When
to take a hammer to your computer
By Peter Vogel
Throwing out your old computer? Worried about
identity and information theft?
Several years ago I described in this space a study carried out
by a small team of post-grad students who had purchased a hundred or
so used disk drives, some at auction, some from eBay, and some from
local computer dealers.
The students were stunned to discover a treasure trove of data,
ranging from medical records to lists of credit card numbers, on
these used hard drives.
In most cases no effort had been made to remove data before the
machines were sent for disposal. In other cases, sensitive files had
been "deleted," but as many technicians know, "delete" does not have
an element of permanence about it.
An electronic "delete" frequently means only that the pointer to
data has been removed, while the data itself remains intact. An
"undelete" operation restores the pointer and the data seems to
magically reappear.
For this and other reasons you need to take some action of your
own before disposing of that home computer, either at curbside or
with some scrap metals dealer.
Don’t think formatting the hard drive will do the trick. It
won’t. No, you need a disk wipe utility, something that will ensure
that all but the most technologically proficient cyberspook can’t
access your bank records and what-have-you.
You can buy a commercial product or you can use one of several
free utilities available through reliable sources such as
download.com.
Among some of the well-known file shredders and disk wiping
utilities are:
All three come highly recommended and have built up solid track
records over a number of years. Heidi Computers describes its
product this way: "Eraser is an advanced security tool which allows
you to completely remove sensitive data from your hard drive by
overwriting it several times with carefully selected patterns."
Overwriting, in random or algorithmically generated patterns, is
the key to the way these products work. Every part of the hard drive
is overwritten many times.
All of these products are "dangerous," in the sense that they
should only be used on systems destined for the scrap heap. Pop the
CD or floppy disk for one of these products into your drive, boot
up, and your computer hard drive is quickly on its way to cyber
oblivion.
At the DBAN site the following is prominently posted: "Please
clearly label your DBAN boot media because it is dangerous."
In other words, don’t leave this sort of utility program lying
around. Imagine how you’ll feel if you accidentally boot your
computer with one of these babies in the drive. Poof, all your data,
tax returns, photos, banking records, you name it, vanished.
Don’t even think about the cost of trying to recover from that
sort of disaster.
Still not sure these products will do the trick? Can’t sleep at
night, worrying that someone is hacking that old 20 GB drive you’ve
been using since 1996? Then take it out of the machine before
sending it for recycling, use a hammer to smash it open, and
pulverize the storage platters. Careful! Eye protection is a must. A
slightly more gentle approach is to drill a hole through the disk
drive platters.
Identity theft of all sorts is a crime which will not go away any
time soon. Take reasonable precautions with your electronic and
paper-based data. Don’t pass along your surplus computer to a
grandchild without consideration of the consequences should that
machine fall into other hands, either physically or electronically.
Computer hard drives are relatively cheap, most being in the 50c
to $1 per gigabyte range. If wiping the hard drive isn’t an option
for you then have it removed before giving away the computer. Let
the recipient install a new drive for $50 or so.
Besides, removing the drive helps you avoid murky licensing
issues that come into play when computer ownership changes.
Peter Vogel is a Physics and Computer Sciences teacher at
Notre Dame Regional Secondary School (www.ndrs.org).
Suggestions and comments may be sent via e-mail to
peterv@portal.ca.
|
Comment on the article above
using this form...
|
