I found this today,and thought it is a good read also...
‘Erased’ hard drive can still reveal data
By JEFFERSON GRAHAM
USA TODAY
Imagine this chilling scenario: You buy a new PC and donate the old one to charity, knowing you've protected your privacy by deleting all your old files — or better yet, reformatting the hard drive and wiping it clean.
Yet you later discover you're a victim of identity theft: Your Social Security number, driver's license ID, credit card account information and tax records all were retrieved from the old hard drive.
Far-fetched? Not really, Simson Garfinkel said. The privacy expert and MIT grad student recently bought 158 old hard drives on eBay as an experiment with fellow student Abhi Shelat to see how much data was recoverable. Their findings: More than 5,000 credit card numbers, financial and medical records, personal e-mail and pornography were easily obtainable on the drives.
"People need to understand that when they throw away a hard disk, they have to take extreme measures to properly sanitize it," Garfinkel said. "If they don't, there's nothing to prevent someone from accessing that information."
What makes this whole scenario even scarier is this sad fact: The information on a hard drive is a lot like Jason in "Friday the 13th." You keep on killing it, and you think it's truly gone, but the data is never truly at rest.
"As long as the hard drive is working, there's nothing you can do short of taking a sledgehammer to it to make sure the data is really gone," said Ben Carmitchel of ESS Data Recovery.
Carmitchel spends his weeks trying to recover hard drives supplied by businesses — drives that have been subjected to fires, floods and lightning. The process can take 40 to 50 hours for each hard disk and can cost businesses $300 to $2,000. "This isn't the sort of thing that anyone can do," he said.
But many, as Garfinkel and Shelat proved, are getting good at it.
Retrieving data from a hard drive is relatively easy to do because when you delete a file from a computer, what you're really doing is erasing the address from a directory and telling the computer that the area is available for fresh data.
"The data is still available, and the drive writes over it, but not completely," said Martin Parry of hard drive manufacturer Maxtor. "Only recording over this data many times with a random series of ones and zeroes will remove the original."
Securing your data
Here are some suggestions to make sure data on hard drives is secure:
Software utilities. “Privacy expert Simson Garfinkel recommends Access Data’s $39.95 WipeDrive program (
www.accessdata.com) to clean your hard drive or, for specific files, Norton Systemworks ($69.95,
www.symantec.com), which includes the Norton Clean Sweep program.
Use an external hard drive for your sensitive information. “Maxtor has 80 to 250 GB portables recommended just for that.
Take your hard drive to a professional data-recovery service and ask them to sanitize it for you.
Use a sledgehammer, “because the only way to really be sure is to destroy the disk,” said Martin Parry with hard drive maker Maxtor.
/t\ Wheres my sledgehammer!! /t\
More info...
Linear Mode
