Last night, after working on the MythTV box for a while, my long-time friend and I plug in a hard-drive that I had sitting on my desk for an indeterminate amount of time, as I really couldn't remember where it came from (this happens when there's more than ten floating around at any given time). New, SATA, 200+GB drive. I had figured that it belonged to the system I built for Elle a while back (who, as a budding Linux acolyte, I am very proud of).My friend (we will name him Sisco) fires up the tower and prepares to format, but notices that there happens to be an NTFS partition already on the drive. After some discussion, I figured that I had tried to install XP from Elle's HP laptop (another story of frustration and woe), but being unsure of its nature we decide to investigate further, as the partition size isn't consistent with standard operating procedure. Sisco reboots the tower, this time with Archlinux on a USB-drive, and we start scanning the contents of the directories on the drive: Firefox history, cookies, Documents, Firefox bookmarks, etc; nothing matches up with any expectations that we had for our prospective users.
Curiouser and curiouser; we attempt to boot the drive by itself. Nothing. XP is completely borked.
Sisco ups the ante, and starts a Ubuntu Live CD to examine the contents of the drive previously unviewable from the command-line.
The user, who shall remain safely anonymous, had copies of the user's passport (scanned), résumé, and his William D. Ford Direct-Loan disbursement information (which is to say, everything) on the Desktop. Needless to say, there was enough information here to cause all sorts of mayhem with his life, and probably the lives of his references with a little additional phishing.
Finally, a beautiful display of irony: the résumé lists "advanced computer skills" as one of the user's talents.
It turns out that the drive had been given to me some years ago by a roommate that inherited it from another roommate previous to my occupation of the house; I imagine that since XP was shot, they assumed that the drive itself was trashed and subsequently ditched it. Luckily for him, Sisco and I ended up with the drive (the sensitive data will be destroyed, and likely irreplaceable data will be emailed/mailed to him), but not everyone is so fortunate.
Folks, please, if you value your privacy, take some time to either fix or destroy this sort of sensitive information on your hardware when upgrading or tossing your desktops or laptops. It's an easy mistake, but that doesn't make it any less costly in the end; this means using something stronger than Mickeysoft at some point (see here: dd (command)), or physically destroying the drive. Encryption is not only highly recommended, but borderline mandatory. (I'll have some links up in a later post, as this is a rather broad topic.)
Lastly, if you are not joined at the hip to a Windows-only application for work, I would suggest scrolling to the top of the page and giving Ubuntu a try; it runs in memory for those trying it without an install, it's intuitive, clean, infinitely more secure than Windows or Apple, and it's free. FREE. As in, "free beer".
Join us.
Posts
![[Most Recent Quotes from www.kitco.com]](http://www.kitconet.com/charts/metals/gold/tny_au_en_usoz_2.gif)
![[Most Recent Quotes from www.kitco.com]](http://www.kitconet.com/charts/metals/silver/tny_ag_en_usoz_2.gif)
2 comments:
Eraser is a perfect app for something like this. I've used it in the past on Windows drives. Just format the drive, and tell Eraser to do a free space wipe.
From what I've heard about that person, this doesn't surprise me.
My next step with ubuntu is getting oblivion to work. By myself. Luckily there are tons of pages that walk you through it. My video card isn't exactly up there, but it should run moderately well if I can figure out what I'm doing. Wish me luck.
Post a Comment