Wealth of Personal Data Found On Used Electronics Purchased Online 70
An anonymous reader writes: After examining 122 used mobile devices, hard disk drives and solid state drives purchased online, Blancco Technology Group and Kroll Ontrack found 48% contained residual data. In addition, 35% of mobile devices contained emails, texts/SMS/IMs, and videos. From the article: "Upon closer examination, Blancco Technology Group and Kroll Ontrack discovered that a deletion attempt had been made on 57 percent of the mobile devices and 75 percent of the drives that contained residual data. Even more compelling was the discovery that those deletion attempts had been unsuccessful due to common, but unreliable methods used, leaving sensitive information exposed and potentially accessible to cyber criminals. The residual data left on two of the second-hand mobile devices were significant enough to discern the original users' identities. Whether it's a person's emails containing their contact information or media files involving a company's intellectual property, lingering data can have serious consequences."
this is why (Score:3)
Re: this is why (Score:1)
This is why when I buy old electronics the hard drive comes out...
and onto a usb-sata adapter to have a nose. If you think you're gonna find nudes you're right - I have so many dick pics it's crazy.
Re: (Score:2)
I have so many dick pics it's crazy.
Um... oookay. "Had" might have been a better choice of words.
Re: (Score:1)
I'm dying to know how you pull out the disk of your smartphone (without killing it, that is).
Re: (Score:2)
Re: this is why (Score:1)
Because wiping it doesn't always work, especiallyusing the on board methods in a phone.
Re: (Score:3)
I take an easier approach. If I'm selling something I'll replace the drive.
However, for a machine I'm giving to a friend or family member, what I wind up doing is just a format command, then a pass with cipher /w (assuming Windows.) Since all my volumes are BitLocker protected, a format command overwrites the areas on the hard drive with the volume master key multiple times. Even with the right BitLocker password or recovery key protector, the data is gone, since the master key cannot be retrieved. The
Re: (Score:3)
Re: (Score:2)
Boot n' Nuke CD, 1 pass. That's all it takes to keep 99.99% of the would be thieves at bay. 7 pass DoD is way overkill.
Re: (Score:2)
For me it's DBAN with "autonuke"...
Re: (Score:2)
How with mobile devices? What about warranties when the company want them back to RMA?
Re: (Score:2)
Don't mobile devices have a clear and delete everything that works?
I know iOS does - since iOS 3. On iPhone 3GS and higher, what it does is it deletes the flash storage key and regenerates a new one (which is why the older ones needed a OS reload - it wiped the OS as well). On older iPhones, it physically erased the storage because the stores are unencrypted. Which is why on those phones it took hours to run, while on the
and not just YOUR devices (Score:5, Informative)
Re:and not just YOUR devices (Score:5, Funny)
They also found out that 27% of all copies made were of someone's ass.
Re: (Score:1)
Photocopiers would have to be the worst offenders. Seriously, I'm no hacker, but most of time these things seem to keep a store of whatever has been printed, photocopied and scanned *visible* by default. A few clicks and you can find it and reprint it: no passwords, nothing. Maybe there's a setting to turn of this default stupidity, but usually these are work machines set up by a secretary or someone similar, so there's almost zero chance of the defaults being changed.
Now I'm mildly paranoid so I manuall
Okay, seriously.... (Score:3)
Really, does this surprise anybody?
Headline should read, "Most People Too Stupid To Wipe Electronic Devices Before Selling Them", and it should be from the Really really shocking news dept"
Re:Okay, seriously.... (Score:5, Insightful)
Really, does this surprise anybody?
Headline should read, "Most People Too Stupid To Wipe Electronic Devices Before Selling Them", and it should be from the Really really shocking news dept"
in those people's defense, it is difficult to completely wipe mobile devices. using the device's own wipe/format tools does not guarantee the device does not have residual data. it's easier to wipe a hard disk on a PC (using DBAN or similar), but mobile devices are not as easy to format and clean.
Re: (Score:1)
Here [willitblend.com] is what you do with those mobile devices.
Re: (Score:2)
Here [willitblend.com] is what you do with those mobile devices.
i mean, that is the fun way to data privacy, but i'd also want to avoid the carcinogenic fumes :)
Re: (Score:2)
Especially when they are broken. :(
Re: (Score:2)
I do have a very effective strategy for wiping mobile devices using a third party device [wikipedia.org]. Unfortunately it tends to reduce the resale value a bit :)
Re: (Score:3)
Really, does this surprise anybody?
I'm not surprised in the least. It's hard for folks who barely know how to plug something in and turn it on to comprehend how dangerous the information on that hard drive really is, even if you have deleted all the files you think are important. How many people know (or would care if they did) how the file system on their laptop actually works, that deleted files are NOT gone yet, or that cluster tips and system save/restore and crash dumps can carry a wealth of information even if you have run a multi-pa
Re: (Score:2)
that deleted files are NOT gone yet, or that cluster tips and system save/restore and crash dumps can carry a wealth of information even if you have run a multi-pass overwrite program? Very few.
And this is why when I'm decommissioning a PC, the hard drive is removed, taken to the range, and literally shot to pieces.
If inclement weather doesn't permit the "range erase" option, a hammer and chisel plus a band-saw do a pretty good job.
Either way, it's destroyed beyond any hope of recovery. I suspect even a highly-advanced alien race would be hard-pressed to reconstruct it far enough to get anything useful off of it.
Re: (Score:3)
Re: (Score:3)
You mean you don't take the time to dissemble the drive, remove the platters and dissolve the magnetic coating in acid?
I used to scrape the magnetic coating off with my teeth but then knives and forks started sticking to my teeth. So embarrassing.
Re: (Score:2)
Heathen. You don't recover the fridge magnets?
Re: (Score:2)
and even when they do (Score:2)
Re: (Score:2)
Not really considering that this type of article comes out at least once a year.
Re: (Score:2)
Actually "most people are too stupid" is a proper headline. and it's the truth. the average person is dumb as a box of rocks when it comes to ANY technology. and it's because they dont want to bother learning.
Lazy is the new in thing.
Re: (Score:2)
Re: (Score:2)
Technically you fall in this "stupid" category, as just wiping alone is not sufficient to prevent recovery.
Not the way I wipe them. It involves a range and about 20 rounds of 5.56 ammo. And I provide a 100% guarantee that no data will be able to be recovered.
Re: (Score:2)
Headline should read, "Most People Too Stupid To Wipe Electronic Devices Before Selling Them", and it should be from the Really really shocking news dept"
How does shooting "about 20 rounds of 5.56 ammo" relate to your comment about wiping a device? You are referring to physical destruction of media, whereas wiping is typically associated with the function literally using the word "wipe" in a mobile device recovery or OS, such as "wipe data" or "wipe cache". (Wipe-by-shooting-with-ammo is not an option.)
Re: (Score:2)
How does shooting "about 20 rounds of 5.56 ammo" relate to your comment about wiping a device? You are referring to physical destruction of media, whereas wiping is typically associated with the function literally using the word "wipe" in a mobile device recovery or OS, such as "wipe data" or "wipe cache". (Wipe-by-shooting-with-ammo is not an option.)
Thanks, Mr Pedant!
Look, you wipe your way, I'll wipe my way. And frankly, no one can dispute that when I'm done doing it my way, the data is indeed, "wiped out". :)
Re: (Score:2)
Sure, fine, we can agree to that.
Your comment is not helpful though and is actually counter-productive. On face value, your comment is propagating the issue, making people feel sure that they are wiping* their device and they are fine.
*With no other further action** as you later revealed.
**Cited further action is not even valid when discussing selling a device.
Re: (Score:2)
Your comment is not helpful though and is actually counter-productive. On face value, your comment is propagating the issue, making people feel sure that they are wiping* their device and they are fine.
Bullshit. Stop being such a pedant. My comment is not responsible for anyone doing or not doing anything.
-
**Cited further action is not even valid when discussing selling a device.
It is if they're buying a box full of fractured metal and plastic debris that used to be a hard drive.
Seriously, stop being such a fucking numpty. No one except the most quibbling of anal-retentive nitpickers could or would misunderstand my comment or take issue with it the way you have.
Re: (Score:2)
Re: (Score:2)
You OK?
Perfectly fine, thanks for asking.
Happens all the time. (Score:3, Insightful)
No surprise to me... (Score:2)
I once bought a lot of used/returned MP3 players at auction. While I didn't get a wealth of personal data, I did get a wealth of "free" music. Based on value, I was actually paying for the music rather than the MP3 players.
Retailers don't have the resources to wipe the memory on returned devices, they rely on the people who buy the resold devices to be scrupulous.
Re: (Score:2)
Too bad it was probably all top 40 bs or country...
1.69% of identities discerned (Score:2)
The humanity!!
yep, noticed that (Score:3)
There was a time when my daughter was really into blackberrys, because you could text really fast on the keyboard. She discovered that a local electronic junk store had a stack of various models of blackberry for something like five bucks apiece, so she bought three of them, and would put her sim in different phones depending on whether she felt like carrying a 6000 series or a 7000 series or a Curve.
Anyway, one thing she discovered is that none (0) of them had been wiped, and she had access to documents, baby photos and all kinds of stuff. Nothing pornographic, fortunately. At least, that she told me about.
Re: (Score:2)
I even received an unwiped "Warehouse Deals" phablet from an unnamed online vendor (potentially named after a large river), that had personal documents, holiday pictures AND pornographic videos on it. My girlfriend discovered the videos - fortunately right on the first day, while we were playing around with it. Said online vendor then immediately agreed to a further discount. Which was quite a good idea, since in my country, spreading unwanted pornographic material is illegal.
And yes, I also know the previo
Re: (Score:2)
For Android, you could do something like boot into Recovery, completely format all the partitions (except recovery), and reflash the ROM. If you wanted to be especially paranoid you could adb into it and dd if=/dev/zero the whole thing a time or two and then reflash it. Hell of a lot of work though, and typically would require some kind of rooting or alternative recovery for some of the options.
iOS devices you'd pretty much have to jailbreak to do something like that directly. I have no idea how thorough a
Was an Amazon device my Mom bought new (Score:2)
It wasn't and required another's account removed, all of this Mexicans information was displayed down to their credit card number, and other personal info; making sure we wanted this information removed.
We did laugh at it later thinking of the problems this person would of had if we were that type.
WHAT??? (Score:1)
AGAIN???!!! :/
When will this news item stop being regurgitated. OF COURSE information will be found on discarded storage devices.
We know, it's logical and expected, and we have been informed by jobless journalists a zillion times already.
Devices contain residual data .. (Score:2)
Not always possible to wipe a phone (Score:2)
My Samsung Galaxy S3 was an awesome phone, up until the moment it died without warning. It was simply sitting on my desk charging one moment, and then completely gone the next. Battery swap didn't fix it.
I had insurance on the phone and ended up using it, but the phone was dead and there was no way to wipe it. I had to send back the dead one as-is in exchange for a replacement. What happened to that broken phone, I have no idea, but it would not surprise me if a pile of broken phones ended up being rep
Includes CPO Cars as well (Score:2)
Two years ago I bought a Certified Pre-Owned BMW from a dealer. It's basically a used car of a supposed "higher quality" from a dealer. Turned out that even though they do some sort of 5million point inspection, they forgot to clear the mp3 collection uploaded into the car's entertainment system, didn't clear the stored phonebook, nor the 10 recent phone numbers.