My brother picked up a pc at auction for $2.00 US. Plug it in and the only thing that worked was the power light on the front. Ok, let's harvest the parts. I take the hard drive home and plug it in. Ubuntu/gparted tells me Windows was "Improperly shut down and can't be mounted". I pop in a Knoppix cd and reboot. Knoppix mounts the drive and I go poking around. The guy did do a semi-cleanup of the drive but he forgot to clean everything. I found enough banking/personal info that would have allowed me to REALLY put a hurt on this person's accounts.
Moral/reminder of the story? Nuke a drive if you are getting rid of it. Or take the drive out and turn it into dust.

If you found illegal content, you may have a duty to report it.

If you found personal data, you may want to let the person know in case they need the data (or, barring that, wipe it to protect the person).

It is amazing what can be found on second hand computers though.

My brother picked up a pc at auction for $2.00 US. Plug it in and the only thing that worked was the power light on the front. Ok, let's harvest the parts. I take the hard drive home and plug it in. Ubuntu/gparted tells me Windows was "Improperly shut down and can't be mounted". I pop in a Knoppix cd and reboot. Knoppix mounts the drive and I go poking around. The guy did do a semi-cleanup of the drive but he forgot to clean everything. I found enough banking/personal info that would have allowed me to REALLY put a hurt on this person's accounts.
Moral/reminder of the story? Nuke a drive if you are getting rid of it. Or take the drive out and turn it into dust.

If you are nuking your data, you should write over it with a secure delete tool. That way, you can't even photorec the data off (which, sadly, you can do easily when you buy most used hard drives).

If you found illegal content, you may have a duty to report it.

If you found personal data, you may want to let the person know in case they need the data (or, barring that, wipe it to protect the person).

It is amazing what can be found on second hand computers though.

No illegal content and drive was nuked so no trouble. The previous owner was unreachable because he moved and left no contact info.

Is Dban good enough for nuking a harddrive or should extra steps be taken?

dban is a good answer, if you set it at the "highest" (?) settings and let it take its time. Time is the issue though.

I've found more than one machine with way too much personal information on it. After a while I just stopped looking, and automatically wiped drives as soon as I got them. It was too depressing, realizing how stupid the average citizen was.

Of course, not as depressing as this guy's find.

http://news.bbc.co.uk/2/hi/uk_news/7581540.stm

Good reminder. I let a friend use my laptop for a while, and beknowst to me he sold it without doing anything (no wiping, no formatting, nothing)! I was really pissed to say the least.

Good reminder. I let a friend use my laptop for a while, and beknowst to me he sold it without doing anything (no wiping, no formatting, nothing)! I was really pissed to say the least.

It's sad but true that some of the people I know, who have been using computers for a while now, would probably not have a clue about wiping potentially sensitive data - I've even sent old computers off to the rubbish dump without wiping the hard drives (which I should've kept when the machines died, just in case I could recover the source code for some stuff on it). I wonder how widespread this is.

If you are nuking your data, you should write over it with a secure delete tool. That way, you can't even photorec the data off (which, sadly, you can do easily when you buy most used hard drives).
dd will work, with /dev/zero. ;)

Good reminder. I let a friend use my laptop for a while, and beknowst to me he sold it without doing anything (no wiping, no formatting, nothing)! I was really pissed to say the least.

Wow, sounds like he/she is not a very good friend. BTW, hello from another fellow Chicagoan(during the summer months).

Or take the drive out and turn it into dust.

Wondering what magic spell you perform to achieve this. Hard drives need to be disposed of responsibly by responsible computer users. They don't turn to dust - rather toxic landfill. :)

Wondering what magic spell you perform to achieve this. Hard drives need to be disposed of responsibly by responsible computer users. They don't turn to dust - rather toxic landfill. :)

I should have expanded on this..
Turn the platters into dust with a hammer. :)

Oxy-setaline torch and a sledge hammer is my vote

I'd hate to waste a Hard drive I prefer the d.o.d. style nuke applications instead. Deriks boot and nuke for example. Even those old 5 to 10 gb HD's can be used as a swap space in another pc.

dd if=/dev/zero of=/dev/target

To some people, just as good as nuking :)

I'd hate to waste a Hard drive I prefer the d.o.d. style nuke applications instead. Deriks boot and nuke for example. Even those old 5 to 10 gb HD's can be used as a swap space in another pc.

I meant for if you want to be really sure. Its pretty much impossible to take off all data

I should have expanded on this..
Turn the platters into dust with a hammer. :)

haha. Now ya talking!

A power drill and lighter fluid doesn't seem like a bad combination.

Mine join my exhibition of obsolete technology which lives in and around my studio. Might think of a novel way of destruction and give it a go with one of 'em. Sounds kinda satisfying! I prefer doing that with old ******* disks mind you. \\:D/

If you found illegal content, you may have a duty to report it.Computer recyclers are now mandated reporters? In what jurisdiction?

IN THE UNITED STATES, YOU ARE NOT REQUIRED TO REPORT A CRIME UNLESS YOU ARE A MANDATED REPORTER. AND EVEN IN THAT CASE, THE CRIMES COVERED ARE CAREFULLY LIMITED.

Mine join my exhibition of obsolete technology which lives in and around my studio. Might think of a novel way of destruction and give it a go with one of 'em. Sounds kinda satisfying! I prefer doing that with old ******* disks mind you. \\:D/

Oooh a studio in Aus? Sounds a bit up market :P

Computer recyclers are now mandated reporters? In what jurisdiction?

IN THE UNITED STATES, YOU ARE NOT REQUIRED TO REPORT A CRIME UNLESS YOU ARE A MANDATED REPORTER. AND EVEN IN THAT CASE, THE CRIMES COVERED ARE CAREFULLY LIMITED.

Have you got proof of this? Id like to see where it is written

dd will work, with /dev/zero. ;)

it would actually work better with /dev/urandom

Computer recyclers are now mandated reporters? In what jurisdiction?

I am not a lawyer and was merely pointing out that it may be something to make sure.



IN THE UNITED STATES, YOU ARE NOT REQUIRED TO REPORT A CRIME UNLESS YOU ARE A MANDATED REPORTER. AND EVEN IN THAT CASE, THE CRIMES COVERED ARE CAREFULLY LIMITED.

DON'T USE ALL CAPS BECAUSE IT IS ANNOYING AND NOT EVERYONE IS IN THE UNITED STATES.

Also, reporting crimes is a good thing, especially if there is a victim.

My husband has a box out in the garage somewhere that has some seriously warped platters in it. O:) They also have 9mm holes in them.

I had a similar situation a year ago, I bought an HD from a small cheap store, and when I installed the HD is saw there was an Vista installation on it with allot of personal data, picture's, music, school work, ...

The next day I went to the Law-House in Ghent, thats a free legal advice place, they have gave me the advice to go back to the store and confront them.

Because I bought a New HD they needed to deliver a new HD and I also needed to warn them, that when they sell a used disk they need to format it, even though its always possible to get data back.

They also told me that I had the right to give it to the justice department, because in Belgium (and Europe) this is a serous privacy violation and the store owner could be prosecuted for it.

But because there was nothing in it for me except losing the Hard drive and because it was probably a mistake by the store, they advised me not to that.

The next day I went to the store and the owner emediatly formated the disk, he told me he just used it once in a repair and apologized to me. Knowing had the right on a new hard disk and because I had the feeling he made the story up? I demanded a new one and I could chose to get one with less guarantee of wait 3 weeks. -_-

I then started to tell him that he needed to be careful because selling it without format is illegal. He got pissed and started to yell to me that they would never sue you when you didn't format it because you always can get data back.

I friendly told him I had that information from a lawyer at the law-house and they toled me he could get up to 3 years jail for it. At that point he totally lost it yelling an barking thats all not true and that those layers don't know nothing. I just piked up the hard disk and when out. To bad it was formated because else I would have delivered it to justice department. But he lost over 30 customersor because most people ask me where to buy there computer stuff and then I tell them my story.

Can't win em all Mr Propre, but you learn something everyday, as the saying goes. Nice work. :)

With storage being so cheap now, everytime I give an old lappy or computer to someone, the hard drive from it has a visit from Mr Claw Hammer. The best kind of secure wipe there is.

"Yeah, the computers all yours, just need to get a hard drive for it."

Well there is one extreme way of destroying your HDD. that is to use a big super-magnet (those giant ones made of Neodymium). Just move the hard disc in a rotating fashion above the magnet without letting the hard drive have any contact with it(that will be hard taking to account the strengh of the magnetic field)
This will destroy the data on the magnetic disk in the hard drive, corrupting the data, although i would not recommend doing this!:lolflag:

you read all the time about this sort of thing, although i havent specifically looked when ive bought a 2nd hand hard drive. what always strikes me is, who stores their banking details on their hard drive anyway? is it just so they can copy and paste from a text file when buying stuff online? or do they store their internet banking passwords and stuff there too? i dont do it because of security but more because it just seems a waste of time

Have you got proof of this? Id like to see where it is writtenIn the United States, that which is not specifically prohibited under the law is assumed to be permissible. Therefore, you will not find laws here that state something like "failure to report a witnessed crime is not illegal." (Unless legislators are carving out exceptions to a law -- perhaps a fictional law such as "it is illegal to possess marijuana. This law does not prohibit the possession of marijuana when prescribed by a licensed physician.")

We DO have laws that make certain people "Mandated Reporters (http://www.capcsac.org/training/laws)" of certain witnessed or suspected crimes. For example, a school teacher is a mandated reporter of suspected child abuse (but NOT of, say, theft). This holds true of most professionals who work with children, including physicians, nurses and psychologists. Interestingly, psychologists are not required to report threats of violence against a third party to law enforcement, but have a "Duty to Warn (http://www.wct-law.com/CM/Publications/publications13.asp)" the person who has been threatened.

The mere existence of Mandated Reporter laws is prima-facie (http://www.nolo.com/definition.cfm/Term/F6EF4EB8-4BF4-4E67-944F944804FDAFCB/alpha/P/) evidence that most people are NOT mandated reporters of a witnessed crime. If everybody has an obligation to report crimes, then there would be no need for special laws mandating it by certain people.

The mere existence of Mandated Reporter laws is prima-facie (http://www.nolo.com/definition.cfm/Term/F6EF4EB8-4BF4-4E67-944F944804FDAFCB/alpha/P/) evidence that most people are NOT mandated reporters of a witnessed crime. If everybody has an obligation to report crimes, then there would be no need for special laws mandating it by certain people.

I was thinking of a specific crime that often leaves evidence on computers, and I would hope anyone here agrees that people have a duty to report such things.

I have heard of convicted felons with stolen computers reporting such finds even though they are risking a lot of prison time.

Is Dban good enough for nuking a harddrive or should extra steps be taken?


dd if=/dev/urandom of=/dev/sda bs=1M

Should take care of everything.

I've recently read an article that nobody, even the best data retrieval experts have been able to get data from a device using this command.

--

note: don't run this command unless you want everything wiped.

I've recently read an article that nobody, even the best data retrieval experts have been able to get data from a device using this command.


Well, in theory it is possible, but not practicle.

Here is the challenge: http://16systems.com/zero/index.html

The guy did do a semi-cleanup of the drive but he forgot to clean everything. I found enough banking/personal info that would have allowed me to REALLY put a hurt on this person's accounts.
I've ran across that a lot! No incriminating stuff though

I was thinking of a specific crime that often leaves evidence on computers, and I would hope anyone here agrees that people have a duty to report such things.I suspect that the crime that you are dancing around is child pornography. Of course there are other crimes that might leave computer-based evidence (such as financial fraud, money laundering, conspiracy to commit a murder, or whatever). I most CERTAINLY agree that the ethical thing to do is to turn the evidence over to the police, along with information about where you obtained the hard-drive that contains the evidence. I only disagree with the implication that one has a legal duty to do so.

Personally, the very first thing I do whenever I get a used hard drive is to run DBAN or shred on the entire drive before ever mounting it. Mainly, this is to protect myself from malicious programs, but it has the additional benefit of never "discovering" anything that I don't want to know about on the thing.

dd if=/dev/urandom of=/dev/sda bs=1MShould take care of everything.

I've recently read an article that nobody, even the best data retrieval experts have been able to get data from a device using this command.

--

note: don't run this command unless you want everything wiped.
What's the bs=1M for? Wouldn't it just be fine as "dd if=/dev/urandom of=/dev/sda"?

I say a magnet would have done real nicely for nuking a drive (get a really freaking strong one like the neodymium >_>

Well there is one extreme way of destroying your HDD. that is to use a big super-magnet (those giant ones made of Neodymium). Just move the hard disc in a rotating fashion above the magnet without letting the hard drive have any contact with it(that will be hard taking to account the strengh of the magnetic field)
This will destroy the data on the magnetic disk in the hard drive, corrupting the data, although i would not recommend doing this!:lolflag:

Don't count on that working. There are already at least 2 very strong magnets built into the drive as part of the head positioning mechanism, and they don't seem to affect the data integrity :)

Yeah I bought a memory stick from Game Stop a few months back. Although it had been formated, I was able to recover music from it with Photorec.