Tweet
The only surefire way to stop criminals stealing data from secondhand computers is to destroy the hard drive, a study by Which? Computing magazine has warned.
Even though people think they have wiped data from machines before they sell them on auction sites or put them onto rubbish tips, the files remain on the hard drives – and can contain vital information such as bank details and other personal data sufficient for identity theft. They can be recovered using specialist software that is widely available.
The magazine recovered 22,000 "deleted" files from eight computers which it bought from the auction site eBay – demonstrating that normal deletion is insufficient to remove the data.
Criminals source used computers in order to find such useful data, the magazine warned. "PCs contain more valuable personal information than ever as people increasingly shop online, use social networking sites and take digital photos," said Sarah Kidner, editor of Which? Computing. "Such information could bring identity thieves a hefty payday."
One Which? reader, Alexander Skipwith, had to pay £100 to get his hard drive back from a man purporting to be in Latvia: he emailed Skipwith with a personal photo to show that he had access to his hard drive, which contained bank statements and a mortgage application. Skipwith had previously been told that his faulty hard drive would be wiped of personal information when it was replaced by a computer manufacturer.
The problem was highlighted last August when a computer with bank account numbers, mothers' maiden names and signatures of 1 million American Express, NatWest and Royal Bank of Scotland customers that previously belong to Mail Source, a data processing company, was sold on eBay. The account details were discovered by the buyer, an IT manager from Oxford. Two days later police made an arrest in a separate case over individuals' details from Charnwood Borough Council sold on a computer on eBay.
The problem lies in the way that hard drives store information. An index file on the hard drive, written by the computer processor, stores and updates a listing of where on the physical hard drive each file is located. When the user "deletes" a file on their system, the index entry is removed – but the file itself, with its data, remains. Sophisticated tools are able to find the files themselves and recover that data – which can be incredibly detailed, including a user's browsing and email history.
While that can be useful in situations where there is a hard drive "crash" – allowing the recovery of some or all files – it can be disastrous if the drive falls into the wrong hands.
Dr Andrew Jones, head of computer security at BT Exact, told the Guardian last August that the process bypasses the normal checks on what you can view: "It's like [computer game] The Sims: instead of going through the front door, you take the roof off and you look down on the drive from above." Encrypting the drive during use can offer some protection.
Which? Computing recommends using a hammer to be absolutely certain of destroying the data. (The US Pentagon recommends shredding them, although this is requires specialist equipment.) But there is also software available online which will overwrite the entire hard drive with 0s. This does have the advantage that the computer will retain some of its value – while not being quite as valuable to villains.
HOW TO SECURE YOUR DISK
1 Use encryption. Vista Ultimate has BitLocker; Mac OSX has FileVault. There is also TrueCrypt, which is free and cross-platform.
2 Use secure erase programs such as blancco; for a list, see howtowipeyourdrive.com.
3 When you've finished with your computer, securely wipe it and then reinstall the operating system from scratch. Or remove the hard drive and smash it with a hammer.
guardian.co.uk © Guardian News & Media Limited 2009 | Use of this content is subject to our Terms & Conditions | More Feeds
More...
