April 20, 2005 4:00 AM PDT

Skeletons on your hard drive

(continued from previous page)

matter of attentiveness, Acronis' Lawton said. By using multiple overwrites featuring different character sets, he said, consumers can approach the same level of protection required by the U.S. Department of Defense. The department requires a minimum of at least four passes with wiping tools, in cases where it does not mandate that a drive is destroyed.

Data-cleaning tips

The only way to completely erase data from a hard drive is to use wiping software and then destroy the drive, experts say. Here are examples of available resources.

Wiping software
McAfee QuickClean 2.0 Promises to clear up disk space and remove unwanted data. Costs $9.95.
Acronis Drive Cleanser 6.0 Acronis' purpose-built disk-cleaning software, sold for $49.99.
Clean Machine Plus 2.0 Made by HFK Creative Enterprises, offers Internet security and wiping tools for $49.95.
Smash 2.0 Includes encryption and decryption utilities plus wiping tools. $24.95.
iSafeguard Freeware 5.0 A version of MXC Software's e-mail encryption and wiping applications, available for free download.
Recycling programs
Apple Computer For a $30 fee, Apple will take back your computers and destroy them.
Dell For $10, Dell will take delivery of old machines for destruction.
Hewlett-Packard For $13 to $34, depending on the equipment, HP will ship and trash your old gear.
IBM For $30, IBM will take your old PCs back and recycle them.
Seagate Technology Provides information on its hard-drive recycling programs.
Lawton believes that taking such a meticulous approach with the software, which could take as long as several hours, often takes more time than most consumers are willing to wait.

"For a consumer who is going to be getting rid of a disk, giving it away or passing it along, if you overwrite seven times, chances are that you're doing pretty well. While a company might look at running a wiping application 35 times," Lawton said. "On the other hand, a fast wipe is pretty insufficient."

The need to keep at it means those people who go to the trouble of employing outside technology to erase their sensitive data could still be doing too little. In general, experts agreed, the best approach in trying to completely erase information is to use a combination of data removal software and material destruction.

"If you've got truly classified info, then you're going to crush or degauss the drive somehow," Lawton said. Degaussing is a form of magnetic storage device cleansing used primarily on large groups of machines by businesses.

All of the major PC makers and most hard-drive makers offer recycling programs where, for a fee of between $20 and $30, they will professionally destroy used devices. Though these programs have traditionally attracted primarily business customers, executives running the programs at Dell and IBM said consumers are increasingly taking advantage of them.

"PCs and hard drives are ripe with information that is sensitive or confidential, so we go to great lengths to make sure everything is destroyed as part of our asset recovery programs," said IBM's Ferguson.

Garfinkel, whose thesis focuses on computer security, chiefly blames companies making operating system software for failing

Previous page | CONTINUED:
Page 1 | 2 | 3

48 comments

Join the conversation!
Add your comment
Sounds like....
... either someoneis trying to dream up a wasted money
business or the so-called security people are totally paranoid.

A triple wipe will not leave useful informationon the hard drive.
Most utilities can execute a wipe (not a reformat or reparttion).
Just do it three times. Even after just one wipe, it takes an expert
with big software and hardware options to extraxt anything from
the n=hard drive.

Smashing the hard drive, and fracturing the disk(s), will make
data recovery almost impossible. (Hammers are cheap, and you
may already have one.) NItric Acid baths also work but a quite
dangerous.

The average person doesn't have information on his hard drive
that is worth the money and time to recover, if either above
procedures are used.

Now, if you pass on a computer or a hard drive without trying to
eliminate the data in it. you're jsut setting your self up. That;s
true enough, and as reported, a lot of the people don't realize
that just a reformat doesn't work. But just a little bit of effort will
leave 99% of the computer users perfectly safe.
Posted by Earl Benser (4310 comments )
Reply Link Flag
My thoughts exactly
Unless you have extremely sensitive information, do a triple
wipe and forget about it.

The part of the story I felt was left out is what it really takes to
recover data from drives. For an unwiped drive, anyone can
undelete the files. For a drive that's been wiped even once it
takes special drivers that will "read between the lines", special
software to piece the bits together, and a lot of time. Not
something that's worth doing for the random chance of finding
the details necessary to drain someone's bank account of a
couple thousand dollars (if you're lucky). For an idea of how
much it costs to do this, check out some of the companies that
recover data that has been accidently erased and see how much
they charge. IIRC wiping three times pretty much eliminates this
type of snooping as a possibility.

Beyond that, you're talking the need for clean rooms to
dismantle the drive, specialized equipment costing hundreds of
thousands of dollars to "map" each platter, specialized software
to reconstruct data, and days to months of work by highly
trained professionals.
Posted by taznar (45 comments )
Link Flag
Or you could do what I do
I run the dang things into the ground, I will not take a drive out of my computer till it totally failed and useless. then I just dump it in a draw with all my other old hard drives. 5 drives.

It also makes it easer when you go to a new computer, if you put your old hard drive in as a slave on the primary IDE, if you forgot to move a file, it is right there on the /dev/hdb drive.
Posted by mpop1 (57 comments )
Reply Link Flag
Lack of knowledge and caring
People in general don't care or don't know that content on a hard drive can easily be recovered. Therein lies the entire problem.

It is hardly difficult to clean an old disk or computer, there are even effective free tools for it. My personal favorite would be DBAN, <a class="jive-link-external" href="http://dban.sourceforge.net/" target="_newWindow">http://dban.sourceforge.net/</a> that allows you to create a bootable floppy or CD, boot from that and then overwrite harddrive content with varying degrees of paranoia employed.

With tools like these available there is no excuse for IT staff etc to allow drives with unerased content to be sold, however.
Posted by lorcro2000 (71 comments )
Reply Link Flag
Agree'd: DBAN works perfectly
Work at a mid-sized law firm and we use DBAN before any drive goes offsite for warranty/destruction. Takes about 30-60 minutes depending on size/speed for a complete D0D wipe.
Posted by 201293546946733175101343322673 (722 comments )
Link Flag
My method is PERFECT!
I don't do anything important.
I don't have any money.
I don't know anybody.

And so consequently, I have nothing to worry about.

It's simple. You should try it.
Posted by (88 comments )
Reply Link Flag
So....
I guess you are a bum? :)
Posted by 201293546946733175101343322673 (722 comments )
Link Flag
Some other ideas
That is, if you actually think people are willing to go to any advanced effort to read your hard drive (beyond, say, using an undeletion tool):

- Just take apart and open up the drive. This should defeat 99.9% of people.
- Fire.
- Sledgehammer.
- Roll over it with your car.
- Drop it in a river.
Posted by (84 comments )
Reply Link Flag
!
Please don't pollute the rivers.
Posted by Sboston (498 comments )
Link Flag
Mine is even better!
Just take some time and a few torx and phillips head bits.
I remove the platters, then I take out the rare-earth magnets and have fun with them! Rest goes into the dumpster (or recycled for metals).

if someone wants the PC, then let them get a new drive.
Posted by Below Meigh (249 comments )
Reply Link Flag
BAKE IT!
I donate at least one computer a year, minus the hard drive.
The hard drive is baked in my BARBECUE for an hour.
then taken and placed on the ground where I pound it with my cement hammer, and then I wrap it, and discard it.(after I transfer everything to my new hard drive)...etc..
Posted by graupma (19 comments )
Reply Link Flag
yumm
Do you marinate it first? :)

(Good idea though)
Posted by Sboston (498 comments )
Link Flag
Lack of knowledge and...
...and wrong marketing. Many "secure deletion" tools out there are marketed as tools for criminals/pirates who need to hide their internet tracks from their wife, children, police and so on... how sad this is...

Secure deletion is useful to protect your (and your users') privacy and has to be used in a LEGAL and POLITE way. In Italy, for example, there's a law (DLGS 196/03) which states that secure deletion is mandatory in certain cases.

DBAN is a very good and powerful tool (and free too), but can only eraser entire disks. Some other products (both freeware and shareware) can erase even single files or folders. My personal favorite is Wiperaser.
Posted by (1 comment )
Reply Link Flag
OH no! The sky is falling...
Most of these comments are wonderful for the minority of people who even know what a hard drive is. Most users don't have a clue. The industry should provide a simple, one click method to destroy the contents of all drives on a machine. Then the clueless will be a bit safer. Actually, safty in numbers is their best bet. I haven't heard of an epidemic of theft due to old hard drives... A little common sences would go a long way in the IT industry.
One even writes about sourcforge. Like my mother is going to go to sourceforge and download programs...!
Posted by TheMidnightCoder (61 comments )
Reply Link Flag
Absolutely NOT !!!!
You put as loaded gun in the hands of an idiot and he Will pull
the trigger!!!!!!
Posted by Earl Benser (4310 comments )
Link Flag
Personnel favorites? No wonder we're offshoring IT.
You guys need to understand the business and people that use technology. Everyone is not a CS Grad you know. IBM ran a great commercial for outsourcing a while back. Remember the shirt company? The CEO was startled the morning meeting was actually going to be about shirts, not IT!
Posted by TheMidnightCoder (61 comments )
Reply Link Flag
Mac OS X with Secure Empty Trash
Mac OS X users already have mechanisms built in to the
operating system to safely erase documents and directories
through the srm command (<a class="jive-link-external" href="http://srm.sourceforge.net" target="_newWindow">http://srm.sourceforge.net</a>) or the
"Secure Empty Trash" Finder menu item.

In its standard form, the feature uses the 35-pass Gutmann
algorithm to erase data.
Posted by (11 comments )
Reply Link Flag
Just run it seven times
at least according to this article. What idioticy. Just use Partition Magic Secure Erase, it's freaken gone.
Posted by sanenazok (3449 comments )
Link Flag
indeed
funny because it also happens to be Apple's tip for today as well!

<a class="jive-link-external" href="http://www.apple.com/pro/tips/secureempty.html" target="_newWindow">http://www.apple.com/pro/tips/secureempty.html</a>
Posted by kaotica (10 comments )
Link Flag
if you're that paranoid...
throw it in a furnace. there won't be anything left of it and no-one is going to put their hand in to find out are they?
Posted by Scott W (419 comments )
Reply Link Flag
remove the drive
Starting in 1973 with my first epson equity computer i have removed the hard drive prior to disposal. the storage disk is removed and physically destroyed.
Most recently i remove the disk and store in a safe deposit box until i decide the contents are not valuable at which time the storage media will be removed and physically destroyed. What is issue with you people? Just pull out the drive and media. If you have decided to "wipe it" you might as well remove it and physically destroy the media.

Am I missing something or are you opposed to thinking and removing things from the "BOX"
Posted by (28 comments )
Reply Link Flag
'Wiping' is not destroying the drive...
... If you're moving the whole computer on, the next user might
need a hard drive. And a wiped drive can be reformatted and
used again. Of course, by the time you do that, the old drive is
awful small.

I can still remember when people would almost kill to get a 40
MBytte hard drive. Today, I toss 80 GByte hard drives as being
too damn small to be useful.
Posted by Earl Benser (4310 comments )
Link Flag
Don't want to have to replace the hard drive
I don't mind opening my computer. I just don't want to have to replace my hard drive before I sell my computer.
Posted by lingsun (482 comments )
Link Flag
Outrageous misinformation for marketing!
Most of this article is complete bunk from beginning to end as a
matter of technical facts, manipulated by companies who want
to sell you their products and services.

I've been recovering data for clients for years - it is extremely
difficult and costly, and only worth it when you know the value
of what you're looking for.

While this is a concern for CIA and celebrities, unless your old
drive says "Property of Paris Hilton" on the case, nobody will try
to recover it if it had been simply formatted prior to disposal - it
is way too much effort to get anything off of it without knowing
what you are even looking for!

If you want to be completely sure, a single pass of 0/1 overwrite
during format is more than enough to be 100% sure nobody can
extract your bookmarks, checkbooks and porn. :)

Shame on CNET for ignorant fearmongering to sell unnecessary
wares !!!
Posted by vlastone (5 comments )
Reply Link Flag
4 times? too paranoidal
Folks,

The hard drive scientists/engineers jump out of their hides just to read the written (not overwritten) data, close to theoretical SN ratio limits. If the data is overwritten once, its remains are well below noise (and the new data is not much above noise), so don't even think about recovering it. Gone are times of 1000 tpi/10000 bpi and inter-track gap data (other than on a floppy, which we're not talking about).
Think about 100000 tpi/250000 bpi. There is no hope to recover data overwritten once, even for big guys like NSA.
Posted by alegr (1590 comments )
Link Flag
Amen
While I'm a Mac guy, and don't know the specifics of formatting software for Windows, the idea that running some sort of "wipe" routine multiple times makes your data "more erased" each time is pure techno-superstition. If a disk format command or wiping applicaiton actually writes random bits to your drive, running it multiple times isn't going to make any difference. If you don't trust formatting software to do what it claims, start the computer from a floppy or CD and copy a large, high-resolution Photoshop image to the drive. Duplicate the file on the desktop, put both files in a folder, and then duplicate that folder. Put those folders in another folder. Rinse and repeat until the drive is full of multiple copies of that single Photoshop image, and all old data is overwritten. Any Photoshop image will do, but I personally recommend a shot of a giant flying bird--your middle finger--as a personal salute to all who attempt to go treasure-hunting on your disk later.
Posted by Tom CyBold (30 comments )
Link Flag
Firefox Leaves no Trail
The only browser that leaves no record of anything you have done on the Internet is Firefox as it purges all information and not deletes the information. If you run undelete program you can't see any of the files from Firefox cache so that there is no information of anything on your hard drive at all. So I recommend you use Firefox in lieu of IE as you have no record of anything on the Internet at all. Most of your information is from the Internet on your hard drive and you don't have to worry about any information on your hard drive at all.
Posted by marvin25 (124 comments )
Reply Link Flag
Yawn
Firefox users just can't stop telling everyone how "secure" it is, but in reality? It is just not as secure and Firefox lovers just choose to "forget" about that fact :)
Posted by 201293546946733175101343322673 (722 comments )
Link Flag
I doubt the "experts" said this...
"The first step for many people would be a low-level reformatting of the operating system on their PC, even though doing that with Microsoft's Windows or Apple Computer's Mac OS operating systems won't destroy data completely, experts said."

Sounds like a high-level format done by the OS to place a file system on the drive and check for bad sectors. Low-level formatting is done with a utility obtained from the drive manufacturer and is completely independent of the OS. LL formats takes hours and hours to complete! Neither format method has anything to do with the partition table either.
Posted by ray08 (64 comments )
Reply Link Flag
PC Inspector File Recovery works great...
I've used PC Inspector File Recovery to look at what used to be on computers that I bought used. It will show you files that can be undeleted. You can also scan the hard drive and see what files it finds. To protect myself when I sell a computer, I copy DVD files to the hard drive until it's filled up and then I delete them. I also delete my personal files first and then run defrag so the files are overwritten. Lastly, I use File Recovery to make sure nothing sensitive can be recovered.
Posted by lingsun (482 comments )
Reply Link Flag
What's that sector you missed?
That only gives partial assurance that you overwrote the sensitive information. Good wipe utilities such as DBAN know no file system structutes and just wipe out everything: data, OS, partition table, etc.
Posted by BFeely (4 comments )
Link Flag
Simple method
... do a fast wipe for all but one large file... fill up your hard drive with copies of that file... then do a bunch of government wipes
Posted by volterwd (466 comments )
Reply Link Flag
Skeletons on your hard drive
Why not keep your hard drives, place them in fire-wire or USB in-closures and save the data like I do. I presently have have 5 desktop drives and one laptop drive connected to my system. I use each drive for something different, pictures, downloads, backups, hidden stuff!!
Posted by (3 comments )
Reply Link Flag
FRANK
where do you find such an enclosure? I have, like you , removed and saved all my old drives. Is there something to just mount them and chain them together for reading and writing?
Posted by (28 comments )
Link Flag
Skeletons on your hard drive
Why not keep your hard drives, place them in fire-wire or USB in-closures and save the data like I do. I presently have 5 desktop drives and one laptop drive connected to my system. I use each drive for something different, pictures, downloads, backups, hidden stuff!!
Posted by (3 comments )
Reply Link Flag
Boot & Nuke
Ever heard of Darek's Boot And Nuke? It's a little program that you put on a floppy or CD-R and then boot off it. It can do very customizable wiping options. It can be found at dban.sf.net
Posted by BFeely (4 comments )
Reply Link Flag
Best Idea
any sensitive information could easily be saved to a floppy... cd-rw... compact flash... dvd-rw... a separate hard drive that you aren't going to sell...

or better yet, stop saving your credit card numbers on your computer. it's not that hard to open your wallet is it?

which brings me to another point, why would someone spend the money and effort to get your credit card info from a hard drive, when they can just punch you and take your wallet?
Posted by Sam Papelbon (242 comments )
Reply Link Flag
Writing Zeros to the drive doesn't work??
Are you (or "they") trying to say that booting to the drive manufacturer's utility diskette and writing all zeros to the drive, will still leave information behind? How can this be, if the drive has been covered with zeros from start to finish?

Secondly, if this does completely erase the drive (as a Western Digital and Maxtor techs have both told me), then why isn't it mentioned in this article? Am I missing something?

If "writing zeros" works, then what's the need for all the programs &#38; software &#38; HDD destruction machines mentions?

I would like someone to show me how to recover any files from a drive that's been "zeroed".
Posted by (1 comment )
Reply Link Flag
Depends on your paranoia level
"Are you (or "they") trying to say that booting to the drive manufacturer's utility diskette and writing all zeros to the drive, will still leave information behind? How can this be, if the drive has been covered with zeros from start to finish?"

If you do this only once, faint magnetic traces of the original data may still exist, and boys with some expensive toys might be able to recover the data. Still, the risk does seem low; it seems like any full wipe of the drive will keep 99% of the bad guys from getting at the information.

Randomly writing 0s and 1s is a better idea, however.

But, if you're not working for the NSA or something like that, I doubt that multiple wipes or DOD standards are necessary. Just don't rely simply on standard formatting or file deletion and you make it beyond the abilities of most criminals, or at least you make it more trouble than it's worth, which is what most security really does anyway.
Posted by (282 comments )
Link Flag
This is exactly how the suspected serial killer "BTK" was caught...
He used a formatted 3.5" floppy disk from his church and put some information on it about one of the murders. Turns out that some of the information that had not been erased when he formatted the drive gave police the ability to find out where the disk came from. There were records from the church stored on that disk. That is the only way they were able to track him down.
Posted by wiles01 (4 comments )
Reply Link Flag
Fear Factor
The facts in the article are technically true but practically false.
1. To do the type of recovery they are talking about on a mechanically damaged drive requires expensive hardware. Not something the casual hacker has lying around.
2. Most wiping software will leave traces on a single pass, but keep in mind, that unless you are keeping structured lists, such as databases, whatever fragments are found will not reassemble in a congnitive way. The statement that 3 or 4 passes is insufficient, is just not true for the average home user. OK... they got three characters of your first name and one of your last name - the "EXPERTS" will claim to have found data on your hard drive! True, but false, as the fragments are unusable.
3. The article discusses "consumers". And who is going to be rummaging through the garbage of the average consumer, searching for hard drives? Which church that you donated the old computer to, is going to spend hours and hours trying to recover fragments of data?

The average consumer is far more at risk from "phishing" schemes, spyware, and other forms of commonly occurring identity theft, than they will ever be from hard drive scavengers. Several stories have been reported in the past couple of weeks where MILLIONS of sensitive consumer records were stolen from sizable corporations.

Hard drive scavenging? It is like comparing the odds of breaking your pencil to the odds of getting run over by a chariot... relax.

So why all of the "Expert" testimony?
To scare the "average consumer" and make money.

Tell you what... you go to a service and pay $20 to $30 to have your drive cleaned up? I'll do it for $18. You'll have enough left over to buy yourself an ice cream.
Posted by mpmacal (18 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.