Hardware & Infrastructure
Commentary
2/16/2006
04:45 PM
Fred Langa
Fred Langa
Commentary
50%
50%

Langa Letter: The "Dead Drive" Security Loophole

You may get a nasty surprise if you send your system out for repairs! Consider your options.

Easy To Resurrect Dead Files
Because normal Formats and Erase/Delete operations don't touch much of the data on your disk, it's not hard to bring those files back from the dead. In fact, there's a whole raft of tools that can get at the deleted info. For example, all comprehensive commercial software utility kits (including the most-popular suite, the Norton Utilities) have one or more ways to scour the hard-drive surface, looking for what's left of erased files and converting them back into easily accessible normal files. Many disk utility kits also include Unformat tools that can likewise recover data from a disk that's been completely reformatted.

Advanced users can employ low-level "sector editors" that can examine a hard drive bit by bit, recovering anything of value or interest, anywhere on a drive, even if it has been partially overwritten or is otherwise inaccessible to the normal disk operating system.

Professional data-recovery services and governmental investigative agencies can go even further: Using special hardware and software, they sometimes can recover data from disks that have been completely and repeatedly overwritten with new data, or even disks that have been physically damaged.

But sometimes, no fancy tools are needed at all. Take Andy's case. All the repair techs had to do was replace the motor and plug Andy's drive back into a PC. Windows, through its Plug and Play mechanism, would then auto-detect any hardware differences between Andy's system and the new one it's running on and load the appropriate drivers. When the system booted, it would return to the state it was when Andy last used it, with all the drive contents available to the drive's new owners.

Security, The Hard Way...
"Sanitizing" a hard drive so others can't access its data is possible, but achieving a high level of hard-drive security involves far more hassle than most of us are willing to endure.

For example, the U.S. Department of Defense-prepared "National Industrial Security Program Operating Manual" (see http://nsi.org/Library/Govt/Nispom.html) calls for the following steps to be taken to dispose of hard drives that contain moderately sensitive information:

  1. Overwrite all addressable locations with a single character.
  2. Degauss with a Type I degausser.
  3. Degauss with a Type II degausser.
  4. Overwrite all addressable locations with a character, its complement, then a random character and verify.
  5. Destroy: Disintegrate, incinerate, pulverize, shred, or melt.

Amazingly, this still doesn't provide the very highest levels of security (mainly because the many steps themselves constitute a potential security problem). The manual screams in all capital letters: "THIS METHOD IS NOT APPROVED FOR SANITIZING MEDIA THAT CONTAINS TOP SECRET INFORMATION."

Imagine what's involved in sanitizing really sensitive data!

...And The Easy Way
Fortunately, most of us don't have to worry about achieving the very highest levels of security. Simpler, gentler (and nondestructive) methods may suffice, as long as your drive is still spinning. (We'll return to Andy's special case in a moment.)

For one thing, you can take simple preventive measures: If a drive doesn't fail in its first few hours or days of use, it will usually work fine for a very long time. So, I never load anything critical on a new hard drive until it's "burned in" and I'm fairly sure it's going to be reliable for the long haul. (See "System Setup Secrets.") There have been times I've had to send almost-new systems and drives back for warranty repair, but in those cases, I haven't had to worry about security because there wasn't any sensitive data on the returned system.

But what happens once a drive or system has been put into use and does contain sensitive data? In many cases, the solution is a thorough "data wipe." This doesn't mean simple file deletion or disk reformatting. Rather, it refers to a more elaborate process that's sometimes called a "government wipe" (because it's based on earlier Department of Defense recommendations for hard-drive sanitizing). It's an automated 7-pass procedure that involves overwriting the entire file area (including the directory entry, where the file's name and attributes are stored) multiple times with random data, and truncating the file allocation record so that the wiped file appears to be a zero-length item. This kind of wiping is proof against all but the most elaborate, expensive, and time-consuming data-recovery techniques.

Many software tools offer "government wipe" ability (or an approximation thereof), including the Norton Utilities WipeFile plus the freeware tools Eraser and File Wipe For DOS). You can find many others by searching your favorite download site.

In most cases, running a thorough government wipe on a hard drive is about all you'll need before sending it in for repair, selling it, discarding it, or passing it on to someone else.

Previous
2 of 3
Next
Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 16, 2014.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.