Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: How To Clean Up My Work Computer Before I Leave?

Posted by timothy on from the lysol-in-all-the-vents dept.

An anonymous reader writes "I'm leaving my current job for a new one. I've been at this job for 10+ years so I'm sure there is tons of personal stuff stored on my machine. Since I can't take it with me does any one have a suggestions of tools or practices to clean off all of that data. I've already got my personal documents and files. I'm most worried about CC, debit card numbers and web site passwords I've used in browsers. Does clearing the cache, cookies, temp files do a good enough job? BTW it's a Windows 7 system if that makes a difference."

46 of 547 comments (clear)

  1. Nuke it from orbit by GameboyRMH · · Score: 5, Funny

    It's the only way to be sure.

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
    1. Re:Nuke it from orbit by admdrew · · Score: 5, Informative

      Agreed. http://www.dban.org/ (although you should probably verify with your IT that they simply reimage old machines).

      --
      LegendMUD
    2. Re:Nuke it from orbit by lorenlal · · Score: 5, Insightful

      If the IT department doesn't reimage old machines, then original poster should be even more inclined to DBAN that thing.

    3. Re:Nuke it from orbit by logical_failure · · Score: 5, Insightful

      DBAN is the only thing I would recommend. Simply re-imaging the machine is not enough.

      --
      Sock Puppets: damn_registrars=pudge_confirmer=jimmy_slimmy=raiigunner=cml4524=a_klavan=red4men=ronpaulisanidiot
    4. Re:Nuke it from orbit by dAzED1 · · Score: 5, Insightful
      damaging the computer in any way (yes, I know the "nuke it" comment was a joke...but the other comments in the thread aren't) is a great way to lose a final paycheck, or otherwise have your former employer be very unhappy with you. You have work on your computer that shows your thought processes while you were doing certain tasks...notes, etc. If something goes wrong 4 months from now, they may want to check those notes.

      Why would your credit card info be on the box, again? I know I already asked, but...huh? What year is this...did I go back in time?

    5. Re:Nuke it from orbit by jellomizer · · Score: 5, Insightful

      For systems with limited access. Where Whipping the PC isn't an option. I would suggest the following.
      Delete Cache, and Cookies, Clear up your Document Folders.

      Then I would run a program that fills the disk with a large file ( or several large files, of random data)
      then Delete that file.
      Then Defragment the drive.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    6. Re:Nuke it from orbit by Thundaaa+Struk · · Score: 5, Funny

      Bit Locker the SOB and then take a crap on it...ain't no one touching it after that.

    7. Re:Nuke it from orbit by JohnFen · · Score: 3, Insightful

      This is true, but for his purposes, reformatting is very likely just fine. No employer is going to go to the hassle and expense of data recovery unless they're actively investigating wrongdoing or the employee deleted critical data. And if the employer suspects wrongdoing, then the employee is probably already busted by the keylogging & monitoring software they would have installed.

    8. Re:Nuke it from orbit by SkimTony · · Score: 4, Informative

      Given that it's Windows 7, I'd recommend sdelete (http://technet.microsoft.com/en-us/sysinternals/bb897443.aspx) for the free-space wipe.

    9. Re:Nuke it from orbit by tripleevenfall · · Score: 5, Funny

      When a problem comes along, you must whip it.

    10. Re:Nuke it from orbit by durrr · · Score: 5, Funny

      Leave a DBAN disk labled "Private moments with my wife" in the optic drive as you walk out the door for the last time.

      Call in two months later and ask how long your replacement lasted.

    11. Re:Nuke it from orbit by fluffythedestroyer · · Score: 3, Informative

      Even if you grenade that PC to hell and make him sufer, , me...an admin, can have access to his files on his computer. All I need is the network admin access or his own access and I have everything he had since it's stored on the network. All I have to do is access his account and I'll will start to sync all the info and data that is syncable...even cookies if I did that. So dban is useless in a network environment. He just has to delete the files, cookies and other data on his computer so the data on the network will be wiped out in the next even (logoff or next log on usually)

    12. Re:Nuke it from orbit by Joce640k · · Score: 4, Interesting

      Who says there's an "IT department"? It might be three guys in a basement.

      (As per usual, Ask Slashdot has posted an incomplete question...)

      --
      No sig today...
    13. Re:Nuke it from orbit by Culture20 · · Score: 4, Informative

      Why not? Reimaging the disk should write to every bit on the disk, right?

      no, it doesn't.

      That is, unless "reimaging" has been changed to mean "create a new partition over the old one and recursively copy the appropriate directory structure and files to it". But that would be a misnomer. If it's not bit for bit identical, it's not a disk image.

      "Reimage" hasn't meant "dd" is a long time. Most programs like ghost or partimage create a new partition over the old one and recursively copy the appropriate directory structure and files to it. There's a reason why wiping a 3TB disk with one pass takes two days but deploying an image to it can take as little as five minutes.

    14. Re:Nuke it from orbit by RatherBeAnonymous · · Score: 4, Informative

      Windows Pro versions contain cipher.exe, and that can wipe free space as well

      cipher /W:[drive letter]:\

    15. Re:Nuke it from orbit by djl4570 · · Score: 5, Informative

      INAL but a complete wipe could be construed as destruction of employer owned data. I suggest a less invasive approach using Eraser from http://sourceforge.net/projects/eraser/ Uninstall the non standard software, use Eraser to wipe the personal and non business related files. Shrink the paging file to minimum size and run an erase of free space. A single pass should be adequate*. Then go to http://hubblesite.org/gallery/album/entire/pr2003011a/warn/ and download the 16,000x16000 pixel image of the Helix nebula. Open multiple copies of this image until the system forces an expansion of the paging file. While this isn't a military grade approach it will leave the system intact. An intact system with business docs isn't suspicious. A freshly wiped system might draw attention.

      * Guttman only proposed his thirty-five pass hypothesis; so far as I can tell the hypothesis has never been tested on a real hard drive. The original hypothesis was based on disk drive technology in the mid nineties about the time magneto resistive technology entered the supply chain which suggests Guttman's research was on older disk drive technology. Does anyone know if forensics has ever recovered data from an overwritten hard drive?

    16. Re:Nuke it from orbit by VolciMaster · · Score: 4, Interesting
      For a Mac or Linux machine, I run a dd from /dev/urandom into a file until it crashes (that way apps are still "ok" .. but a reimage is an option, too).

      For Windows, I either reimage myself, or erase/uninstall everything and then run a simple script to dump 1s into a file till it crashes.

      If you're really worried people are going to be poking around your laptop, don't use it for personal work. It IS a work machine, after all.

      If you "need" to use the work machine for personal work, do it in a VM. You can move the VM off later, and then just overwrite that part of the disk on the host.

      --
      antipaucity
    17. Re:Nuke it from orbit by ottothecow · · Score: 4, Insightful
      I'm always confused by posts like this (which pop up every time there is a topic about use of work hardware).

      People use their work computer to do personal things all of the time in ways that are allowed by policy. Your company may not allow personal/incidental use but are you so thick-headed that you can't realize that most companies do?

      Same with the old data. Is it not conceivable that IT might move the user's home directory and similar things to a new machine? I thought this was pretty much standard practice. I certainly have files on my current desktop dating back to when I was in middle school...maybe its a carpenter's hammer type of thing ("its my favorite computer, I've had it for 15 years, and only replaced the OS 6 times and the hardware 4 times") but its certainly not unreasonable to have a large accumulation of stuff on a "new" machine after 10 years. What kind of slashdot poster wouldn't realize that this kind of stuff is easy to transfer to a new system?

      Then again, you say your work computer is 10 years old so maybe your company really doesn't have a clue what its doing and yet you continue to work there.

      --
      Bottles.
    18. Re:Nuke it from orbit by icebike · · Score: 5, Interesting

      Forensics has never recovered more than a few random bytes, not so much as a single sentence in real world tests of single pass over-writes.
      Even using electron microscopes and the whole nine yards. The more you research this issue the more you realize all (yes ALL) the stories are based on contrived situations where they researchers knew EXACTLY what was written previously, EXACTLY where, and EXACTLY what it was over written with.

      Even three letter agencies don't even bother trying on disks they know have been overwritten. Nobody has demonstrated it in the real world on ANY hard drive, let alone a recent one.

      --
      Sig Battery depleted. Reverting to safe mode.
    19. Re:Nuke it from orbit by lgw · · Score: 4, Funny

      Seriously. There's even a song about it:
      "FDISK, format, re-install, do-dah, do-dah
      FDISK, format. re-install, all the do-dah day"

      --
      Socialism: a lie told by totalitarians and believed by fools.
    20. Re:Nuke it from orbit by Yaztromo · · Score: 4, Insightful

      Why would your credit card info be on the box, again? I know I already asked, but...huh?

      I don't know about the askers workplace, but at my workplace if we need to book work-related travel we use a corporate website to book, but have to provide a credit card to charge the flights, hotels, and car rentals. We then get to expense it, along with whatever meals and incidentals were required for the trip.

      Some people in the organization have a corporate credit card, but most of us don't. The benefit of using a personal card for this sort of booking is that if you have a card that gives you any sort of points per dollar purchase, you get them. The company has always been responsive to quickly repaying the expense.

      So one day I'll probably be in a similar position as the asker, with the exception that I run an OS that has a secure free space wipe feature built-in to get rid of any traces of anything I delete.

      Yaz

    21. Re:Nuke it from orbit by shaitand · · Score: 3, Insightful

      He isn't liable financially for anything he does within the scope of his employment. If you screw up work in a way that costs the company a million dollars they are more than justified in canning you but you don't owe them the million.

      I would definitely at least do a couple passes with random data on the drive.

    22. Re:Nuke it from orbit by Minwee · · Score: 5, Funny

      Nice try. Which three letter agency do you work for?

      AOL.

    23. Re:Nuke it from orbit by jmerlin · · Score: 3, Interesting

      When I was doing re-imaging, it was SOP to make a ghost copy of the current drive for backup purposes (this step was only done when we were moving a person to a new computer, so as to keep their data intact, for leaving employees, there was no backup), DBAN the machine, then re-image it with a golden image.

      When we said "re-image" that's what we meant. We had stations set up with like 10 drives attached for DBAN purposes. I always meant to make a little device that could run DBAN that would plug directly into an IDE device (or use an IDE/SATA converter) and DBAN the entire disk by simply plugging in the cable, the power, and hitting the big red button. I could probably sell those. Hold on, brb, getting a patent.

  2. dd by Anonymous Coward · · Score: 5, Informative

    Boot a Linux live-cd and type dd if=/dev/zero of=/dev/sda

    1. Re:dd by Anonymous Coward · · Score: 5, Informative

      dd if=/dev/zero | tee | /dev/sda will write them to your screen as well

      dd if=/dev/urandom bs 1024k | tee | dd of=/dev/sda bs=1024k is better for security and ASCII bells, as well as ruining your termcap temporarily and erasing faster.

      pv -ptres "Size of disk in gigabytes followed by a G" /dev/urandom | dd of=/dev/sda bs=1024k will provide a nifty progress bar

    2. Re:dd by jabuzz · · Score: 4, Interesting

      Better yet a few days or a week or so before you leave do

      dd if=/dev/zero of=/dev/sda skip=512

      That way you leave the partition table and first stage of the boot loader so it will look like the install is busted. You can then ring up IT and say your computer no longer boots and can they fix it. They will then happily reimage the machine :-)

  3. OK more seriously by GameboyRMH · · Score: 4, Informative

    Clear your browser including flash cookies and cache, clear temp folders, uninstall and wipe the folders of any chat apps you may have been using, and that's good enough unless you think they're going to use a file recovery app on your hard disk.

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
    1. Re:OK more seriously by funwithBSD · · Score: 5, Insightful

      His first mistake was using a company machine for private transactions.

      Use your smart phone/iPad/whatever to that sort of stuff. Browse all you like at Newegg, but don't buy it at work!

      --
      Never answer an anonymous letter. - Yogi Berra
  4. DBAN! by brandor · · Score: 5, Informative

    http://www.dban.org/ Works wonders :)

    1. Re:DBAN! by cpu6502 · · Score: 4, Interesting

      It's Windows 7. The guy's probably not allowed to install it.

      I keep all my stuff in a "personal" folder so when the time comes for me to leave I just drag the folder to my USB: drive and then delete it from the computer. Technically the IT guys could undelete and recover, but it's doubtful they would. More likely they just reinstall the whole OS for the next guy.

      My browsers are Opera and Chrome portable. When I delete the personal folder, they disappear too. Not that it really matters; the proxy server has a record of every place I've ever visited. (There is no privacy on a work computer.)

      --
      My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
    2. Re:DBAN! by war4peace · · Score: 3, Interesting

      I am not worried about erasing/hiding/formatting or anything. When I leave current company, I just shutdown the laptop and hand it over, because I have encryption on it and only I know the password. They will HAVE to delete partitions and reformat anyway.
      Encrypt the damn thing, it's actually good business practice if you have company data on it.

      --
      ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
  5. Wipe by Anrego · · Score: 5, Informative

    Depend on your IT setup, but if an option, just ask your sysadmin to re-image it. Don't discount the obvious and direct route. It's a reasonable request, you have justification, and if you are on good terms with the IT department I'm sure they'll hook you up.

  6. Piece of Cake by mackil · · Score: 3, Informative
    Remove your files and profiles manually, then delete your windows user account. Create a new one, and use one of the many delete utilities (Like Hard Disk Scrupper) to wipe out the present free space so they cannot be recovered.

    If you work for the NSA, that might not be good enough, but it should be for the majority of people.

  7. Don't worry they have already copied it by cvtan · · Score: 4, Insightful

    Why were you doing this kind of stuff at work?

    --
    Sorry, but gray text on gray background is making my eyes bleed.
  8. Change all your porn membership passwords by Anonymous Coward · · Score: 5, Funny

    Who gives a flying fuck about anything else ...

  9. Ask slashdot going way downhill by gr3yh47 · · Score: 5, Insightful

    The quality of questions on slashdot lately is abysmal. You really need a slashdot answer to tell you to reinstall windows and reformat the drive in the process? or to nuke the drive with any easily-googable drive erasing tool and reinstall windows?

    1. Re:Ask slashdot going way downhill by gr3yh47 · · Score: 3, Insightful

      Gee, if only corporate networks had places to store documents.... or if only computer files could be moved before something was done to the computer. That's a rough one.

  10. 10 year old Win7 comp? Outstanding! by dAzED1 · · Score: 5, Interesting
    That's really impressive, actually...

    Easy. Start with not storing personal stuff on a work computer. Next step - assuming you're an admin on your box - create another admin account on the box. Log off your account, log in to that account, delete your profile off the box.

    Why would your CC info be on the box, anyway? Do you really type out your CC number into text files and leave them on your PC? Why?

  11. Is their IT staff? by na1led · · Score: 4, Insightful

    IT should be taking care of this for you. Don't try and do things yourself without consulting with IT first, I've seen many users mess things up when they try to take maters in their own hands. Remember, you're using company property, and all the data belongs to the company too. If you have personal data, let the IT person know this, and they will be responsible to dealing with it.

    --
    -- By all means let's be open-minded, but not so open-minded that our brains drop out.
  12. Wait...what? by killmenow · · Score: 3, Informative

    I've been at this job for 10+ years so I'm sure there is tons of personal stuff stored on my machine...BTW it's a Windows 7 system if that makes a difference."

    Ummm...my math may be a bit off here but...

  13. Delete Your Profile by c0d3r · · Score: 3, Informative

    Delete your profile Control Panel->System->Advanced system settings->Advanced -> User Profiles -> Select and delete.

  14. A short list by Caffeine_Coder · · Score: 4, Insightful

    While it isn't the same as destroying the drive, this should be good enough, w/o inconviencing the systems team.  Any 'work' ( documents / files / email ) you generated while using the computer for work is considered property of the company, so only focus on your personal stuff (so you dont get busted for 'destroying company property'.

    - Open each browser (firefox, IE, chrome) and delete cache, cookies, etc...
    - Move / delete all your files in My (Documents | Pictures | Videos | Music), and desktop
    - Uninstall any programs you installed and wasn't for work
    - Confirm no personal items stored in root "C:\"
    - Delete everything in %USERPROFILE%\AppData\Local\Temp
    - Delete everything in %SystemRoot%\TEMP

    If you have admin perms
    -After you have saved your work files off someplace else, create New admin User, log in as that admin, delete your old profile, and confirm that C:\Users\"OLD LOGIN NAME" does not exists

  15. Re:Perfect! by Gordonjcp · · Score: 4, Insightful

    The whole "DoD Wipe" thing is overkill.

    One single pass of dd if=/dev/zero of=/dev/ will destroy all the data on the disk, beyond any hope of recovery.

  16. Re:Perfect! by Gordonjcp · · Score: 4, Insightful

    I was going to say "myth", too. Have you noticed how the only people that insist that a "DoD wipe" is essential for getting rid of old data on drives are the people selling expensive drive-wiping software?

  17. Re:Reformat the drive by Mascot · · Score: 4, Interesting

    That would depend on where you live. Where I live and work, my employer isn't even allowed to check my email without a good reason. The same applies to all "personal areas". The hard drive in the computer the company has provided for you, is considered such an area. The assumption here is that there will always be _some_ personal use of a computer an employee sits at all day and often brings home or on trips with them. And a person has a right to privacy that the employer cannot invade without cause.

    On the topic at hand, no place I have ever worked would dream of just handing a computer on to the next one in line without first reinstalling. So the employee wiping it before turning it in would be just fine. Last few jobs I've had, I've Truecrypted my computer (at the start of my employment) and handed it over in that state without any issues.