You never know what you might find on your second-hand hard disk...
Published: 17 January 2003 11:50 GMT
Two graduates from the Massachusetts Institute of Technology have sent out a warning to all computer users and companies about the dangers of discarding old hard disks.
The almost improbably named Simson Garfinkel and Abhi Shelat obtained second-hand disks containing all manner of files left over from their previous owners - including pornography and more than 5,000 credit card numbers.
One discarded hard drive contained 12 months worth of cashpoint transactions, including bank account numbers.
With a strong market for second hand computers and components, these findings serve as a reminder to all users to keep personal files private and ensure the removal of all data when a PC reaches the end of its life span. Just deleting files, and even formatting a hard drive, is not necessarily enough to wipe a disk's content.
Garfinkel said: "The format command just reads every block to make sure that they still work. To properly sanitise the hard drive, you need to overwrite every block. Lots of people know it is important to clean drives before you repurpose them, but few people do it because it's hard to do."
The pair found that 81 per cent of second-hand hard disks, obtained from shops and online auction sites, still worked perfectly, while 54 per cent of those still contained recoverable files and 37 per cent held important company information.
Perhaps most worrying is that this situation is nothing new. One high-profile incident in 2000 saw merchant bank Morgan Grenfell sell a second-hand computer which contained confidential documents about the company's clients - which included former Beatle Sir Paul McCartney.
At the time Jon Godfrey, co-founder of IT recycler, Technical Asset Management (TAM), said the incident is typical of the lax attitude of many companies when it comes to wiping data.
He warned that these organisations leave themselves seriously exposed to data protection issues as well as business and commercial risks.
Garfinkel and Shelat's findings appear in the latest edition of computer industry journal IEEE Security & Privacy.
To document findings of inspections performed. By sending us your CV, you are explicitly consenting to our processing of your personal data on a ...
Business Analyst. You will have recent experience of working within Bank that issues cards on a First Data platform, as well as developing in-house ...
By sending us your CV, you are explicitly consenting to our processing of your personal data on a computer database and/or in manual files for the ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Nick Heath Your top HR tech priorities for next year revealed How to make human resources IT work for you
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business