Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday December 10 2019, @05:51PM   Printer-friendly
from the that's-a-big-easter-egg dept.

From Asahi Shimbun

A man who won an Internet auction for used hard disks soon discovered that he was in the possession of confidential and sensitive government information that he had no business reading.

At first, the man, who owns an information technology company, was puzzled when he found repeated mention in the file names of Kanagawa Prefecture.

But he was in for a greater shock when he used recovery software and found that the files on the hard disks contained mountains of data compiled by the Kanagawa prefectural government.

The data included everything from individuals who were behind on their taxes and the amount; documents considering the seizure of assets; documents related to contract bid amounts; rosters of employees at public schools; and even design blueprints for electric power plants and water supply works.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by dry on Wednesday December 11 2019, @05:34AM (3 children)

    by dry (223) on Wednesday December 11 2019, @05:34AM (#930968) Journal

    Spare sectors are another way to possibly leak some data. Need controller access but on an old drive some sectors may have been swapped with a spare and still be readable.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by Immerman on Wednesday December 11 2019, @02:44PM (2 children)

    by Immerman (3985) on Wednesday December 11 2019, @02:44PM (#931052)

    That's a *huge* problem with SSDs, which may have a significant portion of their entire size as spare cells not directly accessible to the computer.

    I don't think it's possible for hard drives though - hard drives don't exclude bad sectors, the file system does. So long as you're ignoring the file system and overwriting the tracks and sectors directly, you can be sure of getting the entire thing.

    • (Score: 2) by dry on Wednesday December 11 2019, @03:52PM (1 child)

      by dry (223) on Wednesday December 11 2019, @03:52PM (#931083) Journal

      Look at the Smart output on a spinning drive, there's "Reallocated Sector Count" as one of the more important attributes, along with "Reallocation Count" and Pending Sector Count". This happens at the hardware level as the manufacture knows there might be a weak spot on the drive. I've had drives where this number has been non-zero and if it is increasing, the drive should be retired quick.
      For security, it's only a worry for the most secure stuff as it is likely to be random sectors and need a modified hardware controller to read, though as you say, SSD's are different and worse.
      Here's a description of the attribute, https://harddrivegeek.com/reallocated-sector-count/ [harddrivegeek.com]

      • (Score: 2) by Immerman on Wednesday December 11 2019, @04:16PM

        by Immerman (3985) on Wednesday December 11 2019, @04:16PM (#931102)

        So there is, I had forgotten abut that.

        A nightmare from a performance and security perspective, but I suppose once they start showing up in any quantity the drive is likely destined for the waste bin in the near future anyway.

        Not that I don't have a few such drives still in service years later, but I don't trust them with anything important.