Sanitising hard drives

Forums › Desktop computing › Sanitising hard drives

1 | 2

richms

29104 posts

Uber Geek
+1 received by user: 10217

Trusted

Lifetime subscriber

#1150655 9-Oct-2014 12:56

They usually only need to recover enough to be able to testify that something was on the computer not to get the actual content back. enough to shoot down them saying they never had or saw that information.

Richard rich.ms

coffeebaron

6304 posts

Uber Geek
+1 received by user: 3567

Trusted

Lifetime subscriber

#1150768 9-Oct-2014 14:44

stocksp: Wow – what was on them that you are so paranoid about - and that you would not want border authorities to see?

Illegal downloads of Coro St episodes :)

Rural IT and Broadband support.

Broadband troubleshooting and master filter installs.
Starlink installer - one month free: https://www.starlink.com/?referral=RC-32845-88860-71
Wi-Fi and networking
Cel-Fi supply and installer - boost your mobile phone coverage legally

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com

Bung

6733 posts

Uber Geek
+1 received by user: 2926

Subscriber

#1150780 9-Oct-2014 14:57

richms: They usually only need to recover enough to be able to testify that something was on the computer not to get the actual content back. enough to shoot down them saying they never had or saw that information.

I've seen some references to other copies of a file existing depending on software or file system so securely deleting the obvious one may not remove all traces. It's more likely those are found than the deleted file reconstructed.

richms

29104 posts

Uber Geek
+1 received by user: 10217

Trusted

Lifetime subscriber

#1150803 9-Oct-2014 15:30

They do all sorts of awesome things like looking at dates and times that registry keys were made etc as well when doing computer forensics. All that crap that gets made when a USB drive is plugged in etc are invaluable to them.

Richard rich.ms

Elpie

1304 posts

Uber Geek
+1 received by user: 272

#1151019 10-Oct-2014 03:43

The thing is, there's no real laws about what they can do with electronic devices at borders. No warrants are needed, they don't even need to suspect you of something. And, in the US at least, there's no laws about what they can do with the data they find or how long they can keep it for. You can get your laptop or ebook reader, phone, or whatever back and never know if they have cloned it or what will be done with a copy.

Obviously, they don't check every device going across borders but since they can check any device everyone should be careful, especially where it comes to client's business data.

nathan

5695 posts

Uber Geek
+1 received by user: 1630
Inactive user

#1151048 10-Oct-2014 08:06

BitLocker and hope they don't torture you at the border until you cough up the pin

Geekzone support

Support Geekzone with one-off or recurring donations Donate via PressPatron.

Elpie

1304 posts

Uber Geek
+1 received by user: 272

#1151234 10-Oct-2014 11:56

nathan: BitLocker and hope they don't torture you at the border until you cough up the pin

No good for my situation - I'm not trying to protect data on these drives, I want to ensure data that has been transferred off cannot be read/recovered.

Drive encryption is pretty useless at borders anyway. If a border control officer wants to look at your data then you have to provide access. Sure, you can refuse. But if you do, you risk your device being taken away until such time as you provide the key. If you are not a citizen of that country you can also be denied access. The only sure way to avoid having border control look at data is to not take data across borders.

nathan

5695 posts

Uber Geek
+1 received by user: 1630
Inactive user

#1151692 11-Oct-2014 08:22

Elpie:
nathan: BitLocker and hope they don't torture you at the border until you cough up the pin

No good for my situation - I'm not trying to protect data on these drives, I want to ensure data that has been transferred off cannot be read/recovered.

Drive encryption is pretty useless at borders anyway. If a border control officer wants to look at your data then you have to provide access. Sure, you can refuse. But if you do, you risk your device being taken away until such time as you provide the key. If you are not a citizen of that country you can also be denied access. The only sure way to avoid having border control look at data is to not take data across borders.

data cannot be read/recovered -> bitlocker, delete the key. the data is now unobtanium

Elpie

1304 posts

Uber Geek
+1 received by user: 272

#1151833 11-Oct-2014 14:19

nathan:

data cannot be read/recovered -> bitlocker, delete the key. the data is now unobtanium

Unless it was ever unencrypted. Encrypting a drive isn't fail-safe security. In Windows systems, copies and shadows of files are everywhere. Unless data was encrypted end-to-end and has never existed as unencrypted data anywhere on a system, it's still recoverable (or, at least, bits of it are). Trashing the BitLocker drive just makes the BitLocker space supposedly unrecoverable.

gjm

810 posts

Ultimate Geek
+1 received by user: 122

#1151837 11-Oct-2014 14:49

my old disks that Im getting rid of get DBAN used on them, and then I run bitlocker on them and then format them. Takes a bit of time but I like the peace of mind.

Do surveys for Beer money (referral link) - Octopus Group

Link for buying beer (not affiliated, just like beer) - Good George

nathan

5695 posts

Uber Geek
+1 received by user: 1630
Inactive user

#1151840 11-Oct-2014 14:53

Elpie:
nathan:

data cannot be read/recovered -> bitlocker, delete the key. the data is now unobtanium

Unless it was ever unencrypted. Encrypting a drive isn't fail-safe security. In Windows systems, copies and shadows of files are everywhere. Unless data was encrypted end-to-end and has never existed as unencrypted data anywhere on a system, it's still recoverable (or, at least, bits of it are). Trashing the BitLocker drive just makes the BitLocker space supposedly unrecoverable.

BitLocker is a full volume encryption, not just files

New World

Shop on-line at New World now for your groceries (affiliate link).

Elpie

1304 posts

Uber Geek
+1 received by user: 272

#1151862 11-Oct-2014 15:32

nathan:
Elpie:
nathan:

data cannot be read/recovered -> bitlocker, delete the key. the data is now unobtanium

Unless it was ever unencrypted. Encrypting a drive isn't fail-safe security. In Windows systems, copies and shadows of files are everywhere. Unless data was encrypted end-to-end and has never existed as unencrypted data anywhere on a system, it's still recoverable (or, at least, bits of it are). Trashing the BitLocker drive just makes the BitLocker space supposedly unrecoverable.

BitLocker is a full volume encryption, not just files

Yes, of course, but files may not have only existed on that volume. My point is simply that the average user, thinking that BitLocker is secure, may not take into account that if the data has ever existed in an unencrypted form then it may still be there and recoverable, regardless of what they do with the BitLocker volume. This becomes, IMO, highly likely when people use more than one HD and decide sometime after setting up their system that they will use BitLocker. Loads of people don't understand how Windows uses shadow copies. Heck, a lot of people don't realise that deleting a file leaves the file intact and able to be brought back.

1 | 2