Search

Subscribe

Enter your email address below to subscribe to our privacy and security newsletter.



Name:
Email:

Menu

• Home
• Business/Corporate
• Computer Security
• Digital Signatures
• Encryption
• Firewalls
• Intrusion Detection
• Just Plain Silly
• Personal Security
• Privacy
• Residential Security
• Security Blogs
• Security Consultants
• Spam/Anti-Spam
• Training
• Uncategorized
• Viruses
• Wireless Security

Secrets That Hard Drives Can Hold

By Ian Scott

What do you do with old hard drives? Toss them out? Sell them to a friend? Stick them in another computer?

Looks like someone decided to sell an old hard drive on E-Bay. Problem was, once the purchaser received the hard drive, he discovered that it contained sensitive police data. It seems that this hard drive was once owned by the Brandenburg police in Germany.

And someone sure goofed up. The data on this hard drive, according to Channel Register “contained, according to Spiegel, internal alarm plans on how the Police should handle “specific incidences” such as hostage or kidnapping situations, gave contact names of who to contact in the crisis management group, and tactical orders and analysis of political security situations.”

OK, so your hard drive doesn’t contain information about dealing with kidnap situations or national secrets, but in all likelihood, it does contain personal information that you probably don’t want others to find.

Just what sort of information? Personal records, names of children, pictures of your children, business and personal email, and lots of stuff that someone who had access to could use in some way against you.

“Ah, but I deleted everything!” Well, not really. What you’ve really done when you delete a file is simply remove the information about where on the drive it is stored. It’s still there and there are many tools available to extract those files, even though they were “deleted.”

If you have really sensitive files that you want to be sure are no longer on the drive, you should use a utility that will “shred” the file or wipe it from the disk. And even then, there’s no guarantee that the data is completely gone.

Another option is to encrypt your data using PGP or GPG. Of course, you’ll want to make sure that your private key has been wiped from the drive, and that your passphrase is strong.

Another option which I prefer, and which is cheap, is to destroy the hard drive. Smash the hard drive with a hammer, and then torch it. True, you won’t have a hard drive to sell, but is the fifty bucks really worth the privacy you may lose by doing otherwise? Maybe I’m just paranoid about some things, but better to have some kind of policy than none at all.

What are your preferred methods for hard drive disposal?

Read more in: Privacy |

© SecPriv.com | About/Disclaimer | Privacy Policy