Hardware & Infrastructure
04:45 PM
Fred Langa
Fred Langa

Langa Letter: The "Dead Drive" Security Loophole

You may get a nasty surprise if you send your system out for repairs! Consider your options.

Easy To Resurrect Dead Files
Because normal Formats and Erase/Delete operations don't touch much of the data on your disk, it's not hard to bring those files back from the dead. In fact, there's a whole raft of tools that can get at the deleted info. For example, all comprehensive commercial software utility kits (including the most-popular suite, the Norton Utilities) have one or more ways to scour the hard-drive surface, looking for what's left of erased files and converting them back into easily accessible normal files. Many disk utility kits also include Unformat tools that can likewise recover data from a disk that's been completely reformatted.

Advanced users can employ low-level "sector editors" that can examine a hard drive bit by bit, recovering anything of value or interest, anywhere on a drive, even if it has been partially overwritten or is otherwise inaccessible to the normal disk operating system.

Professional data-recovery services and governmental investigative agencies can go even further: Using special hardware and software, they sometimes can recover data from disks that have been completely and repeatedly overwritten with new data, or even disks that have been physically damaged.

But sometimes, no fancy tools are needed at all. Take Andy's case. All the repair techs had to do was replace the motor and plug Andy's drive back into a PC. Windows, through its Plug and Play mechanism, would then auto-detect any hardware differences between Andy's system and the new one it's running on and load the appropriate drivers. When the system booted, it would return to the state it was when Andy last used it, with all the drive contents available to the drive's new owners.

Security, The Hard Way...
"Sanitizing" a hard drive so others can't access its data is possible, but achieving a high level of hard-drive security involves far more hassle than most of us are willing to endure.

For example, the U.S. Department of Defense-prepared "National Industrial Security Program Operating Manual" (see calls for the following steps to be taken to dispose of hard drives that contain moderately sensitive information:

  1. Overwrite all addressable locations with a single character.
  2. Degauss with a Type I degausser.
  3. Degauss with a Type II degausser.
  4. Overwrite all addressable locations with a character, its complement, then a random character and verify.
  5. Destroy: Disintegrate, incinerate, pulverize, shred, or melt.

Amazingly, this still doesn't provide the very highest levels of security (mainly because the many steps themselves constitute a potential security problem). The manual screams in all capital letters: "THIS METHOD IS NOT APPROVED FOR SANITIZING MEDIA THAT CONTAINS TOP SECRET INFORMATION."

Imagine what's involved in sanitizing really sensitive data!

...And The Easy Way
Fortunately, most of us don't have to worry about achieving the very highest levels of security. Simpler, gentler (and nondestructive) methods may suffice, as long as your drive is still spinning. (We'll return to Andy's special case in a moment.)

For one thing, you can take simple preventive measures: If a drive doesn't fail in its first few hours or days of use, it will usually work fine for a very long time. So, I never load anything critical on a new hard drive until it's "burned in" and I'm fairly sure it's going to be reliable for the long haul. (See "System Setup Secrets.") There have been times I've had to send almost-new systems and drives back for warranty repair, but in those cases, I haven't had to worry about security because there wasn't any sensitive data on the returned system.

But what happens once a drive or system has been put into use and does contain sensitive data? In many cases, the solution is a thorough "data wipe." This doesn't mean simple file deletion or disk reformatting. Rather, it refers to a more elaborate process that's sometimes called a "government wipe" (because it's based on earlier Department of Defense recommendations for hard-drive sanitizing). It's an automated 7-pass procedure that involves overwriting the entire file area (including the directory entry, where the file's name and attributes are stored) multiple times with random data, and truncating the file allocation record so that the wiped file appears to be a zero-length item. This kind of wiping is proof against all but the most elaborate, expensive, and time-consuming data-recovery techniques.

Many software tools offer "government wipe" ability (or an approximation thereof), including the Norton Utilities WipeFile plus the freeware tools Eraser and File Wipe For DOS). You can find many others by searching your favorite download site.

In most cases, running a thorough government wipe on a hard drive is about all you'll need before sending it in for repair, selling it, discarding it, or passing it on to someone else.

2 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of October 9, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll