"Erased" Hard Drives Can Bite You
Published: Feb 11, 2003
By Jefferson Graham
Imagine this chilling scenario: You buy a new PC and donate the old one to charity, knowing you've protected your privacy by deleting all your old files—or better yet, you erase the hard drive by reformatting the hard drive and wiping it clean.
Yet you later discover you're a victim of identity theft: Your Social Security number, driver's license ID, credit card account information and tax records all were retrieved from the old hard drive.
Far-fetched? Not really, Simson Garfinkel says. The privacy expert and MIT grad student recently bought 158 old hard drives on eBay as an experiment with fellow student Abhi Shelat to see how much data was recoverable.
Their findings: More than 5,000 credit card numbers, financial and medical records, personal e-mail and pornography were easily obtainable on the drives.
Erase the Hard Drive Tip #1: Properly Sanitize the Hard Drive before giving it away
"People need to understand that when they throw away a hard disk, they have to take extreme measures to properly sanitize it," Garfinkel says. "If they don't, there's nothing to prevent someone from accessing that information."
What makes this whole scenario even scarier is this sad fact: The information on a hard drive is a lot like Jason in Friday the 13th. You keep on killing it, and you think it's truly gone, but the data are never truly at rest.
"As long as the hard drive is working, there's nothing you can do short of taking a sledgehammer to it to make sure the data are really gone," says Ben Carmitchel of ESS Data Recovery. "For every technology developed to erase the hard drive data, it's our job to counter that."
Erase the Hard Drive Tip#2: Use a tool that has been certified to permanently erase the hard drive data
[Recently, 5 tools have been certified to truly erase the hard drive data, including WipeDrive from WhiteCanyon Software.]
Carmitchel spends his weeks trying to recover hard drives supplied by businesses - drives that have been subjected to fires, floods and lightning.
The process can take 40 to 50 hours for each hard disk and can cost businesses $300 to $2,000. "This isn't the sort of thing that anyone can do," he says.
But many, as Garfinkel and Shelat proved, are getting good at it. Even those non-professionals found that with 51 of the hard drives that were clean, 19 had easily recoverable data.
Erase the Hard Drive Tip #3: Erase hard drive data to reduce help identity theft
The Federal Trade Commission recently reported that complaints about identity theft nearly doubled in 2002. Last week a bill was introduced in the Senate to make the process tougher, partly by shielding information that can be shared on the Internet.
And if you've been keeping up with the news, the almost weekly barrage of images of notable figures on child porn charges relating to images they might have viewed or had housed on their computers points to the potential dilemma shared by millions in terms of deleting data. They did not properly erase the hard drive.
"Anyone who uses the Internet a lot is invariably exposed to questionable images and probably has them still on his or her computer without realizing it," PC World Magazine's Andrew Brandt says. "If you fear you're an enemy of the state, throwing away your hard drive will only get you into more trouble," Brandt says.
"When we arrest a suspect, the first thing we do is confiscate the computer and hand it over to the high-tech forensic team," says Detective Sean Pierce of the San Jose Police Department's Internet Crimes Against Children unit. "They can find anything, even if it has been deleted and reformatted."
Erase the Hard Drive Tip #4: Deleting a file simply tells the computer that area is available for fresh data
That's because when you try to erase the hard drive by simply deleting a file from a computer, what you're really doing is erasing the address from a directory and telling the computer that the area is available for fresh data.
"The data is still available, and the drive writes over it, but not completely," says Martin Parry of hard drive manufacturer Maxtor. "Only recording over this data many times with a random series of ones and zeroes will remove the original."
You could disassemble your computer, try to erase the hard drive and then throw the hard drive away, but as Garfinkel proved, the information is still easy to come by. You could rent a boat and throw it overboard into the Pacific Ocean, "but if it was dug up, it would still work," Parry says. "The surface of the disc has a layer of carbon which acts as a lubricant. Dry it off, and the data will still be read."
If you're still planning on bringing in your old PC to one of the USA's Goodwill Industries stores, think again. "Based on the MIT study, we're reviewing our policies about accepting computers," says Goodwill's Christine Nyirjesy Bragale.
Currently, many Goodwill locations will take only recent-model computers, because the older ones don't sell. And before they go onto the floor, Goodwill deletes all personal data from the hard drives.
But now, "if people's records can be picked up so easily, we'd be a conduit to that," she says. "That raises major concerns."Tagged:
identity theft, data erasure, privacy protection