Before you sell your computer.....

[Zoink]

MIT researchers uncover mountains
of private data on discarded computers JANUARY 15, 2003

CAMBRIDGE, Mass.—Discarded computers, even those with “erased” disk drives, may harbor confidential information such as credit card numbers and medical records, two MIT graduate students found.
Scavenging through the data inadvertently left on 158 used disk drives, the students at MIT’s Laboratory for Computer Science found more than 5,000 credit card numbers, detailed personal and corporate financial records, numerous medical records, gigabytes of personal email and pornography.

The disk drives were purchased for less than $1,000 from eBay and other sources of used computer hardware. Only 12 were properly sanitized.

“There are many stories in which somebody has bought a used computer and found confidential information on it, but nobody has ever quantified the scale of the problem,” said Simson Garfinkel, one of the students. “So we decided to find out.”

Results from the study, which Garfinkel performed with Abhi Shelat, are being published in the January/February 2003 issue of IEEE Security and Privacy. The research suggests that the secondary market is awash with confidential information, although work needs to be done to get more accurate statistics. More than 150 million disk drives were retired from primary service in 2002.

Of the disk drives acquired, 129 were functional. Of these, Garfinkel and Shelat found 28 disk drives in which little or no attempt had been made to erase any information. One of these drives, Shelat says, had apparently come from an automatic teller machine in Illinois and contained a year’s worth of financial transactions.

Attempts to erase information from the drives were usually ineffectual. On many disks, files that would typically be found in the “My Documents” folder had been deleted, but they could be recovered using a simple “undelete” utility. Undelete programs work because deleting a file does not actually overwrite the blocks on the computer’s disk that are used to hold the file’s information.

Roughly 60 percent of the disks were formatted before they were sold, but even formatting did not properly sanitize a disk because the Windows “format” command doesn’t actually overwrite every block—“the format command just reads every block to make sure that they still work,” Garfinkel said. “To properly sanitize the hard drive, you need to overwrite every block.”

On one of the “formatted” disks, Shelat found more than 5,000 credit card numbers.

Roughly 45 percent of the disks contained no files at all and the disks could not be mounted on the computer. Yet the data could still be retrieved by reading each block of the disk using special tools.

----------

To be safe, make sure you "slag" your drive

http://driveslag.eecue.com/articles/index.php?artid=1

[Shinova]

My beef is, why do these senseless idiots put credit card numbers and all that on their computers in the first place???


Edit: But the one with 5000 credit card numbers probably belongs to some hacker maybe. Or maybe a company.

[Einhander Sn0m4n]

Edit: But the one with 5000 credit card numbers probably belongs to some hacker maybe. Or maybe a company.

EVEN LESS EXCUSE TO LEAVE IT UNFORMATTED!!! You think someone like a hacker or an IT guy would take severe measures to prevent that. Oy fucking vey LOL!

[neoolong]

Hehe. I read about this earlier. Kind of funny.

[phongn]

Edit: But the one with 5000 credit card numbers probably belongs to some hacker maybe. Or maybe a company.

EVEN LESS EXCUSE TO LEAVE IT UNFORMATTED!!! You think someone like a hacker or an IT guy would take severe measures to prevent that. Oy fucking vey LOL!

Merely formatting a drive will not destroy the data. You must overwrite the drive 4-7 times with garbage data to completely wipe out all traces of it. It is time-consuming, though there are various utilities on the 'net to do so.

[Pu-239]

MIT researchers uncover mountains
of private data on discarded computers JANUARY 15, 2003

CAMBRIDGE, Mass.—Discarded computers, even those with “erased” disk drives, may harbor confidential information such as credit card numbers and medical records, two MIT graduate students found.
Scavenging through the data inadvertently left on 158 used disk drives, the students at MIT’s Laboratory for Computer Science found more than 5,000 credit card numbers, detailed personal and corporate financial records, numerous medical records, gigabytes of personal email and pornography.

The disk drives were purchased for less than $1,000 from eBay and other sources of used computer hardware. Only 12 were properly sanitized.

“There are many stories in which somebody has bought a used computer and found confidential information on it, but nobody has ever quantified the scale of the problem,” said Simson Garfinkel, one of the students. “So we decided to find out.”

Results from the study, which Garfinkel performed with Abhi Shelat, are being published in the January/February 2003 issue of IEEE Security and Privacy. The research suggests that the secondary market is awash with confidential information, although work needs to be done to get more accurate statistics. More than 150 million disk drives were retired from primary service in 2002.

Of the disk drives acquired, 129 were functional. Of these, Garfinkel and Shelat found 28 disk drives in which little or no attempt had been made to erase any information. One of these drives, Shelat says, had apparently come from an automatic teller machine in Illinois and contained a year’s worth of financial transactions.

Attempts to erase information from the drives were usually ineffectual. On many disks, files that would typically be found in the “My Documents” folder had been deleted, but they could be recovered using a simple “undelete” utility. Undelete programs work because deleting a file does not actually overwrite the blocks on the computer’s disk that are used to hold the file’s information.

Roughly 60 percent of the disks were formatted before they were sold, but even formatting did not properly sanitize a disk because the Windows “format” command doesn’t actually overwrite every block—“the format command just reads every block to make sure that they still work,” Garfinkel said. “To properly sanitize the hard drive, you need to overwrite every block.”

On one of the “formatted” disks, Shelat found more than 5,000 credit card numbers.

Roughly 45 percent of the disks contained no files at all and the disks could not be mounted on the computer. Yet the data could still be retrieved by reading each block of the disk using special tools.

----------

To be safe, make sure you "slag" your drive

http://driveslag.eecue.com/articles/index.php?artid=1

Already posted this a while ago. Subsequently posted pictures of hard drives shot with guns.


4-7 seems kind of few. I thought ~30 was recommended, using a prog that writes guttman patterns all over the disk.

[phongn]

It appears that no-one is heeding my earlier advice regarding board timeouts when posting.

Anyways, 30 seems exceptionally excessive. Government guidelines are around seven wipes.

[Hyperion]

Well, I for one like it when people leave their software on the HDDs and I get the old machine in trade or whatever. However I make sure no credit card numbers or anything get used when I resell the drive (I do properly nuke the drives before selling them, but that doesn't stop me from stripping stuff like MP3s, programs, and drivers if any of those things grab my attention)

[TrailerParkJawa]

Ive dealt with a few places that have to crush the computers and destroy the drive. They cant even surplus them.

Aside, from the drive in the ATM machine, I doubt most people have to worry about somone going out of their way to scavange data. I like to BLAST the partition, then run a low level format once or twice.

Anything more seems excessive unless you have specific security concerns.