Slashdot Mirror
Ask Slashdot: How To Clean Up My Work Computer Before I Leave?
An anonymous reader writes "I'm leaving my current job for a new one. I've been at this job for 10+ years so I'm sure there is tons of personal stuff stored on my machine. Since I can't take it with me does any one have a suggestions of tools or practices to clean off all of that data. I've already got my personal documents and files. I'm most worried about CC, debit card numbers and web site passwords I've used in browsers. Does clearing the cache, cookies, temp files do a good enough job? BTW it's a Windows 7 system if that makes a difference."
Boot a Linux live-cd and type dd if=/dev/zero of=/dev/sda
Clear your browser including flash cookies and cache, clear temp folders, uninstall and wipe the folders of any chat apps you may have been using, and that's good enough unless you think they're going to use a file recovery app on your hard disk.
"When information is power, privacy is freedom" - Jah-Wren Ryel
http://www.dban.org/ Works wonders :)
Depend on your IT setup, but if an option, just ask your sysadmin to re-image it. Don't discount the obvious and direct route. It's a reasonable request, you have justification, and if you are on good terms with the IT department I'm sure they'll hook you up.
Boot it, Nuke it. http://www.dban.org/
Agreed. http://www.dban.org/ (although you should probably verify with your IT that they simply reimage old machines).
LegendMUD
If you work for the NSA, that might not be good enough, but it should be for the majority of people.
Reformatting DOES NOT get rid of files. Programs like TestDisk can easily recover the data. I know from personal experience, reformatted my NTFS XP hard drive to FAT32. Used TestDisk to completely recover the drive, like nothing every happened. Well, I had to use SuperGrub to fix the MBR, but a minor hitch.
Ummm...my math may be a bit off here but...
Delete your profile Control Panel->System->Advanced system settings->Advanced -> User Profiles -> Select and delete.
Given that it's Windows 7, I'd recommend sdelete (http://technet.microsoft.com/en-us/sysinternals/bb897443.aspx) for the free-space wipe.
Just because an company as an entity is not going to do so, doesn't mean that some guy in the IT will use completely free programs, like TestDisk, to poke around on a computer. People do do this you know. I have heard stories from IT guys I knew about people in their department doing this, though I have no proof it ever occurs anywhere. I do know that employees at restaurants have gotten got stealing CC numbers and the like, hotels etc. The point is, just because you can trust the company as a whole, doesn't mean you can trust that all the individuals in it are ethical/moral. Indeed I would argue the exact opposite that you can trust that at least one employee in the company is not ethical/moral.
Even if you grenade that PC to hell and make him sufer, , me...an admin, can have access to his files on his computer. All I need is the network admin access or his own access and I have everything he had since it's stored on the network. All I have to do is access his account and I'll will start to sync all the info and data that is syncable...even cookies if I did that. So dban is useless in a network environment. He just has to delete the files, cookies and other data on his computer so the data on the network will be wiped out in the next even (logoff or next log on usually)
Why not? Reimaging the disk should write to every bit on the disk, right?
no, it doesn't.
That is, unless "reimaging" has been changed to mean "create a new partition over the old one and recursively copy the appropriate directory structure and files to it". But that would be a misnomer. If it's not bit for bit identical, it's not a disk image.
"Reimage" hasn't meant "dd" is a long time. Most programs like ghost or partimage create a new partition over the old one and recursively copy the appropriate directory structure and files to it. There's a reason why wiping a 3TB disk with one pass takes two days but deploying an image to it can take as little as five minutes.
Alternatively if unable to download files from the 'net, run this from within CMD:
cipher /w:c:\
It'll achieve the same thing as sdelete-ing - wiping free space on c: and it's built into windows.
Windows Pro versions contain cipher.exe, and that can wipe free space as well
/W:[drive letter]:\
cipher
INAL but a complete wipe could be construed as destruction of employer owned data. I suggest a less invasive approach using Eraser from http://sourceforge.net/projects/eraser/ Uninstall the non standard software, use Eraser to wipe the personal and non business related files. Shrink the paging file to minimum size and run an erase of free space. A single pass should be adequate*. Then go to http://hubblesite.org/gallery/album/entire/pr2003011a/warn/ and download the 16,000x16000 pixel image of the Helix nebula. Open multiple copies of this image until the system forces an expansion of the paging file. While this isn't a military grade approach it will leave the system intact. An intact system with business docs isn't suspicious. A freshly wiped system might draw attention.
* Guttman only proposed his thirty-five pass hypothesis; so far as I can tell the hypothesis has never been tested on a real hard drive. The original hypothesis was based on disk drive technology in the mid nineties about the time magneto resistive technology entered the supply chain which suggests Guttman's research was on older disk drive technology. Does anyone know if forensics has ever recovered data from an overwritten hard drive?
Regardless, he cannot do anything like this to the computer. He is liable if something goes missing and they suspect he deleted it.
If he was that concerned about this information, he should have used his own computer.