April 20, 2005 4:00 AM PDT
Skeletons on your hard drive
There are a number of options for cleansing the drives of unwanted computers, from special wiping software to destruction services to manufacturers' recycling programs. But what many PC owners don't realize, experts say, is that these methods are often not enough.
"For people who want to sell or donate a computer, who are trying to protect their checkbook or medical info, you can expect to protect yourself against all but the most sophisticated attacks with wiping," said Stephen Lawton, the director of marketing at Acronis, a maker of wiping tools, backup and recovery software. "But you have to use the software the right way."
It can be tougher to clean data off a discarded hard drive than many people realize, experts say.
Sensitive data could be left on donated or sold PCs. The only way to erase drives is to use wiping software plus material destruction.
"Even the people who destroy disks will tell you (that) unless you do that correctly, there are always people who can get the data off," he added.
That means that passwords, logins and other personal information could still be lurking on machines that have supposedly been cleaned--a risk that strikes a chord amid reports of laptop thefts exposing sensitive information on thousands of Americans.
Two weeks ago, the National Association for Information Destruction announced that it could not endorse the use of wiping applications alone for deleting data from hard drives. Bob Johnson, executive director at NAID, said the data-destruction industry group would like to be able to recommend the tools, but that tests had left reason to doubt the wiping products.
"Our position, ultimately, was that we will only give our approval to physical destruction of the hard drive," Johnson said. "We know that unless that is done a certain way, even that can be an ineffective approach."
Johnson also distrusts the ability of companies offering mass computer wiping services to have sufficient methods of testing to see if data exists on the drives even after their processes have been run.
Remains of the data
There are signs that people are not aware of the risk from discarded drives. Last year, German encryption technology specialist Pointsec tested hard drives bought on eBay to see if they still carried data and discovered that seven out of every 10 devices it tested still bore readable information.
That study followed similar research published in 2003 by graduate students Simson Garfinkel and Abhi Shelat, who found that only 12 of the 129 working computer hard drives they bought in secondhand stores and on auction site eBay had been adequately cleansed of sensitive data from their previous owners.
"You have all kinds of data being stored in the hard drive, in the Web browser and in application files, and these are all affected by the same problem--you delete something on the computer, but it doesn't really ever get deleted completely," said Garfinkel, a doctoral candidate at the Massachusetts Institute of Technology.
"You have to distinguish between deleting occasional files and truly wiping a machine clean," he added. "There's really a significant difference."
The first step for many people would be a low-level reformatting of the operating system on their PC, even though doing that with Microsoft's Windows or Apple Computer's Mac OS operating systems won't destroy data completely, experts said.
"What we've seen with a lot of clients is that they think that reformatting a drive gets rid of the data, and that's just not true," said Kathy Ferguson, a business unit manager with IBM's Asset Recovery Solutions Group. "In a typical scenario, that only overwrites partitions, or sectors of data. At the end of the day, you can recover that data readily if you have the right tools."
Wiping software is the obvious next choice. Everyone from security giants such as Symantec to freeware vendors such as MXC Software offers applications meant to help people hide the data they once wanted stored on their computers. Most of these technologies revolve around software meant to overwrite the information on the devices with a random series of numerals.
The difference between people who use wiping software correctly to erase their hard drives and those who do not is most often a
48 commentsJoin the conversation! Add your comment