magic machine that can do it.

Re:Stop saving hard drives. They aren't valuable.

[swalve]

I've taken apart a lot of hard drives (their aluminum carcasses being fairly valuable at the recycling center), and I've never seen a platter made of glass. Do they even use glass anymore? I'd have to think not because of the speeds involved.

Re:Stop saving hard drives. They aren't valuable.

[swalve]

I think that was theoretically possible on older drives (like the old MFM drives and maybe old mainframe drives), but certainly not any more. And even if they did, they wouldn't tell anyone. They would just use it to quietly gather information from unsuspecting targets, and then "git" them through some other method.

Re:Stop saving hard drives. They aren't valuable.

[Gordonjcp]

Exactly - old drives actually did use 0-to-1 and 1-to-0 transitions to mark bits. Modern drives use a technique more like QAM to pack many bits into a transition. Once it's gone, there's no picking apart a residual signal from what's there.

Re:Stop saving hard drives. They aren't valuable.

Unless you tried bending them, you probably wouldn't know they were glass. They shatter, so make sure you have eye protection and get ready to clean up the explosion of glass splinters.

Re:Stop saving hard drives. They aren't valuable.

[Trogre]

Some models of IBM DeathStar, oops sorry DeskStar disks had glass platters. I have encountered two of these in my hard-drive smashing expeditions, thankfully with suitable eye protection.

I guess they wouldn't have the same thermal expansion/contraction issues that metal ones had, at the expense of being more brittle.

It's not all bad

[Lord_of_the_nerf]

I uncovered porn and tons of what's now 'abandonware'. Thanks, 16-year old boy from 1996 (I assume)!

1 in 10?

Wouldn't it have been quicker to say 50%?

Re:1 in 10?

[Fireking300]

1 in 10 is 10%

Re:1 in 10?

[Grygus]

To be fair, he didn't say it would be remotely accurate; only quicker.

Maybe he works for a news organization.

Re:1 in 10?

[houstonbofh]

1 in 10 is 10%

Not in binary...

Re:1 in 10?

[tunapez]

110010% ?

I always smash my old drives with a hammer

[FudRucker]

and then bury them in the back yard and water em real good with a water hose, by the time somebody finds those they'll be as rusty as a pre WW2 jalopy

Re:I always smash my old drives with a hammer

[couchslug]

I harvest the sweet, sweet magnets and scatter them in handy spots around my shop.

If you slide a couple of magnets inside a Zippo between the wadding and the inner case, your lighter will stick to your tool box, cabinet, etc.

Don't pry the magnets off their keepers as they are brittle. Heat them slightly over a stove or lighter and the glue will loosen whereupon you can slide them off.

Re:I always smash my old drives with a hammer

Ditto this. Magnets are cool and if you find really old hard drives they are huge!

Re:I always smash my old drives with a hammer

[swalve]

I got some real nice ones out of some 2.1 gb 1.6" server drives that were laying around. The things were like 8mm thick.

Only?

[Internetuser1248]

Every 2nd hand hard disk I have ever acquired has had personal data on it. None of the previous owners had even attempted to delete the data all the filesystem pointers were intact. On the other hand none of them ever had any useful data on them, unless I wanted to embarrass the previous owner by sending their porn collection to their wife/parents.

Re:Only?

[doesnothingwell]

to embarrass the previous owner by sending their porn collection to their wife/parents.

Found some porn once on old harddrive it looked like his wife, the joke was on me.

Thorough reformatting tool

[wilson_c]

My company donates quite a bit of good used computer equipment every year, but I am very careful to remove all drives and reformat them. With a drill bit.

Re:Thorough reformatting tool

[jdschulteis]

My idea of a thorough reformatting tool is thermite.

Re:Thorough reformatting tool

[mcgrew]

Saltpeter and sugar will do the job more safely and just as effectively. It'll burn damned near anything, you can even burn a hole in a cinderblock with it.

Exactly

[CFD339]

I'd have guessed 9/10 would have data on them. Higher than that if you could real serious forensics and not just dripping the used drive in a reader.

Sold hard drive with photos of my big dong

I sold a hard drive which I purposely left full of pictures of my big dong. I believe that the new owner would benefit very much from seeing the bigness of my dong!

Windows Vista will Wipe a Drive

Since Windows Vista a full format using the standard Windows format command will wipe a hard drive by writing 0x00 to every cluster before rebuilding the file system areas.

See: http://support.microsoft.com/kb/941961

A fool proof method

[dark+grep]

A few years ago I resigned from a company on less than perfect terms. They took the laptop I had been using and sent it for forensic analysis (for some paranoid reason I can only guess). Anyway, the day before I left I had reformatted the drive and loaded Ubuntu to replace the Windows 2000 OS that was on there.

The report from the (so called) forensic lab was that I had 'used powerful encryption to hide the contents of the hard drive'. Hell, I didn't even use a proper overwrite format, just the fast format option.

So there you go. Either a 10 minute Linux install will beat a professional forensic investigation, or it's proof against fools. I favor the latter.

Re:A fool proof method

[swalve]

HA! That's awesome.

What about 'New' drives

[crispi]

Some dodgy retailers in Australia have been re-shrink-wrapping used hard disks and selling them as new again.

Typically this seems to be with resellers that offer a 7-day money back no-quibble guarantee.

Should I worry?

[Hognoxious]

My files don't have any buttons. Should I be worried?

Or sold as new...

[Geeky]

I bought a USB drive from PC World last year. Sold as new. Got it home, found that my Windows PC wouldn't recognise the file system - it was formatted, and I could see the hardware, but the drive wasn't showing up. Out of curiosity I hooked it up to a Linux machine and had a nose. Turns out it was HFS formatted. Not only that but it had someone's time machine backup on it.

So not only was the drive - probably illegally - sold as new when it was, in fact, second hand, but PC World hadn't even done a basic format of it.

Needless to say I returned it and gave the manager a bit of a hard time...

Re:Or sold as new...

[bonehead]

Heh...

Just yesterday I had to return a 1TB external drive to Best Buy that actually contained somebody's old 80GB drive in the enclosure.

As if I wasn't pissed off enough at the hassle, and the fact that I believed I was buying a new drive and not a return, I also had to argue for 20 minutes and call in a store manager because they accused ME of being the one who made the swap.

People are bastards.

Well who is to blame?

One cannot argue with ignorance. One has to understand that most people are arrogant and do not understand. That is not your fault, but what beggars belief is how these drives ended up in the wrong hands in the first place and why would you resell the drives as new?

All you have to do is the following;

1, Gutmann pass http://en.wikipedia.org/wiki/Gutmann_method
2, Then if you are not paranoid enough overwrite the drive with Zeros and you can do this Hiren's Boot CD.

The only forensics left is the serial number of the Hard Drive which is embedded and ties MAC/Hardware codes together!

Normally at this stage you might as well have done a good job of taking a hammer to it and then throwing thing the thing into a blast furnace.

Whilst I am at it http://www.microsoft.com/industry/government/solutions/cofee/default.aspx

This is what is used;

arp.exe -a
at.exe
autorunsc.exe
getmac.exe
handle.exe -a
hostname.exe
ipconfig.exe /all
msinfo32.exe /report %OUTFILE%
nbtstat.exe -n
nbtstat.exe -A 127.0.0.1
nbtstat.exe -S
nbtstat.exe -c
net.exe share
net.exe use
net.exe file
net.exe user
net.exe accounts
net.exe view
net.exe start
net.exe Session
net.exe localgroup administrators /domain
net.exe localgroup
net.exe localgroup administrators
net.exe group
netdom.exe query DC
netstat.exe -ao
netstat.exe -no
openfiles.exe /query/v
psfile.exe
pslist.exe
pslist.exe -t
psloggedon.exe
psservice.exe
pstat.exe
psuptime.exe
quser.exe
route.exe print
sc.exe query
sc.exe queryex
sclist.exe
showgrps.exe
srvcheck \127.0.0.1
tasklist.exe /svc
whoami.exe

Easily defeated! But COFEE is for brain dead law enforcement!

Thermite

[ckaminski]

This is why I keep a small quantity of thermite handy. The only proper disposal for my hard drives is complete and utter destruction.

Re:50%

[DocSavage64109]

Nice. The 0 mod shows how few understood the joke.

Re:50%

[mcgrew]

It's siting at -1 now. Sad, there used to be a few nerds at slashdot who would appreciate a joke like that. But you know there are 10 kinds of people, those who know binary and those who don't.

Re:50%

Well, -1 is the largest possible unsigned score...

Windows Vista and 7 can Wipe a Drive

Since Windows Vista a full format in windows WILL wipe a drive.

See: http://support.microsoft.com/kb/941961