Major Australian Retailer Accused of Selling Infected Hard Drives 128
skegg writes "Dick Smith, a major Australian electronics retailer, is being accused of regularly selling used hard drives as new. Particularly disturbing is the claim that at least one drive contained malware-infested pirated movies, causing the unlucky buyer significant data loss. Apparently the Fair Trading Commissioner will be conducting an investigation."
Standard Practice (Score:5, Interesting)
Seems standard practice with a lot of stores. Someone takes something back because they don't want or need it for whatever reason, the shop will just shrinkwrap it up again and the next buyer is none the wiser. I'm surprised that it hasn't happened sooner.
On another note, so how exactly can a video file (pirated movie or not) be 'malware infested'?
Nothing new (Score:5, Interesting)
Maybe not infected (Score:4, Interesting)
I recall from the article that the disk was definitely second hand because it had a whole lot of movies on it (free!) but the guy who reported it to the media made a big song and dance about how the files "appeared corrupt" and "could have infected his system". None of which impresses me much. He could use a secure OS. Other retailers sell stuff which has been returned by customers. DSE should have formatted the disk, and they are at fault for that reason.
IIRC the reason he went to the media was that he is promoting an album or something and this was a golden opportunity to get his face and T shirt on TV.
Re:What? (Score:5, Interesting)
Selling used stuff as new aside for a second
Umm. No.
The media blowup is being fuelled by "I bought a hard disk and it had hard core porn on it!" sensationalism but seem to be ignoring this deeper issue -
Dick Smith Electronics, Harvey Norman, JB-HiFi and the rest have been getting away with it for years but the fact is selling used goods (no matter how good a condition it's in) as new is illegal.
They can ask the same price for it if the return is in great condition but they can't just seal it back up and pop it back on the shelf next to the new unopened boxes.
Comment removed (Score:5, Interesting)
DSE = Radio Shack (Score:5, Interesting)
Had this happen to me (Score:5, Interesting)
Well, a friend. Their HDD had died and they asked me what to do. "Buy a new one" says I. Turns out they had no back-ups of pictures etc, so I offered to try a recovery (no promises and I warned them everything could be lost). Anyhoo, the recovery worked with the failed HDD working as a slave to the new one. I picks up loads of deleted pictures and felt rather chuffed with my little self.
"You seems to have made loads of friends on that Egypt trip." I say.
"Never been to Egypt." they reply.
It takes 5 seconds for me to twig that donkey-boy here had done the recovery on the wrong HDD and more stuff was still being found. School reports, banking spreadsheets, tonnes of stuff. Not really what one expects to find on a "new" HDD. Once I had the pictures recovered from the correct drive (and backed-up) my friend took the "new" HDD back to the shop for a bit of a word.
Selling hooky equipment to a police officer? Not one of the storekeeper's greatest ideas. And for the previous owner, there was enough information on there for someone to do them serious ill. Luckily for them, my friend made the storekeeper physically destroy the drive (and got a full refund).
There's no issue with selling 2nd hand kit, just advertise it as such and make sure it's properly wiped first.
Re:Standard Practice (Score:4, Interesting)
I don't know if they will get with fines (most of the time, playing the three monkey game will be enough to avoid civil/criminal charges.)
However, this is a lesson to everyone: After buying any new storage media, completely erase it first. This is something I try to keep the habit of doing, be it a USB flash drive, a SD card for my phone, external hard disks, or an internal HDD of a new PC.
The best utility, hands down, is HDDErase because it tells the drive controller to do the dirty work and erase everything, including the host protected area, sector relocation table, etc. I then follow it up by a DBAN, or at least a dd if=/dev/zero of=/dev/sdwhatever. If one can't do an ATA erase, then zeroing it out with a couple passes is the next best thing.
If only on Windows, encrypting the disk with BitLocker, then running the format command will help. The format command in Vista and newer checks to see if the previous data was a BitLocker volume, and if so, scrub away the remnants of the old volume keys. You can use TrueCrypt and create a dummy volume for the same result.
I erase data before using a drive for three reasons:
First, to exercise the drive and all accessible sectors, so the drive relocates marginal stuff immediately. In the old days, you could periodically low level format a HDD which would shrink the drive's capacity, but extend the life of the drive by cleaning out the relocation table and making it ready for handling new defects encountered. However, new drives don't have this, so the next best thing is to test all sectors before use.
Second, there have been cases of people facing criminal and civil charges for data on their storage media that wasn't theirs... it came with the device. Whether this is true or not can be debated, but it is best to not let it happen in the first place.
Third, there is always the chance of malware be installed somewhere along the supply chain. By completely zeroing it out from the MBR to the last sectors, this threat is mitigated for the most part.
This also shows another sad fact. There are a number of "computer repair" places that are pretty shady. I'm sure most readers of /. can likely do better than a lot of repair joints.