1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News ICO warns of second-hand data leaks

Discussion in 'Article Discussion' started by brumgrunt, 26 Apr 2012.

  1. brumgrunt

    brumgrunt What's a Dremel?

    Joined:
    16 Dec 2011
    Posts:
    1,009
    Likes Received:
    27
  2. PingCrosby

    PingCrosby What's a Dremel?

    Joined:
    16 Jan 2010
    Posts:
    392
    Likes Received:
    7
    Bloody ne'er-do-well's
     
  3. Pookie

    Pookie Illegitimi non carborundum

    Joined:
    4 May 2010
    Posts:
    3,557
    Likes Received:
    146
    I always dismantle a customers (faulty) drive and smash the platters to be sure there is no chance of it being recovered.
     
  4. Dewi

    Dewi What's a Dremel?

    Joined:
    10 Jan 2011
    Posts:
    26
    Likes Received:
    0
    It does seem ironic that the one time I was ever asked by a family member to retrieve deleted data, the computer had actually managed to wipe it permanently!

    In my first year of Uni, I was housed in halls with a block of Computer Science students and one of the things they used to demonstrate was retrieving data from damaged or wiped hard disk drives. Since then I've always insisted on removing the drives from any old computers family and friends are disposing of.

    In the end, what we used to do at Uni was actually remove the hard disk platters and use them as coasters on our desks. Over time the heat from mugs of coffees warped the data and rendered it unreadable...

    ...at least that was the theory!
     
  5. BlackRaven

    BlackRaven Freaking printers!

    Joined:
    20 Feb 2010
    Posts:
    89
    Likes Received:
    0
    I used to use a heavy crowbar to smash the hell out of the drives we used. Done the same on with my own old ones.
     
  6. Fizzban

    Fizzban Man of Many Typos

    Joined:
    10 Mar 2010
    Posts:
    3,691
    Likes Received:
    275
    There was a thing on Bang Goes The Theory about this quite recently. Showing some of the more..physical ways of erasing data, or not, depending on what they tried. Didn't tell me anything I didn't already know, but it was interesting none the less.

    It's still up on bbc iplayer if anyone is interested. Here.
     
  7. Hustler

    Hustler Minimodder

    Joined:
    8 Aug 2005
    Posts:
    1,039
    Likes Received:
    41
    Dban was great...until Hard Drives got so big, now even with the fastest (which is the least secure) wipe, it can take soooooooooo long to wipe Hdrives that are TB's in size.

    ..Choose the most secure method, and your talking literally days to wipe a disc.
     
  8. yougotkicked

    yougotkicked A.K.A. YGKtech

    Joined:
    3 Jan 2010
    Posts:
    251
    Likes Received:
    9
    And that kiddies is why you never sell an old hard drive, they are rarely worth enough to justify it. if it still works, add it to a backup array, if it's broken, why are you selling it?

    Though those not tech-savvy enough to know how to properly wipe a hard drive are at risk.
     
  9. Fizzban

    Fizzban Man of Many Typos

    Joined:
    10 Mar 2010
    Posts:
    3,691
    Likes Received:
    275
    Thing that gets me is hard drives cost MORE in Africa if they have data on them! Shocking. Get a good wipe program guys and turn those informations into zeros...or ones..w/e. Just wipe that ****. More user friendly than grabbing your local blow-torch and melting that baby.
     
  10. OdDBaLL_MoD

    OdDBaLL_MoD Always planning something...

    Joined:
    13 Sep 2004
    Posts:
    53
    Likes Received:
    0
    Maybe more user friendly, but not as user fun! With proper PPE ofc... :p
     
  11. Omnituens

    Omnituens What's a Dremel?

    Joined:
    5 Apr 2006
    Posts:
    954
    Likes Received:
    11
    In the words of Jamie Hyneman; When in doubt, C4.
     
  12. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,066
    Likes Received:
    6,610
    Thermite: s'cheaper, doesn't go 'bang' and have SO19 knocking on your door, and is *very* pretty when it burns. It's also incredibly easy to make.

    NOTE: Don't make it. It's fun, it's easy, but it's quite likely to result in a visit from the anti-terrorism squad - and while that sort of thing used to get you a slap on the wrist, these days the manufacturing of an "improvised explosive device" (what used to be known as "home-made fireworks") will likely get you a one-way ticket to Gitmo. Also, thermite is pretty vicious stuff - which is great for wrecking hard drives, but not so great for keeping fingers, toes and eyesight intact.
     
    Last edited: 27 Apr 2012
  13. Omnituens

    Omnituens What's a Dremel?

    Joined:
    5 Apr 2006
    Posts:
    954
    Likes Received:
    11
    TBH, if I'm retiring a drive, hammer and nail does the job pretty well. No melty or boom, but a lot safer and much more legal.
     
  14. bleeper

    bleeper What's a Dremel?

    Joined:
    25 Apr 2012
    Posts:
    28
    Likes Received:
    0
    I always zero my drives, do a deep scan just in case, then securely delete if it found anything (it never does.)

    The kind of people with the tools to get past a zero write and actually be able to do something with the information are not likely to be buying up drives off eBay for their nefarious purpose, so I am pretty confident I've nothing to worry about.

    That said, at least most people at least attempt to delete the data.

    I bought a PS3 hard drive that was clearly someone's porn storage device and even worse a Samsung Galaxy that spent a large amount of it's life producing amateur porn! I swiftly deleted it all after watching it.
     
  15. MrJay

    MrJay You are always where you want to be

    Joined:
    20 Sep 2008
    Posts:
    1,290
    Likes Received:
    36
    Made me giggle!


    Im currently using a Recuva to rescue some data from a formatted drive.

    Takes an age to scan but once its finished its amazing what you can find.

    This drive had been re-formatted re-partitioned and a fresh copy of windows and all his app installed.

    id say I've found about 85% of the original content!
     
  16. ArthurB

    ArthurB What's a Dremel?

    Joined:
    17 Jul 2011
    Posts:
    43
    Likes Received:
    0
    You only need to overwrite the data on your HDD with zeros to make it unrecoverable.

    The hard drives own internal secure erase feature is also a lot quicker than the methods DBAN uses. IIRC, I wiped a 2TB drive in approx. 1 hour using HDDErase.
     
  17. Harlequin

    Harlequin Modder

    Joined:
    4 Jun 2004
    Posts:
    7,131
    Likes Received:
    194
    try googling for the swedish company that can recover data from any drive - they boast recovering data from hard drives that have been driven over by lorries , smashed to pieces and set on fire.

    the US government approved method of destroying a data hard drive? dropping into acid till it melts. Overwriting xxx amount of times can still be read with enough effort.
     
  18. DanaG

    DanaG What's a Dremel?

    Joined:
    23 Jan 2006
    Posts:
    27
    Likes Received:
    0
    I usually use hdparm to erase drives. The only tricky thing: modern BIOSes tend to send the "freeze security state" command before handing control to the OS boot loader. You'll often either have to hotplug the drive (works fine for AHCI), or use a secondary SATA controller that doesn't send the "freeze" command.

    Commands to run (using a random drive as an example, and replacing the serial number with "serialnumberhere"):
    hdparm -I /dev/disk/by-id/ata-ST9500420AS_serialnumberhere
    Capital i, not lowercase L. That will tell you something like this at the bottom:
    Security:
    Master password revision code = 65534
    supported
    not enabled
    not locked
    not frozen
    not expired: security count
    supported: enhanced erase
    102min for SECURITY ERASE UNIT. 102min for ENHANCED SECURITY ERASE UNIT.

    Then:
    hdparm --security-set-pass SOMEPASSWORDHERE /dev/disk/by-id/ata-ST9500420AS_serialnumberhere
    time hdparm --security-erase SOMEPASSWORDHERE /dev/disk/by-id/ata-ST9500420AS_serialnumberhere
    You can instead do --security-erase-enhanced, if the drive supports it.

    I run it through "time" -- if the thing takes way longer than it states it should, I'd imagine the drive is unhealthy. (One time I saw two different drives drives report a 30-minute erase, with me present, as taking 450 minutes -- likely due to clock changes.)

    EDIT: Also, there is an hdparm for Windows, but nowadays Windows sends the "freeze" command to all drives, as well -- even on alternate SATA controllers, I believe. Hence, you need the Linux hdparm.
     
    Last edited: 29 Apr 2012
  19. deadsea

    deadsea What's a Dremel?

    Joined:
    9 Oct 2009
    Posts:
    197
    Likes Received:
    6
    Well, wouldn't it be easier to just encrypt the whole drive and be done with it? Set the key to be as long as possible and just bash away at the keyboard like Shakespeare's monkeys. If anyone's going to throw that much resources at recovering your data, you're screwed either way.
     
  20. Bakes

    Bakes What's a Dremel?

    Joined:
    4 Jun 2010
    Posts:
    886
    Likes Received:
    17
    If your operating system supports seamless encryption well (like OSX), then encryption is a good idea if you can stomach the performance loss.
     
Tags: Add Tags

Share This Page