Commentary
Langa Letter: The "Dead Drive" Security Loophole
You may get a nasty surprise if you send your system out for repairs! Consider your options.Any time you return a system or hard drive for repair, resell it, hand it down, discard it, or otherwise place it in someone else's hands, you're potentially giving that person access to everything on the drive, including files that you thought were deleted, reformatted, or overwritten.
Reader Andy Nelaimischkies recently encountered this little-discussed but major security problem:
More Insights
Webcasts
- Big Data at High Speed: Complex Event Processing at 10x
- The Business Value of Data Quality – Getting the Most out of Your Investments in Data Warehousing and Data Analytics
White Papers
More >>Reports
More >>
"Hi Fred: I recently had a new hard drive fail due to apparent motor failure. I returned it for another one but afterwards I was thinking: What's to prevent someone from fixing it and accessing my personal data at a later date? Is there a way to erase a drive before returning it for a replacement? Am I being too paranoid?"
No, that's not paranoia! While this case--a dead motor--would have presented some unusual challenges to a snoop, in most cases it's amazingly easy to recover data from old hard drives, even if they've been "erased" or reformatted. (And in Andy's case, he never had the chance to do even that; his data was intact, exactly as it was when the drive died!)
Whenever a hard drive changes hands for any reason, there's absolutely nothing (except the imperfect protection of the honesty and ethics of others) to prevent the new owner of the drive from gaining access to whatever was on it. Your business plans, E-mail, tax records, passwords, and any private or confidential information may all be up for grabs, even if you've deleted the files or reformatted the disk.
Ironically, even persons and organizations that exercise good security practices during the normal life of a system or hard drive may not pay enough attention to security during repair operations or at the end of a system's life.
False Security
You probably already know that erasing or deleting a file normally doesn't really erase or delete much of anything: Rather, when you erase or delete a file, the file system simply changes the directory entry and marks the file's area as available for reuse. The original file contents are still there on the hard drive, essentially intact. Eventually, as the hard drive gets used, the original file may be overwritten with other data, but on today's huge hard drives, that can take quite a while.
Plus, some operating system components and add-on utilities may work in the background to actively preserve your deleted files. In normal operation, for example, the Windows Recycle Bin only pretends to delete files. What really happens is the Recycle Bin subsystem quietly copies the file, intact, to a special directory from which it can easily be recovered. Even when you empty the Recycle Bin, the deleted file still isn't really gone, because the normal OS-level deletion operation kicks in and simply marks the file area as "ready for reuse." Once again, the data remains intact on the disk until and unless it's eventually overwritten.
Similarly, Windows ME (and probably the forthcoming XP) have a System Restore function that saves and can restore certain kinds of files, even if they've otherwise been totally erased.
And--this comes as a surprise to many users--even a full reformat doesn't actually erase all the data on a drive: Instead, the format operation simply writes a new file allocation table and sector information. Much of the old data on the drive is still there, intact.
Related Reading
| To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
Subscribe to RSSResource Links
Related Webcasts
- Cloud or Premise Based Contact Center – Which is Right [for YOU]?
- Videoconferencing: Business & the Big Picture
- Protecting End Users Against Emerging Threats
- How to Build a Next-Generation Big Data Architecture
- Collaborative DevOps: Bridging the gap between development and operations with automation
This Week's Issue
Free Print Subscription
SubscribeCurrent Healthcare Issue
- InformationWeek Healthcare CIO 25: Our second annual honor roll of the health IT leaders driving healthcare's transformation.
- EHR Unreadiness: Only a small percentage of physicians planning to apply for Meaningful Use funds have e-health record systems capable of achieving most of the requirements. .
- And much more!
- Read the Current Issue
Related Whitepapers
- Drive Your Business with Predictive Analytics
- Gartner Presentation: Data Center conference Real Fabrics for a Virtual World
- Nemertes Research PilotHouse Awards: Servers for Virtualization
- ESG whitepaper: Defining Tier One Storage in the Modern Data Center
- Top 10 Myths About Virtualizing Business-Critical Applications












