Clean Your Disk Drives

A few years ago, I tossed out a few disk drives. They were old Macintosh drives, about 100 megabytes each. I had just purchased some new 50 gigabyte drives (three of them), and thus didn't feel like keeping the old workhorses around anymore. They were just too small.

The drives contained personal family data so I decided to be a bit paranoid about cleaning them up. I had visions of some evildoer digging the drives out of the city dump, grinning and pulling the data off for some nefarious purpose.

I ran a special program to scramble the data: three times. I don't know why I chose that many times but it seemed like the right number. Then I formatted the drives. I know, it seems like a lot of work just to protect some data, but I wanted to be sure.

After reading about a study detailed in a report entitled, "A Remembrance of Data Passed: A Study of Disk Sanitization Practices", I am glad that I went through the trouble. Although I am reasonably certain that a disk drive buried in a trash dump for a few years would not be useful to anyone, you never know.

Two MIT graduate students purchased used 158 disk drives on eBay via their online auctions, at computer stores, salvage companies and even swap meets. That's how people "normally" dispose of unneeded hardware - they try and sell it for a few bucks. After all, it seems silly to throw out hardware without getting something in return.

These students analyzed the drives and found that 117 of them (a whopping 74%) contained usable information that, with varying degrees of effort, could be recovered. Fully 17% of the drives contained an operating system and user data. The data on these disks was frightfully easy to recover.

Equally frightfully, even though 57 of the drives (36%) had been formatted, data was still recoverable through various means. In fact, only twelve of the drives had been cleaned properly and had no usable data at all.

What data did these students find as their reward for their hard work? Their report stated they found what was apparently 2,868 credit card numbers, bank account numbers, account balances and other financial data (they believe this came from an ATM machine). Yet another drive contained 3,722 credit card numbers, and other drives contained financial information in web page caches.

Alarmed yet? The students found gigabytes of pornography, personal documents and letters, journals and thousands of other things that would horrify the original owners if only they knew.

You should check out this report as it is very interesting reading.

So what is the lesson to be learned from this?

Old disk drives, magnetic tape, floppies, zip drives, CDs, DVDs and any other media needs to be completely and totally destroyed before it is resold, given away, loaned out or thrown in the trash.

You cannot depend upon the operating system to delete the data for you.

  • Deleted files are simply moved to the recycle bin, and these can be easily recovered by anyone.
  • If the recycle bin is emptied, file recovery tools can generally recover the files without much trouble.
  • When a drive is formatted it is not actually erased. The data still exists. All a standard format does is create a new partition table, which maps each sector of the drive so it can be found by the operating system again. The data can be recovered, although it is not simple.
  • Even erasing the data multiple times is not perfect, although that will defeat all but the most determined and highly skilled experts. However, the original magnetic patterns are never entirely erased, and they can be recovered (although this is something that only the top-of-the-line labs can accomplish).
  • The only real way to make sure the data cannot be recovered is to physically destroy the drive platters. I have a friend (an ex-Marine) who used his old drive platters as targets. While it's still theoretically possible  to recover the data, it's hard to do so when the platter itself contains holes, dents and other extremely physical damage.

I would not suggest you go so far as to shoot all of your old disk platters full of holes, but I would recommend that you MUST protect your data (and your customers, vendors and business) by erasing and formatting any drive (or other media) before discarding it.

This is the prudent thing to do.