'Cleaned' hard drives reveal secrets

New Scientist ^ | 14:32 16 January 03 | Will Knight

[vannrox]

'Cleaned' hard drives reveal secrets

14:32 16 January 03

Will Knight

Discarded and recycled computer drives can reveal financial and personal information even when apparently wiped clean, MIT researchers have found.

Simson Garfinkel and Abhi Shelat, graduate students at the Massachusetts Institute of Technology, analysed 158 second hand hard drives bought over the internet between November 2000 and August 2002. They were able to recover over 6000 credit card numbers, as well as email messages and pornographic images.

The pair wrote a program to scour the disk drives for any trace of credit card information. They found card numbers on 42 drives of the drives they bought.

One drive had previously been used in an ATM cash machine and contained 2868 different numbers, as well as account and transaction information. Another drive contained a credit card number within a cached web page.

Privacy failure

Much of the information the researchers found had been "deleted" before the disks were sold. But simply deleting a file with most computer operating systems does not remove it from the hard drive, it only removes a tag pointing to the file.

Furthermore, even re-formatting the disk does not properly remove the contents of files.

"Most techniques that people use to assure information privacy fail when data storage equipment is sold onto the secondary market," the researchers write in an article to appear in the IEEE magazine Security and Privacy. "The results of even this limited initial analysis indicate that there are no standard practices in the industry [for sanitizing disks]."

Data remembrance

The study, entitled Remembrance of data passed: a study of disk sanitization practices, concludes that overwriting disks with random data, preferably more than once, should be sufficient to wipe them clean. But only 12 per cent of the drives they bought had been cleaned in this way.

They also note that it may be possible to recover information even when it has been overwritten with random data. This would require the use of magnetic force microscopy to measure the subtle magnetic changes that occur during each overwrite.

Finally, the researchers add that cryptographic file systems would improve hard drive security by requiring authentication before revealing data. But they say this type of system is very rarely used.

14:32 16 January 03

Return to news story

  © Copyright Reed Business Information Ltd.

 

[Flying Circus]

A simple magnet is not sufficient to erase data. It will change the direction of the magnetic moment of the disk, but the with the right tools individual bits still have enough memory to reconstruct the original data. What you need is a degauss tool which will cycle the magnetic field direction a hundred times over and completely randomizes the bits.

[VeritatisSplendor]

Infocom: Great concepts, good company, unfortunately the founders happened to also be student-politician types without a lot of business sense -- they stayed text-based for too long and missed a chance to rule the computer game market, eventually got swallowed.

[dennisw]

You are correct. I thought writing zeros took care of it all.

[Captain Beyond]

Bump

[ArrogantBustard]

Thanks for all the replies. I'm convinced:

1) Don't sell a used hard drive that ever contained "personal" or "sensitive" information.
2) Don't just throw it in the trash.
3) Rewriting it isn't guaranteed to make it unreadable.
4) Thermite, sledgehammers, or firearms will probably render it unreadable.

I'm opting for the sledgehammer approach.

[ET(end tyranny)]

I use BCWIPE. Went to load their page, and see that it is no longer free.

[jpl]

Yep, there's no question at all that time passed them by, which is really a shame, because those guys were truly brilliant. They tried to release a business product called "Cornerstone" which buried them. Activision bought them out and released a couple of titles under the old label, but they're a relic of computing history now.

[Imnidiot]

Tinfoil alert: Does Norton, while overwriting a disk, also save the data to send later to the CIA? Hmmn? Let's say it does and start a new conspiracy theory.

[fnord]

One of the drives came from an ATM machine, and the vast majority of card numbers came from that drive.

Today's Statistics 101 lesson: This is an example of why the median is often more meaningful than the mean.

Don't forget the mode! (which in this case might have a value of zero or one)

[El Gato]

I wonder what the US Gov does to dispose of "classified" hard drives?

They write over all the data, usually several times. All ones, All zeros and then one or more times with random ones and zeros. For really high security stuff they then take an industrial strength magnet to the disk platter itself. The sort of magnet that is used to pick up cars in some scrap yards, although physically somewhat smaller. :)

[asformeandformyhouse]

I use BCWIPE. Went to load their page, and see that it is no longer free.

I hadn't checked in quite awhile. I didn't know that it was no longer free. The version I had was free and I'm sure 'someone' could find it on a website 'somewhere', if they looked hard enough.

[SealSeven]

Debug the drive if your selling your sys or whatever. Debugging wipes all partition info from the drive (data included).

[Cooter]

EE, but took the same core as CS majors since EECS is one department there (Course 6).

[Timesink]

Ritalin/Adderall is extremely potent speed. It's potential for abuse is scary.

Yes it is. That's why it's they're Schedule II drugs, the category which carries the highest prescripion restrictions of any medications in the United States. (The only thing higher is Schedule I, which are drugs that are banned entirely, like LSD and heroin.) Which is why people that take it w/o a prescription can go to jail for taking them.

I took one of my wife's Adderall's last summer. Don't buy that two cup of coffee bullcrap. I was up for two days and spent my nights with that hummm going through my body I had not experienced since college. As most people on speed, I thought the world was great. That was until I came down and realized I had started about twenty new projects and finished not one......

And this is precisely why it's a Schedule II drug. See, the thing about Ritalin and Adderall is that they have the reverse effect on the brain in those with ADD/ADHD; instead of speeding them up, it allows them to calm down and concentrate. But for plain old abusers, yes, it acts as plain old speed. Which leads me to ask the question: Why were you taking your wife's Adderall?

The other problem is what these people do when they are no longer children and are not on insurance that ponies up speed for adults. A long term amphetamine user who stops taking speed is an ugly scene.

Well, an intelligent parent and/or doctor would prepare for this well ahead of time, in the rare cases where it would actually occur.

(And before anyone tries to start the argument: Yes, lots of people are MISdiagnosed with ADD/ADHD, and no, I do not believe public schools should be able to force kids to take any drugs whatsoever. I'm simply saying Ritalin and Adderall are legitimate medications with legitimate medical uses in those that actually have such diagnoses.

[shezza]

Ping to self for all the good advice contained within this thread....

[Flashman_at_the_charge]

Even scientists like to have fun you know.

That’s for sure!

[Timesink]

Since nobody's posted it yet, I thought I'd provide the link to the actual Garfinkel/Shelat article:

"Remembrance of Data Passed: A Study of Disk Sanitization Practices," Garfinkel and Shelat, IEEE Security and Privacy, January/February 2003. (PDF file, 508K, full color, 11 pp.)

Everyone should REALLY read this article, as the details of this story are somewhat more complex than that little New Scientist blurb lets on.

[Grig]

Hey, get the magnets out of there first, they are really strong and usefull, one can hold a month's worth of bills securly to the side of a fridge.

[blackdog]

Burned by self incrimination, I was to drive all night after doing farm chores all day. I have a nasty habit of falling asleep at the wheel. My wife suggested I see if it helped.

I had back pain, muscle pain, stiff neck, sore jaw from clenched teeth, for a week after that. I guess I am not ADHD huh? Sure did keep me awake though. Never doin that again, no sir. Not prudent.

[ET(end tyranny)]

Seems there is a NEW version of BCWIPE. Came out 1/13/03. One site says free to try and $30 for the older version, and free to try and $40 for the new version.

But for anyone interested in the free one, I did find a site that still has it. BCWIPE