Skip to comments.
'Cleaned' hard drives reveal secrets
New Scientist ^
| 14:32 16 January 03
| Will Knight
Posted on 01/16/2003 7:33:41 AM PST by vannrox
|
|
|
|
'Cleaned' hard drives reveal secrets |
|
14:32 16 January 03 |
Will Knight |
|
Discarded and recycled computer drives can reveal financial and personal information even when apparently wiped clean, MIT researchers have found.
Simson Garfinkel and Abhi Shelat, graduate students at the Massachusetts Institute of Technology, analysed 158 second hand hard drives bought over the internet between November 2000 and August 2002. They were able to recover over 6000 credit card numbers, as well as email messages and pornographic images.
The pair wrote a program to scour the disk drives for any trace of credit card information. They found card numbers on 42 drives of the drives they bought.
One drive had previously been used in an ATM cash machine and contained 2868 different numbers, as well as account and transaction information. Another drive contained a credit card number within a cached web page.
Privacy failure
Much of the information the researchers found had been "deleted" before the disks were sold. But simply deleting a file with most computer operating systems does not remove it from the hard drive, it only removes a tag pointing to the file.
Furthermore, even re-formatting the disk does not properly remove the contents of files.
"Most techniques that people use to assure information privacy fail when data storage equipment is sold onto the secondary market," the researchers write in an article to appear in the IEEE magazine Security and Privacy. "The results of even this limited initial analysis indicate that there are no standard practices in the industry [for sanitizing disks]."
Data remembrance
The study, entitled Remembrance of data passed: a study of disk sanitization practices, concludes that overwriting disks with random data, preferably more than once, should be sufficient to wipe them clean. But only 12 per cent of the drives they bought had been cleaned in this way.
They also note that it may be possible to recover information even when it has been overwritten with random data. This would require the use of magnetic force microscopy to measure the subtle magnetic changes that occur during each overwrite.
Finally, the researchers add that cryptographic file systems would improve hard drive security by requiring authentication before revealing data. But they say this type of system is very rarely used. |
|
14:32 16 January 03 |
|
|
Return to news story |
|
© Copyright Reed Business Information Ltd. |
|
TOPICS: Business/Economy; Constitution/Conservatism; Crime/Corruption; Culture/Society; Extended News; Government; News/Current Events; Technical
KEYWORDS: 1984; bigbrother; card; clean; computer; credit; drive; hand; hard; information; nwo; pc; privacy; second; secrets; security
Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100, 101-120, 121-140, 141-154 next last
To: Redcloak
PGP Wipe Disk Wiping Utility Fails to Remove the Contents of Alternate Data Streams on NTFS Drives
See www.securitytracker.com
121
posted on
01/16/2003 12:42:02 PM PST
by
DensaMensa
(Mensa is for dummies.)
To: ET(end tyranny)
}But for anyone interested in the free one, I did find a site
Site says it is for Win95/98. Nothing about 2000/XP.
122
posted on
01/16/2003 12:46:09 PM PST
by
DensaMensa
(Mensa is for dummies.)
To: HoustonCurmudgeon
There is No Such Agency.
123
posted on
01/16/2003 12:47:45 PM PST
by
ASA Vet
("Those who know don't talk, those who talk don't know.")
To: Support Free Republic
Okay! So after 120+ messages and lots of conflicting information, how about this one?
How effective is a simple reformat such as is done by WinXP or others prior to a clean install? How high does that method of "scrambling" rise on the scale of Hard Drive Cleaning effectiveness? Thanks.
124
posted on
01/16/2003 12:55:59 PM PST
by
DensaMensa
(Mensa is for dummies.)
To: vannrox
Some government agencies, as well as data recovery houses, are able to recover data from drives that have been "cleaned" with commercial "secure" file deletion programs. However, it's very difficult, time consuming, and expensive to do this, and the level of expertise is limited to just a few high tech firms, or intelligence agencies of governments.
A few years ago, a client (a government agency) needed to have a hard drive replaced under warranty, and the supervisor was upset that they would have to pay for the new hard drive, since the old one could not be returned to the manufacturer. According to departmental regulations, any device capable of storing information could NOT be released, and had to go through a metal shredder! This is certainly one way to ensure that the data was gone! lol
Mark
125
posted on
01/16/2003 1:07:48 PM PST
by
MarkL
To: ArrogantBustard
I wonder what the US Gov does to dispose of "classified" hard drives? I sort of imagine it involves fire, or some equivalent of your heavy duty hammer. Financial institutions should treat their old drives the same way. I posted something on this before I read your post... Metal shredder.
Mark
126
posted on
01/16/2003 1:11:31 PM PST
by
MarkL
To: Fiddlstix
To the best of my knowledge, a LLF will clean everything off the disk. (Low Level Format)For end users, this is enough, but security experts, data recovery houses, and government agencies can still recover data that's been formatted this way.
Mark
127
posted on
01/16/2003 1:16:57 PM PST
by
MarkL
To: ASA Vet
Close but no c
Ig
Ar !
BTW I was offered a job with your agency in 71 but didn't want to go to Turkey.
To: DensaMensa
According to the notice, none of the wiping programs mentioned in this thread will wipe alternate data streams. However, this is seen only when the wiping program is being used to wipe individual files. If the alternate stream's parent file is deleted, a free space wipe will nail it since it's tagged as free space at that point.
(For those who are wondering, "alternate data streams" refers to items such as thumbnail views of graphics. For example, Pete Townsend could have wiped the individual naughty files from his computer, but if he had been looking at the pics with Explorer's thumbnail viewer, the thumbnails would still be on his hard drive. An investigator could then examine the free space on the drive and find them. Had Pete immediately ran a free space wipe after deleting the files, the thumbnails and their parent files would have been wiped.)
129
posted on
01/16/2003 1:43:06 PM PST
by
Redcloak
(Tag, you're it!)
To: MarkL
I was refering to a Low Level Format. It is a lot different than just using the "Format" command.
Some Info about LLF is Here
J
130
posted on
01/16/2003 1:46:56 PM PST
by
Fiddlstix
(Tag Line Service Center: FREE Tag Line with Every Monthly Donation to FR. Get Yours. Inquire Within)
To: DensaMensa
Against a serious attempt at data recovery, it is worthless. If you have serious concerns with what data can be recovered from you hard drive, don't bother any approach that depends on the drive itself to overwrite the data. In my opinion there are only 2 ways to destoy the data permanently and dependably in a HDD: complete physical destruction of the disks in the drive or a high strength degaussing field.
131
posted on
01/16/2003 2:17:01 PM PST
by
Flying Circus
(an engineer in the HDD industry)
To: DensaMensa
It is effective to keep your average next door neighbor out of it.
It is NOT effective to keep people with the right equipment and the will to get the data out of it.
132
posted on
01/16/2003 2:43:16 PM PST
by
sd-joe
(T)
To: vannrox
Hint...
Hydrochloric Acid or a sledgehammer.
To: Fiddlstix
Yes but "low level format" is still a magnetic write.
The problem is the residual magnetic effects left over from the original writes.
That is why the ONLY safe method (other than physical destruction) is multiple writes with different patterns. It seems that about 7 re-writes gets one pretty close to being unreadable.
134
posted on
01/16/2003 2:48:10 PM PST
by
sd-joe
(T)
To: vannrox
I use a program called filevac that comes with a program I use called IECLEAN which scrubs internet explorer each time I log off. Filevac lets me scrub 16 times if I want. I do that about once a month , takes hours I tell it to run and go to bed...Would like to hear from freepers via freepmail if they have any experience or have an educated opinion about this program
To: sd-joe
}[ordinary low level formatting]...is effective to keep your average next door neighbor out of it.
That sounds good enough for 99%+ of all average users needs. Anything beyond that can become an obsession IMHO.
136
posted on
01/16/2003 5:24:07 PM PST
by
DensaMensa
(Mensa is for dummies.)
To: DensaMensa
"That sounds good enough for 99%+ of all average users needs"
Yeah, for home users.
Certain businesses have legal responsibilities to maintain security of data, and could face serious financial penalties if the data got out. Some Financial, Legal, and Medical operations come to mind.
For instance in this article, someone should get in serious dodo for the ATM hard drive that had data recovered from it.
137
posted on
01/16/2003 5:45:08 PM PST
by
sd-joe
(T)
To: steve-b
Muttly have hammer.
Muttly want Thermite.
Thermite good.
138
posted on
01/16/2003 5:53:20 PM PST
by
PoorMuttly
(Kharmechanic)
To: blackdog
He must be the world's oldest graduate student...
139
posted on
01/16/2003 5:57:47 PM PST
by
mlmr
To: sd-joe
}For instance in this article, someone should get in serious dodo for the ATM hard drive that had data recovered from it.
Yeah, the article doesn't say, but the tech could have just tossed it without doing anything to it for all we know. Could be simple carelessness. May have even had a 'THIS IS FOR THE MAIN STREET ATM' sticker on it to help attract attention. :/)
140
posted on
01/16/2003 6:04:36 PM PST
by
DensaMensa
(Mensa is for dummies.)
Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100, 101-120, 121-140, 141-154 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson