You never know what you might find on your second-hand hard disk...
Published: 17 January 2003 11:50 GMT
Two graduates from the Massachusetts Institute of Technology have sent out a warning to all computer users and companies about the dangers of discarding old hard disks.
The almost improbably named Simson Garfinkel and Abhi Shelat obtained second-hand disks containing all manner of files left over from their previous owners - including pornography and more than 5,000 credit card numbers.
One discarded hard drive contained 12 months worth of cashpoint transactions, including bank account numbers.
With a strong market for second hand computers and components, these findings serve as a reminder to all users to keep personal files private and ensure the removal of all data when a PC reaches the end of its life span. Just deleting files, and even formatting a hard drive, is not necessarily enough to wipe a disk's content.
Garfinkel said: "The format command just reads every block to make sure that they still work. To properly sanitise the hard drive, you need to overwrite every block. Lots of people know it is important to clean drives before you repurpose them, but few people do it because it's hard to do."
The pair found that 81 per cent of second-hand hard disks, obtained from shops and online auction sites, still worked perfectly, while 54 per cent of those still contained recoverable files and 37 per cent held important company information.
Perhaps most worrying is that this situation is nothing new. One high-profile incident in 2000 saw merchant bank Morgan Grenfell sell a second-hand computer which contained confidential documents about the company's clients - which included former Beatle Sir Paul McCartney.
At the time Jon Godfrey, co-founder of IT recycler, Technical Asset Management (TAM), said the incident is typical of the lax attitude of many companies when it comes to wiping data.
He warned that these organisations leave themselves seriously exposed to data protection issues as well as business and commercial risks.
Garfinkel and Shelat's findings appear in the latest edition of computer industry journal IEEE Security & Privacy.
Through questioning fully understand, and record, the severity of the incident ? Correctly identify the nature of the incident in order to ensure ...
Identify, document and hand over frequent or repetitive administrative or incident diagnosis tasks to 2nd level admin/support team where necessary to ...
Mechanical Designer - Hand Held Devices, Kent My client are a leading developer of measurement technology in various markets including telecoms and ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy