Dead disks yield live information

The Information Security Research Group at the University of Glamorgan forensically recovered personal and corporate information from disks bought off eBay, on account of BT and Life Cycle Services. An article titled ‘Dead disks yield live information’ has appeared in ‘The Guardian’ detailing the findings and statistical information derived from the analysis.

It would be wise for users to forensically wipe their drives when selling or giving away any device with a hard disk drive.

A good example is that of Apple Mac OS X which allows for secure deletion either when installing a fresh system or from within the system with the use of diskutil .

diskutil secureErase freespace 2 /

There are multiple levels of secure deletion: 1 – Single pass randomly erase the disk, 2 – US DoD 7 pass secure erase, 3 – Gutmann algorithm 35 pass secure erase. Now that is what I call a good selection of algorithms.

People with more experience can comment on other utilities which do securely wipe drives. It is commonly known that not all programs that claim to wipe hard disk drive do actually wipe them.

 

Links used:

‘Dead disks yield live information’, The Guardian – http://technology.guardian.co.uk/weekly/story/0,,1840396,00.html

diskutil man page – http://www.hmug.org/man/8/diskutil.php

This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to Dead disks yield live information

  1. Mike Lloyd says:

    Good article in the Guardian, apart from the “Web searches, phone
    numbers of employees, email conversations with family friends and
    details of their daughter’s boyfriends – all spilled onto the
    university computers.”

    It is the ‘all spilled onto University computers’ which concerns me. I
    know that all the receovered data is kept fully secure.

  2. I think the reporter was having a ‘writer’s moment’ and added some humour to the whole picture. Having ordinary people’s information being recovered in a University’s research lab is not the best thing, especially when it is happening without that person knowing about it.

    As far as the recovered information is concerned, I am sure it was correctly and safely wiped from the drives.

Leave a Reply

Your email address will not be published. Required fields are marked *