You may have heard recent
warnings about protecting your private information when either
selling or dumping your old computer.
It could be as risky as throwing away your wallet with all
your credit cards and personal identification inside.
"Your personal data is at risk when somebody resells a
machine,” said Mark McLaughlin, Computer Forensics
International.
Todd Biathlons has an old computer he wants to give to
charity, but first he reformatted the hard drive and
reinstalled Windows.
"We hope to erase all the data and not have it accessible
to anyone, Biathlons said."
That should do it, right? To find out Todd agreed to let
computer expert Kevin Kranz take a look at the machine. Here's
what he found:
There are old invoices, financial data, a treasure trove
for someone who might have identity theft on his mind.
 |
According to researchers at Carnegie Mellon
University, the ratio of computers that are obsolete to
those that are newly purchased is increasing. The ratio
was formerly 2:3 but by 2005, researchers predict the
ratio to be 1:1.
Instead of dumping outdated computers
in landfills, government agencies and companies are
giving them to schools and other nonprofit
organizations. But before individuals or companies
donate computers to schools or other nonprofits they
first need to ensure that the computer does not contain
any confidential information on the hard drive.
|
|
| |
 Wipe it clean
There are
steps you can do to ensure that your personal data is
safely erased, says Industrial engineer Sonny
Wilson.
"There are some consumer-based software out
there and available. One particular title is
PartitionMagic, and they have something that will
actually shred your file system to where it’s
irretrievable… and typically the cost on that is 25 to
30 bucks,” he says.
According to Global Information
Assurance Certification computer users can also safely
erase their hard drives using:
· Software programs such
as SecureClean. SecureClean allows removal
of sensitive data without formatting the hard drive. It
will permanently remove deleted email, securely remove
files, and remove passwords written to the swap file.
· WipeDrive,
Norton Utilities Wipe, gdisk, or other
secure wipe software. These utilities completely erase
the hard drive regardless of the type of partition. The
programs can be used to overwrite data on the disk
multiple times.
· A high-energy magnet to
erase the drive. This method should be used in
conjunction with a utility such as WipeDrive.
Magnets should be used with care around media that is
not to be destroyed.
· According to Computer
Forensics International you can also properly “shred”
data by using programs like Symantec's WipeInfo.
There’s also a free option that’s
virtually foolproof! There’s the hammer, says Wilson.
“The other recommendation, should you not want to spend
any further money, is to [pull] your hard drive out, hit
it with a hammer, and that way you can be assured that
the data is gone.
Experts also suggest taking a drill and
drilling several holes into your hard drive to make sure
the machine is virtually
useless.
|
|
"It took me
about 35-40 minutes to get this data,” Kranz said."
The list of recovered files takes up pages and pages.
"There's quite a bit of stuff here,” Biathlons
acknowledged. "It's surprising that they were able to get this
much information off of there."
"A file is never really deleted until it's overwritten, and
that's a very fundamental issue in computer forensics,"
McLaughlin said.
McLaughlin is sounding the alarm after he tested eight hard
drives purchased at secondhand shops around the country.
"We found some unbelievable things. Credit card numbers,
social security numbers of celebrities, of Oscar winning
actors."
At a graveyard for government computers, we selected three
discarded hard drives at random and had them tested, and found
undeleted data galore. So, how can you protect your data?
Reformatting doesn't do it.
"It makes the file inactive. But the file contents are
still there,” McLaughlin said.
And while erasing data magnetically helps scramble the
files, even it is not foolproof.
"What they should do first is they should wipe the drive,"
McLaughlin said.
You can buy software that scans the disc and bit-by-bit
overwrites the old data; in other words it replaces the
important stuff with frivolous numbers. It takes anywhere from
3 to 20 passes.
"And when you overwrite it so many times, it's
unrecoverable,” he says.
The software costs about $40.
But the best method for making that data disappear,
according to McLaughlin, is both free and easy.
"What I recommend is taking the drive out of the machine
and taking a drill and running a drill through it several
times."
Whatever it takes, to physically destroy the drive. After
looking over the data retrieved from his old computer... Todd
has some advice for anyone about to pitch a PC.
"I'd find another way of deleting the information before I
gave it away, and I'd know where I'm giving it."
Police and computer forensics experts use software costing
thousands of dollars to recover data.
But simpler software is available in computer stores,
making it possible for just about anyone to be able to see
deleted files hidden on the hard drive.
.gif){kind=spacer}
