> The one glaring issue here, is that this machine’s hard drive has not been cleaned out. I bought it from a computer recycling company so I would have expected the hard drive to been erased. But a quick skim of the drive and I can find documents, emails and unfortunately even porn.
This is probably pretty common, and there's so much opportunity for abuse. I can only assume that for all of the security out there, a trip to thrift stores and garage sales would keep your average identity thief busy for very little money.
At the height of bitcoin I wonder if the value of e-waste magnetic storage should have technically been higher due to the possibility of salvaging a lost wallet. Like ore mining, but for data.
I have not exploited this but can say with certainty that it would be an effective means of getting things like online banking credentials. But I imagine a venn diagram of people who have a local wallet and those who wipe or destroy their drive before recycling an old computer is extremely close to a circle.
When I need to destroy a hard drive, I use 1TBSP of Thermite (or stump remover if you go to the local ag supply store). Of course, the drive isn't very useful after, but it's so much fun.
People throw their PCs away. Many places gather "e-waste" in special piles for recycling. Just digging through that pile will get you more than you wanted.
Not that I ever have anything untoward on my computers, but this is why I sledgehammer all my PC drives before recycling them. (My biggest fear is there's enough information to get access to a bank account, or otherwise impersonate me.)
Today, I use whole-disk-encryption on everything, but I still wonder if there's ever a hidden partition or unallocated space with something on it, and it's not worth worrying about it.
This seems unneeded waste, maybe 10 random complete writes (or/and usage of paranoid safe deletion utilities) would be sufficient to erase the disk effectively?
Single pass disk encryption or zeroing is fine if you are not facing a nation state actor.
I do not think I have seen any credible threats that over-written data extraction works on modern drives. Maybe there are tricks where the SSD knows better and allocates blocks off to the side where it is not getting wiped, but those are supposedly addressed by TRIM (with dubious vendor support)
If someone comes across a drive that is zeroed or randomized, who is going to attempt some forensic investigation to retrieve the contents?
I'm not worried about a nation state spending a billion dollars. I'm worried about someone looking at an unalloated section of the drive, or in the sectors that the drive marked "bad", etc.
A low-level 0 write just takes a long time on a drive of even 1TB. So I sledge. And then I can look at the drive and know it's OK to toss.
Zeroing it is fine no matter who you're facing, to be honest.
The NSA don't have some big magic machine that can recover data that's been overwritten. It's gone.
The idea of using some latent amount of data on the disk and somehow averaging it all out to get the old data might maybe have worked a tiny bit on old MFM drives in the 1980s.
That requires connecting the drive to a working computer and hours of time. Compared to several quick blows. The metals in the drive can still be recycled even if the glass platters are shattered.
> Platters are typically made using an aluminium, glass or ceramic substrate. As of 2015, laptop hard drive platters are made from glass while aluminum platters are often found in desktop computers.
> In 1990, Toshiba released the MK1122FC, the first hard drive to use a glass substrate... It was originally designed for laptops, for which the greater shock resistance of glass substrates are more suitable.
The problem I run into when I finally go through my e-waste (usually when moving house) is that I no longer have any devices capable of operating the thing I'm recycling.
The first rule of erasing a drive is you can't erase a drive, whether it's a solid state or hard drive.
If you want or need to render the data on a drive inaccessible by any and all means, there really is no option other than physical destruction of the drive.
Disk encryption has always been advised for mitigating incidental leakage of data, such as stolen laptops or thumb drives that go missing.
But my understanding, both as an industry standard and as common sense (insofar as common as computer literacy is), is that the only true way to ensure data destruction is total physical destruction of the physical medium the data resides on.
No, definitely not. You can either use the SSD's built-in firmware encryption, which is always on anyways (to allow for fast erase), or you can configure your system to send TRIM commands.
OS encryption would prevent controller from understanding what's on the drive and managing it correctly, up to and including effectively disabling trim command as controller would never see blocks as empty.
This is back in days of ocz vertex. It wasn't like advertised / warned on the box, it would work... Just like western digital didn't warn about wd red becoming SMR drive while being advertised for Nas. But it would eventually kill performance and drive. You'd have to read Tom's hardware and anadtech etc to learn about it. I don't really follow anymore so I don't know how nicely os full drive encryption and ssds play today.
FDE doesn't prevent TRIM, but the dm-crypt implementation defaults to disabling TRIM because it has theoretical security consequences. The option to enable it was introduced in Linux 3.1 (2011)
This is probably pretty common, and there's so much opportunity for abuse. I can only assume that for all of the security out there, a trip to thrift stores and garage sales would keep your average identity thief busy for very little money.