Developing: Pakistani Plane Escorted by UK Fighter Jets — 2 Men Arrested
Doc Thompson’s 24-hour radio marathon, ‘#24forok,’ continues until 9 am ET — Listen Live!
Four Things You Need to Know About Wiping Personal Data From Used Devices Before You Get Rid of Them
(Photo: Flickr/misterjt)
Do a quick inventory in your head: how many old computers, cellphones and smartphones do you have stashed in your basement or dumped in a desk drawer that you don’t intend to use because they’ve been replaced with the latest and greatest model?
Perhaps you haven’t gotten rid of these devices because you’re aware of the personal data is still enclosed within their hard-drives and memory cards. If you have sold, recycled or thrown away systems such as this, though, did you take the proper steps to remove this data?
There’s plenty of people who haven’t. And that poses a problem.
Your Data at Risk
It the type of story that shows up almost annually, a person buys a couple dozen devices on eBay, finds loads of personal information still on them and shocks the country with the details people carelessly threw away.
In fact, earlier this year Robert Siciliano, a personal security expert, did just this. He purchased 20 laptops, desktops, netbooks, notebooks, tablets, Macs, and mobiles through Craigslist. Of these, three had not been wiped at all. This means any personal information could be easily gleaned from the devices.
Data security expert Joshua Marpet, founder of the Delaware-based digital forensics company Guarded Risk who was once in law enforcement in Louisiana, said in an interview with TheBlaze that while the odds of becoming the victim of identity theft through these devices is not necessarily high, it’s not unheard of. You have to consider the severity of the losses if your data were to be maliciously obtained, he said.
From these devices, information such as your social security number, home address, preferred banking institution, mother’s maiden name, photos, personal correspondence, GPS location and more can be found. Combinations made from this information could lead to nefarious activities such as creating credit cards in your name or even robbing your physical home while you’re known to be away.
“I don’t think people realize exactly the kind of data that is on your hard drive and how people can recover it,” David Sun, founder of the D.C.-based SunBlock Systems, a computer forensics firm, told TheBlaze.
(Photo: Shutterstock.com)
Sun said that through these devices criminals are marking their targets for identity theft using “very little time, effort and money.”
What You Can Do
You may not realize it, but it doesn’t take an IT expert to properly dispose of data and then get rid of your devices. Sun said cost is generally minimal and sometimes free.
Here are four things you need to understand about cleaning your system of data before you sell, recycle or donate your device:
- Deleting Is Not Erasing: As Mark Herschberg, an MIT graduate in cryptography who works for the tech consulting company FreelanceCTO, puts it “throwing out files form your filing cabinet into a dumpster may make them inaccessible to your filing system, but anyone who digs through your dumpster can put the pages back together and read your data.”
- Ditching the Hard Drive: When possible, you can remove the hard drive from your device completely. This will render the system unusable until a new hard drive is installed, but it does take care of the data issue. You can either destroy the hard drive or save it if some information is still valuable to you and worth maintaining.
- Shred Your Data: If you want the hard drive to remain intact and within the device, you can actually wipe the drive of your personal information that has accumulated over the years. One of the techniques Sun describes as a “Boot and Nuke,”such as Darik’s Boot ‘N Nuke, which is “somewhat easy” for the average user. Here’s essentially how it works: You download a program, burning it onto a CD. Booting up your computer with this program inserted, the software allows your computer to run off of its own operation system, instead of running on your hard drive. As Sun pointed out, if your hard drive were being used, you couldn’t wipe it. At this point, you follow the “nuke” steps to clear your hard drive of data. This final step could take hours to overnight depending on how much there is. This video shows how to use a program like this to wipe your hard drive:
- Cellphones and Smartphones: When it comes to smartphones, though, wiping data is a bit trickier. You can take out the phone’s SIM card, but there is still internal memory on the phone itself. Sun said that the smartphone industry has gotten smarter realizing the need for including a function that can clear phones of your personal information. Sun credits BlackBerry as being the first smartphone to allow for data wipes. Many smartphones also have functions that if your phone is stolen you can remotely clear the data. Some of these embedded and remote wiping functions conduct a factory reset.
There are always exceptions to the rule when it comes to wiping data, especially with cellphones and smartphones. For example, Siciliano says wiping Android devices might not eliminate all collected data, which he considers a “serious flaw.” But the extent to which a factory reset of a phone will wipe internal memory can be device specific, and even some providers, like T-Mobile, have said that users may need to specify the exact extent to which they want data deleted in these resets.
Even with these few exceptions where some amount of data could remain, most factory resets and wipes are “good enough” and would require forensic toolkits or highly specialized techniques to retrieve information. As for computers, as Sun points out, the “Boot and Nuke”-type wipes often overwrite hard drives seven times, which is the amount required by the Department of Defense for its devices.
If you have any more tips for clearing your devices of data before you get rid of them, share them in the comments below.
Featured image via Shutterstock.com.
Benghazi, IRS, AP...What's next? Only TheBlaze TV offers the truth from Glenn Beck, Andrew Wilkow, and Real News from TheBlaze. Get instant access and a free trial here.
Comments (49)
Sign In To Post Comments! Sign In
Popular Stories
John McCain Lectures Tea Party Senator on How ‘Business’ Gets Done in Congress: ‘That’s What We’ve Been Doing for a Couple Hundred Years’ 571 Comments
Boy Scouts of America Vote to Allow Gay Members 509 Comments
Pope Francis’ Sermon Sparks Debate: ‘Even the Atheists’ Have Been Redeemed ‘With the Blood of Christ’ 489 Comments
Obama Doesn’t Return Marine’s Salute, Shakes Hand Instead — Is This a Protocol Misstep? 367 Comments
Piers Morgan Bans Dana Loesch From His Show Following Twitter Spat: ‘Show Some Bloody Respect’ 334 Comments
Faith
-
Game-Changing Bombshell? There’s a Major Twist in the Story About a High School Student’s Lesbian Relationship With a Minor
271 Comments
- Is the Boy Scouts’ Gay Amendment the ‘Beginning of the End’ for the Group? (Plus: Tell Us Where You Stand) 252 Comments
-
MSNBC Hosts Martin Bashir and Chris Hayes Claim London Machete Killers Aren’t Terrorists: ‘These Are Just Murderers’
144 Comments
-
Did You Catch the Possibly Policy-Changing Ft. Hood Reference in Obama’s Terror Speech?
Read More
-
Dem. Rep. Apologizes for Attending ‘Racist, Anti-Semitic and Homophobic’ Speech
Read More
Business
-
Have You Had Scotch at a NJ TGI Friday’s Lately? You Might Have Been Drinking Rubbing Alcohol
Read More
-
Venezuelan President Blames Toilet Paper Shortage on the Rich
Read More
-
This Terrible Chart Shows the Change in Food Stamp Participation Over the Last 10 Years
Read More
- Disney Makes Absolutely Mortifying Photoshop Mistake Read More
-
Trey Gowdy at It Again — This Time with a Jack Bauer Reference!
117 Comments
Technology
-
LOOK: Woman Claims to Have Photographed UFO in California
Read More
-
Lion Named ‘Bonedigger’ and Small Dog Make Most Unlikely Companions
Read More
-
Rocket Bike Sets Land Speed Record — and Uses a Fuel You Wouldn’t Expect
Read More
-
How 3D Printing Technology Created a Special Part for Baby’s Windpipe and Saved His Life
Read More
-
6 Fascinating Spy Gadgets You’ll Probably Want (and Can Have) After Seeing
Read More
Submitting your tip... please wait!
applehill
Posted on October 11, 2012 at 7:13pmI work for a defense contractor. They use to just hit them with a hammer and throw them in the trash. When I came on, I told them about DBAN and the importance of using it. After we run DBAN, we then hit them with a hammer… Repeatedly… Until they are warped or shatter. Over kill is better than not doing enough.
Report this comment
tomf
Posted on October 11, 2012 at 6:19pmUnless the platters in the hard drive are completely destroyed, data can be recovered. Platters can be glass or metal. Glass ones will shatter into little pieces or throw into a fire and burn till nothing is left. Metal ones are sanded and burned in a wood fire till they are warped and well charred. The case is aluminum and goes to the recyclers for cash.
The circuit board goes in the trash
Anything with memory that is not completely wiped goes in the hammer mill itty-bitty pieces. or into the wood fire to be burned and melted.
I tend to use electronics until it fries. and then replace it. So a lot of data is unrecoverable. by normal means.
Report this comment
Fubared
Posted on October 11, 2012 at 6:51pmI tend to do the same; then soak it in beer, then shoot the electronics repededly and give it to the 0 campaign. Fun all around.
Report this comment
stumpy68
Posted on October 11, 2012 at 6:00pmI find a 12gauge slug through a computers hard drive
does a fairly good job.
Report this comment
hugo65hsv
Posted on October 11, 2012 at 5:36pmThere are plenty of utilities available from hard drive manufacturers at no cost.. You boot from a floppy or usb drive run the utility to perform a low level format of the drive.. This set’s all bits in all sectors to 0.. It can take several hours but no data at all is retrievable.. Indices and data wiped clean..
Report this comment
Ragnar Danneskjold
Posted on October 11, 2012 at 5:01pmNot only computers and cell phones, but copying machines.
http://www.cbsnews.com/8301-18563_162-6412439.html
Report this comment
glckgrl
Posted on October 11, 2012 at 4:54pmI was just about to donate an old computer to Goodwill. Now I will take the hard drive to the range instead. Not that I need an excuse to go shooting!
Report this comment
Former_Road_Finisher
Posted on October 11, 2012 at 4:45pmHad a brand new backup hard drive fail to spin up days later after I had done a complete backup. No way was I going to return that drive for a warranty replacement. I would smash it to bits with a hammer first.
The good news, I found out that the header plug had bent pins and was able to bring it back to life with a $10 part.
Report this comment
ObamaForward_OverTheCliff
Posted on October 11, 2012 at 4:35pmThe Screen Saver’s Kevin Rose MELTS his hard drive with THERMITE to DESTROY any and all data:
http://www.youtube.com/watch?v=4PKB5nnHGAk
(kiddies, don’t do this at home)
Report this comment
ThatCatGirl
Posted on October 11, 2012 at 4:13pmdrill holes thru the platen.
Report this comment
MaximumBobby
Posted on October 11, 2012 at 4:26pmI do this at the gun range ;)
Report this comment
mbck1491
Posted on October 11, 2012 at 2:58pmYou would be surprised how well a simple hammer and a little physical labor on the hard drive will do, making the hard drive flat as a pancake. I don’t think anyone will be getting any info off that.
Report this comment
KickinBack
Posted on October 11, 2012 at 4:02pmIf you have access to a drill press, that works great on hard drives as well.
Report this comment
blair152
Posted on October 11, 2012 at 2:45pmI just have a cellphone.
Report this comment
babylonvi
Posted on October 11, 2012 at 1:23pmIt’s fun to completely disassemble the drive, remove the platters, run a bulk tape eraser over them(and those neat rare earth magnets) and trash anything else. A plus is that my bird LOVES to look at himself in those really shinny mirrors.
Report this comment
paul1149
Posted on October 11, 2012 at 12:06pmThere’s a way to finesse this problem. If you don’t want to take a resale hit on the value of your machine, manually delete all user files. Then set up a new administrative account. From that account, delete your old account, with the option to delete its files and settings also.
Empty the Recycle Bin. Then use a program such as Eraser or CCleaner to wipe the EMPTY space on the drive. You’ll end up with 99% of your data gone (the possible exception being in the registry), and a fully usable computer to resell.
Report this comment
Pontiaku
Posted on October 11, 2012 at 12:30pmI second CCleaner. Even for general use such as disabling start up apps and cleaning the registery.
Report this comment
joe.attaboy
Posted on October 11, 2012 at 2:18pmBad idea. If you have the original Windows installation or recovery disks, you are better off slicking the drive with DBAN and handing over the system with the blank drive and install disks. Your idea won’t work completely, because there is plenty of user data left on the drive even after removing an account. In fact, give me an hour with that system and I’ll bet I can recover everything you deleted.
Report this comment
OhioRifleman
Posted on October 11, 2012 at 2:38pmI second Joe Attaboy on this one. I used to do deleted / formatted drive recovery back in the Win98 days, and if I felt like it, I could retool myself to do it in less than a week in the here-and-now.
R-Studio, the main program I used for recovery, costs less than $100 and will easily recover what you deleted. It is even common-user friendly with a little effort.
If you want data gone, I recommend these steps:
1. DOD-wipe the drive (DBAN as listed above does this function)
2. Remove the hard drive from the computer
3A: Retain the hard drive in storage somewhere in your house, or bury it in an inconspicuous location below the frostline for your area.
3B: If you have a decent shooting range, use a heavy weapon to shoot up the hard drive. I recommend something with mass behind it, 30-caliber rifles, .357 Magnum, .44 Magnum, .45 Auto, similar. I do not recommend using lighter weapons due to the chance of fragmentation or ricochet.
3C: Disassemble the hard drive (most hard drives use a #9 or #10 Torx bit to disassemble), remove the platters, and use them as reflective sun-catchers in your garden to scare away birds and animals.
Obviously, 3B is my preference for final disposal. It’s a little hard to spin up a platter when it has a half-inch crater in it from a passing .357 round.
Repeat after me, class: there is no kill like overkill.
Report this comment
The-Monk
Posted on October 11, 2012 at 5:26pm@OhioRifleman
I like to leave to data on used HDD’s I get, remove the platters and make wind chimes with them.
When I hear them I think of….. “peoples data blow’n in the wind”.
Report this comment
Pontiaku
Posted on October 11, 2012 at 5:56pm[ give me an hour with that system and I’ll bet I can recover everything you deleted.]
He’s not just deleting… He’s overwriting…
You guys are overly paranoid. Any hard disk manufactured after 2001 only needs to be overwritten once with zeros to sufficiently destroy the data. No lab would waste time, money, and resources trying to recover that unless it was Osama’s hard drive. Even then the data would be junk. Most file recovery is done on files that were deleted, not overwritten. Basically deleting files is like removing them from the index of a book which will be reused when new data is written on the pages.
Report this comment
xwabodj
Posted on October 11, 2012 at 11:05amUse bcwipe. It’s free. It will completely wipe your hard drive. Most people don’t understand that there is a physical and a logical side to the hard drive. When you delete files, you’re affecting the logical side, but you don’t actually do anything to the magnetic (physical) side. If the magnetic (1s and 0s) part of the hard drive is not deleted, then data can be retrieved.
If you just dump the hard drive in water, or shoot it, or burn it, or reformat it, the data can still be retrieved. I remember reading a story in the AF Times about the OSI retrieving data from a hard drive that had been dismantled and the platters were burned and cut into little pieces.
If you want to keep your information from falling into the wrong hands when you sell your computer, then simply run a wiping program.
Report this comment
Mikev5
Posted on October 11, 2012 at 11:40amWell you are a little over the top on that
That is by a very special team of dedicated pros with some special tools even then your best retrieval would be 30%
Most info thief’s don’t have access to such special tools just take a hammer to the drive will do it nicly.
Stop scarring the children Dude
Report this comment
razhunter100
Posted on October 11, 2012 at 11:03ambig magnets…
Report this comment
RRFlyer
Posted on October 11, 2012 at 12:42pmRAZHUNTER100 Please don’t post these links. It has nothing to do with anything except to show your ignorance. consider it reported
razhunter100
Posted on October 11, 2012 at 12:47pmRRFlyer,
you know where you can shove it …dont you.
Report this comment
razhunter100
Posted on October 11, 2012 at 2:28pmweather and moon etc pics
http://www.youtube.com/watch?v=p1Xq_hYIfEE&feature=plcp
3:38 nice moon pics…statue , don’t know. is something.
Report this comment
disque-0-duc
Posted on October 11, 2012 at 11:01amSimple, nuke and pave the hard drive using re-partitioning and low-level formatting. You don’t need any additional software, all you need is Windows.
Report this comment
joe.attaboy
Posted on October 11, 2012 at 2:21pmYou don’t need to low-level format a drive these days. DBAN will destroy everything, will remove all partitions and will do an NSA-level data wipe that will overwrite the drive a minimum of seven times after deleting the data, the partitions tables and the file allocation tables. Low-level formatting is a waste of time except in the most egregious cases.
Report this comment
Tigress1
Posted on October 11, 2012 at 10:54amKeep an eye on repair technicians. I had one guy come to the house due to computer problems, who said we needed to replace the hard drive. It was still under warranty, so there would be no charge. I told him I wanted to keep the old one and he said OK. When he was finished with the job I kept an eye on him and he just casually put the old hard drive in his pile of stuff clearly intending to take it with him. I reminded him that I wanted to keep it, he apologized saying “Oh, I forgot.” Uh huh. Yeah. Maybe, maybe not. Just sayin’…
Report this comment
disque-0-duc
Posted on October 11, 2012 at 11:04amPeople are too trusting with their computers. Never let a tech get access to your data while alone. Never leave your computer at a repair center. If you store sensitive financial information or other identity info on your PC and you do not learn how to do basic maintenance and trouble shooting you are at the mercy of a lot of bad people out there.
Report this comment
OldGeek72
Posted on October 11, 2012 at 12:36pmI’m the owner of a computer repair company. I’m now a senior citizen as well and I’m out in the field every day. If you don’t trust me (I’m bonded) then don’t call me. I’m sure the kid that stuck the hard drive in the pile of ‘to-go’ stuff was doing it out of habit, almost nobody asks to keep the drive. In some cases, you can’t keep the drive without extra cost (Dell/HP contractor). That’s where I introduce a simple thumb to the system after I’ve transferred their data and thanks an old virus, everything is scrambled including the bootsector.
If you donate or sell your PC – keep your hard drive, they really are dirt cheap and make fun shotgun targets. I’ve got a contract where I physically tear the drive apart and shread the plate (from a major bank). My grandkids love the magnents. Don’t deal with smartphones (yet). Tablets are a easy wipe too.
Report this comment
JediKnight
Posted on October 11, 2012 at 1:30pmYeah, most people don’t want their drive, so they have no problem with a repair tech taking the old one. I don’t even bother explaining to people why they should keep their old drive (deer in the headlights look usually follows) and I do offer it to them.
I pull the drives out of every system that I either throw away or give away. If they want a full system, the drive gets a triple wipe.
Report this comment
Tigress1
Posted on October 11, 2012 at 1:33pmOldgeek72, I might have trusted him a little more if he didn’t look like a burned-out old hippie from the 1960′s. (long ****, etc.) I really didn’t have any choice in who came out. He was sent from the computer company. I’m surprised the companies would even want to take the hard drive. Wouldn’t this set themselves up to some kind of liability if there was a theft? (The technician can verify to the company that the problem was in the hard drive without keeping it.) Also, I’m surprised more people don’t ask to keep it if all this info. is left on it.
Report this comment
OldGeek72
Posted on October 11, 2012 at 3:38pmTigress1: Yes, you could set youself up for a fall. That’s why I’m bonded, just like the plumber. When I do take a PC, often because of a very nasty virus, I have a contract that states my liabilities and theirs. If I recycle a PC, I make sure to offer the drive, even so I take it out there. If they don’t want it then it either gets pulled apart with tools or a 30-odd. As for the 60′s hippy… that may have been me ;) A year ago I was standing on a busy downtown sidewalk with a cup of coffee in my hand and someone walking by put two quarters in my cup! I hit the barbershop the same day. I try to keep my guys clean cut and clean shirts, a few wear ties by their own choice but sometimes the boss gets too busy to remember to trim up. That was the Mrs. job but she’s been in heaven for a decade and I’m not looking for a replacement.
Report this comment
Meyvn1
Posted on October 11, 2012 at 10:33am.45, .357, .44, .223 and .308 rounds seem to work pretty good.
Report this comment
MEANS2RESIST
Posted on October 11, 2012 at 1:26pmAs well as .40, 762×39, & 12 guage
Report this comment
BenInNY
Posted on October 11, 2012 at 10:31amOn hard drives: do a full (as opposed to quick) format. That will overwrite the data with zeroes. A quick-format only makes the data overwrite-able, meaning it can be “undeleted.”
Sam R
Posted on October 11, 2012 at 10:49amSorry Beninny but even a single full format can be undone. You need to as the article says run DBAN because DBAN writes complete junk data over the drive as many times as you want.
Report this comment
Chuck7884
Posted on October 11, 2012 at 11:07amSince the use of mirrors it is virtually impossible to delete a hard drive completely there are tools on Herons boot disk that can recover deleted hard drives you need to wipe the main boot record and reset it to zero to completely wipe a drive.
Report this comment
zentrumpet
Posted on October 11, 2012 at 11:18amSorry, not true at all. I am a computer forensic analyst. Formatting, quick or full, only overwrites the metadata. Think of this as tearing out the table of contents of a book. The content remains in the book, but a map to easily find it has been removed. Similar to a hard drive. Special, easily obtainable software can be used to harvest the contents. So what’s the difference between and quick and a full format? A full format takes the time to scan the drive for bad sectors.
Report this comment
saneromeo
Posted on October 11, 2012 at 10:30amhttp://saneromeo.wordpress.com/
Report this comment
hi
Posted on October 11, 2012 at 10:25amI throw mine in the pool and let it soak for a few days. I don’t want to take any chances.
Report this comment
GOFORT
Posted on October 11, 2012 at 10:23amDumping the devices over the side of the boat in 100 feet of salt water is another good way…not terribly good for the environment, but effective nonetheless!
Report this comment
qz2026
Posted on October 11, 2012 at 10:19amHow stupid is this article? Any time I get rid of a computer, I low level format the hard drive. To be really sure, dismantle the drive and use the plates as frisbies or take a torch or magnet to them. Problem with that is that it tends to impact the resale value of the computer. Pay money for shredding software? That’s pretty stupid too. With a phone (I don’t use a cell phone) can’t you remove the memory card and destroy it?
Report this comment
Vigilantwingnut
Posted on October 11, 2012 at 11:03amThere are number of freeware utilities that wipe or “software shred” hard drives.
Low level, or even full format (not the quick format) will go a long way towards rendering your data irretrievable to anyone without highly specialized data recovery tools. Doing multiple full formats is even better.
Reinstalling the OS after a full format (or three) before transferring your computer (sale, donation, trash, etc.) not only again overwrites a portion the drive that once contained your data, but provides additional value in that you also have a functioning computer.
These techniques are fine for us regular schmucks. If you have truly sensitive data that would cause irreversible harm to you, your company, your nation, or the FBI is investigating you and you have incriminating data on your drive, copier, etc… then yes, full drive destruction or multiple software shredding would be mandated.
Report this comment
OhioRifleman
Posted on October 11, 2012 at 2:45pmI posted this above, but it bears repeating here.
I second Joe Attaboy on this one. I used to do deleted / formatted drive recovery back in the Win98 days, and if I felt like it, I could retool myself to do it in less than a week in the here-and-now.
R-Studio, the main program I used for recovery, costs less than $100 and will easily recover what you deleted. It is even common-user friendly with a little effort.
If you want data gone, I recommend these steps:
1. DOD-wipe the drive (DBAN as listed above does this function)
2. Remove the hard drive from the computer
3A: Retain the hard drive in storage somewhere in your house, or bury it in an inconspicuous location below the frostline for your area.
3B: If you have a decent shooting range, use a heavy weapon to shoot up the hard drive. I recommend something with mass behind it, 30-caliber rifles, .357 Magnum, .44 Magnum, .45 Auto, similar. I do not recommend using lighter weapons due to the chance of fragmentation or ricochet.
3C: Disassemble the hard drive (most hard drives use a #9 or #10 Torx bit to disassemble), remove the platters, and use them as reflective sun-catchers in your garden to scare away birds and animals.
Obviously, 3B is my preference for final disposal. It’s a little hard to spin up a platter when it has a half-inch crater in it from a passing .357 round.
Repeat after me, class: there is no kill like overkill.
Report this comment
OhioRifleman
Posted on October 11, 2012 at 2:52pmAnd before you say anything, Wingnut, I can and did recover data from a drive that suffered a worse series of full formats than three. I once ran R-tools against a drive that had been full formatted over a dozen times (bloody unstable Win98, had to format the bugger every other week or so), and I was able to recover data from the second install of Windows I was running on that drive.
On that note, I say yes and no to your method. YES, it works for 99 percent of cases where you are destroying data. NO, in that operating in the 1% is dead simple and cheap for anyone that bothers looking. Too easy, all things considered.
I still recommend a DOD wipe if you need to dispose of equipment.
Report this comment
korbin
Posted on October 11, 2012 at 10:04amTake your computer or device to the range.. 100 rounds of 45ACP 100 rounds of 5.56 will doo the trick, then pickup the brass for re-loading.
Report this comment