Removing a hard drive
One could also download GParted from here GParted -- Download
Burn to CD, then format your HDD to (say) the Apple format - MAC OS Extended (Journaled) and then reformat it back to FAT or NTFS.
This would only take a minute and you would have a useful partitioning tool for later use.
Burn to CD, then format your HDD to (say) the Apple format - MAC OS Extended (Journaled) and then reformat it back to FAT or NTFS.
This would only take a minute and you would have a useful partitioning tool for later use.
Join Date: Jun 2001
Location: Rockytop, Tennessee, USA
Posts: 5,898
Likes: 0
Received 1 Like
on
1 Post
One could also download GParted from here GParted -- Download
Burn to CD, then format your HDD to (say) the Apple format - MAC OS Extended (Journaled) and then reformat it back to FAT or NTFS.
This would only take a minute and you would have a useful partitioning tool for later use.
Burn to CD, then format your HDD to (say) the Apple format - MAC OS Extended (Journaled) and then reformat it back to FAT or NTFS.
This would only take a minute and you would have a useful partitioning tool for later use.
As Simson Garfinkel (didn't he do Bridge Over Troubled Water?
) writes about some used drives he bought well over a decade ago:
In all, I bought and analyzed the content of more than 150 drives with the help of Abhi Shelat, another graduate student at MIT's Laboratory for Computer Science. We found that between one-third and one-half of the drives still had significant amounts of confidential data, even though many had been through a Format or FDisk operation. On another third, someone had deleted the document files but left the applications behind. It was a simple matter to undelete the data files and retrieve their secrets as well.
In fact, only 10 percent of the drives I purchased had been properly sanitized.
Much of the data we found was truly shocking. One of the drives once lived in an ATM. It contained a year's worth of financial transactions—including account numbers and withdrawal amounts—from a organization that had a legal requirement to not divulge such information. Two other drives contained more than 5,000 credit card numbers—it looked as if one had been inside a cash register. Another had e-mail and personal financial records of a 45-year-old fellow in Georgia. The man is divorced, paying child support and dating a woman he met in Savannah. And, oh yeah, he's really into pornography.
In fact, only 10 percent of the drives I purchased had been properly sanitized.
Much of the data we found was truly shocking. One of the drives once lived in an ATM. It contained a year's worth of financial transactions—including account numbers and withdrawal amounts—from a organization that had a legal requirement to not divulge such information. Two other drives contained more than 5,000 credit card numbers—it looked as if one had been inside a cash register. Another had e-mail and personal financial records of a 45-year-old fellow in Georgia. The man is divorced, paying child support and dating a woman he met in Savannah. And, oh yeah, he's really into pornography.
I've had similar discoveries recently on refurbished computers using common consumer level data recovery software purchased for under $50.
One refurb AMD CPU desktop of the Windows 7 era was apparently used at the nurse's station in a hospital ICU with gigabytes of patient medical data and billing information. Many of the records appeared to be copies of paper files scanned into .pdf documents. Examining the disk with a hex/ASCII viewer, it appears that part of the disk was overwritten with 'random' data, a manufacturer's OEM version of Win 7 was installed and the machine was certified as seller refurbished. I'm not sure if the overwrite was interrupted or was done just enough to allow hidden OEM recovery partitions for the 'clean' Win 7 installation. Whatever the case, a massive amount of HIPPA sensitive data was still recoverable on the drive.
There are many data erasure utilities for hard drives but in general they are not well vetted in my opinion and often use proprietary techniques that may not even work on newer drives as the storage architectures have gone from megabytes to gigabytes to terabytes in home and office computers.
Claims of 'military grade encryption' protecting your data are always suspect, for example:
Western Digital's hard drive encryption is useless. Totally useless
Rookie errors make it child's play to decrypt data
By Iain Thomson in San Francisco 20 Oct 2015 at 21:59
The encryption systems used in Western Digital's portable hard drives are pretty pointless, according to new research. It appears anyone getting hold of the vulnerable devices can easily decrypt them.
WD's My Passport boxes automatically encrypt data as it is written to disk and decrypt the data as it is read back to the computer. The devices use 256-bit AES encryption, and can be password-protected: giving the correct password enables the data to be successfully accessed.
Now, a trio of infosec folks – Gunnar Alendal, Christian Kison and "modg" – have tried out six models in the WD My Passport family, and found blunders in the software designs.
For example, on some models, the drive's encryption key can be trivially brute-forced, which is bad news if someone steals the drive: decrypting it is child's play. And the firmware on some devices can be easily altered, allowing an attacker to silently compromise the drive and its file systems.
Rookie errors make it child's play to decrypt data
By Iain Thomson in San Francisco 20 Oct 2015 at 21:59
The encryption systems used in Western Digital's portable hard drives are pretty pointless, according to new research. It appears anyone getting hold of the vulnerable devices can easily decrypt them.
WD's My Passport boxes automatically encrypt data as it is written to disk and decrypt the data as it is read back to the computer. The devices use 256-bit AES encryption, and can be password-protected: giving the correct password enables the data to be successfully accessed.
Now, a trio of infosec folks – Gunnar Alendal, Christian Kison and "modg" – have tried out six models in the WD My Passport family, and found blunders in the software designs.
For example, on some models, the drive's encryption key can be trivially brute-forced, which is bad news if someone steals the drive: decrypting it is child's play. And the firmware on some devices can be easily altered, allowing an attacker to silently compromise the drive and its file systems.
