Study: 78% of Resold Drives Still Contain Readable Personal or Business Data (consumerist.com)

← Back to Stories (view on slashdot.org)

Study: 78% of Resold Drives Still Contain Readable Personal or Business Data (consumerist.com)

Posted by BeauHD on Tuesday June 28, 2016 @10:00PM from the it's-all-just-a-simple-misunderstanding dept.

itwbennett writes: Blancco Technology Group, which specializes in data erasure, bought 200 secondhand PC storage drives (PDF) from eBay and Craigslist to see if they could recover any of the old data saved inside. Their findings: 78 percent of the drives contained residual data that could be recovered, 67 percent still held personal files, such as photos with location indicators, resumes and financial data, and 11 percent of the drives also contained company data, such as emails, spreadsheets and customer information. Only 10 percent had all the data securely wiped, Blancco said. The Consumerist points out that Blancco makes their money from promising secure data erasure, so the company has a "strong and vested interest in these results." As for why so many of the drives contain unwanted information, the report says it has to do with the difference between "deleting" data and "erasing" data. Your files aren't actually deleted when you drag them to the Trash or Recycle Bin, or by using the delete key -- shocking, I know. You can format a drive to erase the data, but you have to be careful of the format commands being used. A quick format, which was used on 40% of the drives in the sample, still leaves some residual data on the drive for someone to possibly access. A full format, which was used on 14% of the drives, will do a better job in removing unwanted files, but it too may still miss some crucial information. The solution Blancco recommends: buy a tool to perform complete data erasure.

17 of 207 comments (clear)

Min score:

Reason:

Sort:

Simple under linux by Anonymous Coward · 2016-06-28 22:08 · Score: 5, Insightful

dd if=/dev/zero of=/dev:sdb
or for the paranoid
dd if=/dev/urandom of=/dev/sdb
Why buy an expensive product when a simple one-liner will do the same job
1. Re:Simple under linux by gweihir · 2016-06-28 22:18 · Score: 4, Interesting
  
  Was about to post that. For a nice progress indicator, use
  dd_rescue -w /dev/zero /dev/target
  Apparently, a single zero-overwrite is entirely enough for modern disks (say, newer than 15 years or so), as these are used close enough to the surface data density limit that even magnetic force microscopy can recover a few scattered bits at best after a zero-wipe.
  I think the main problem here is that to do something like this under Windows, you have to jump through some hoops. And the other main problem is (of course) that people do not understand how disk storage works in the first place.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
2. Re:Simple under linux by Dr_Barnowl · 2016-06-28 22:59 · Score: 3, Informative
  
  You don't need to do it under Windows though - burn a Linux USB and off you go.
  Hell, there's a bootable image just for it : Darik's Boot and Nuke
  Blancco are just capitalising on ignorance (and risk-aversion in the business community which only tends to regard something you pay for as being a safe bet, despite the usual license agreements which preclude the vendor having any liability anyway).
3. Re:Simple under linux by Dr_Barnowl · 2016-06-28 23:01 · Score: 3, Informative
  
  Hah, hadn't realized that Blancco is apparently just the monetization of DBAN.
4. Re:Simple under linux by Bert64 · 2016-06-28 23:43 · Score: 3, Interesting
  
  Interestingly a few organisations have been bitten in the past, for instance by dos-based commercial disk wiping software which only wiped the first 8GB of any drive. I've even encountered a company that wanted to continue using such software because it was "much quicker at wiping large drives" which isn't surprising given that it doesn't wipe the whole drive.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Encrypt your drives. by Anonymous Coward · 2016-06-28 22:10 · Score: 3, Interesting

Delete the block containing the keys.
For this threat model, this is the perfect answer (if you trust the encryption, that is).
No need for some "secure erase" snake oil.
1. Re:Encrypt your drives. by donaldm · 2016-06-28 22:30 · Score: 3, Funny
  
  Delete the block containing the keys.
  For this threat model, this is the perfect answer (if you trust the encryption, that is).
  No need for some "secure erase" snake oil.
  You know the cheapest and most secure way to delete your data is to hit the disk a few times with a slegehammer. It's also a great tension reliever. Of course, after you have had a smashing good time please dispose of the part(s) in a responsible manner. :-)
  
  --
  There ain't no such thing as proprietary standards only proprietary formats. Standards are by definition open.
2. Re:Encrypt your drives. by MartinG · 2016-06-28 22:33 · Score: 4, Funny
  
  > You know the cheapest and most secure way to delete your data is to hit the disk a few times with a slegehammer.
  I find that don't make as much on ebay once I've done that.
  
  --
  -- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz .@adgimnoprstu
Don't have to buy one by TheReaperD · 2016-06-28 22:14 · Score: 5, Informative

You don't have to buy a secure hard drive erasure tool, DBAN does a reliable job for most drives and is free. SSDs are a new kink in the mix that means that some really advanced tools could retrieve data from the drives, even after a complete wipe but, if you're going up against people that dedicated, I recommend a sledgehammer instead.

--
"Be particularly skeptical when presented with evidence confirming what you already believe." -
Why? by Calydor · 2016-06-28 22:21 · Score: 5, Insightful

Why do people even sell old hard drives, let alone BUY used drives that may be full of bad sectors or viruses?

--
-=This sig has nothing to do with my comment. Move along now=-
1. Re:Why? by JoshuaZ · 2016-06-28 22:33 · Score: 3, Informative
  
  Because it is cheap, and a single reformat will deal with the vast majority of issues. A few bad sectors aren't in general going to make the drive unusable.
2. Re:Why? by PhunkySchtuff · 2016-06-28 22:59 · Score: 3, Informative
  
  Modern drives will silently remap sectors without telling you (unless you look at the SMART status).
  Once they exhaust their pool of spare sectors, then they start telling things higher up the chain that there are bad sectors.
  By the time a disk is reporting bad sectors to the OS (as a bad sector, instead of incrementing a SMART counter and silently carrying on) it has remapped so many bad sectors that it can no longer automatically remap them and is now telling you there is a problem.
  In my experience, every single drive that I've seen reporting even a single bad sector will soon go pear-shaped and shouldn't be used.
  
  --
  Specialist Mac support for creative pros, Melbourne
Re: Buying not needed by jabuzz · 2016-06-28 22:59 · Score: 3, Informative

Set a password for the drive and issue an ATA secure erase using hdparm. This will get all the remapped sectors as well. Procedure documented here
https://ata.wiki.kernel.org/in...
Only $5 and way more satisfying by wkwilley2 · 2016-06-28 23:00 · Score: 3, Insightful

I already bought a data erasure tool years ago, it's my trusty 16oz ball peen hammer.

--
Have you ever fallen asleep at the keybhanusdiog?
The editing is bad, but the modding is worse. by Anonymous Coward · 2016-06-29 00:44 · Score: 3, Interesting

I've not been impressed with the editing, as well, but I find the moderation to be much more disruptive these days. I've had to start browsing at -1 all of the time just to see perfectly fine comments that are at -1 for some reason. It defeats the purpose of having a mod system if I have to disable it all the time, ya know? Once a good comment ends up at -1 it's like it never gets seen by the mods again, so it will likely remain at -1. I think that anyone with mod points should automatically be shown the -1 threshold view so that they see all comments. At least that allows for the comment to possibly be modded up to its rightful score. Otherwise some other way is needed to get wrongly -1 comments back up. Maybe any comment that's at -1 ends up at 0 again after 10 minutes for instance. Well regardless of how it's fixed this is a problem that needs to be fixed. Most submissions here get well under 100 comments, and nearly all are below 200. It's not 2001 any longer, when many submissions here would easily get 500 or more comments. Comments are scarcer now, so their value is higher. That's why a badly modded comment is a serious problem now. We need to see good content, not have it suppressed.
1. Re:The editing is bad, but the modding is worse. by jenningsthecat · 2016-06-29 03:51 · Score: 3, Interesting
  
  I've been coming here for 7 years, and I've always browsed at -1. Comments modded down for inappropriate reasons has always been a problem, at least during my time here, but I agree that it's become much worse in the last few years. When I have points I always mod such comments back up. I also mod up comments which I don't agree with, and which I may consider assholish, but which I feel are well thought out and/or important to the overall discussion.
  I love your point about the scarcity of comments, and I agree that the mod system needs to be tweaked. Doing so might even start to raise the level of discourse again and bring back some worthwhile voices that have left in frustration at Slashdot's downward slide. While we're on the (off-topic) subject, I think people need to back off from slagging the editors so much. They're doing a difficult job, trying to balance the desires of a very cranky, picky membership with the need to keep the site financially viable. Yes, we still need to call them out on obvious Slashvertisements - but beyond that, they're doing a pretty good job. We need to be careful here - otherwise the ghost of Timothy will come back to haunt us; or, worse yet, Slashdot will cease to exist.
  
  --
  'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
Feed /dev/zero into a CBC cipher with OpenSSL by tepples · 2016-06-29 02:52 · Score: 3, Interesting
Some SSDs use lossless data compression (analogous to gzip) to pack more sectors into fewer physical pages so that they don't have to spend quite as much time erasing pages. To avoid this possibility, you might want to use a cipher to generate noise that the drive's firmware cannot compress.
1. TRIM the entire drive.
2. Feed /dev/zero into a CBC cipher with openssl enc .
3. Perform a "Secure Erase".