From Asahi Shimbun
A man who won an Internet auction for used hard disks soon discovered that he was in the possession of confidential and sensitive government information that he had no business reading.
At first, the man, who owns an information technology company, was puzzled when he found repeated mention in the file names of Kanagawa Prefecture.
But he was in for a greater shock when he used recovery software and found that the files on the hard disks contained mountains of data compiled by the Kanagawa prefectural government.
The data included everything from individuals who were behind on their taxes and the amount; documents considering the seizure of assets; documents related to contract bid amounts; rosters of employees at public schools; and even design blueprints for electric power plants and water supply works.
(Score: 2) by maxwell demon on Tuesday December 10 2019, @06:08PM (14 children)
The first question is: How did such diverse information end up being on the same hard disk to begin with? Seems the relaxed handling of information goes far deeper than “just” inadequate (non-)deletion of hard disk data.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 1, Insightful) by Anonymous Coward on Tuesday December 10 2019, @06:13PM
27 terabytes sound like it was probably a box or palette of hard disks ranging in size from 120GB to 2TB depending on how old they were when decomissioned. The key detail here is no one securely wiped the hard disks when they were decommissioned and they were then sold or claimed 'recycled' by an organization or individuals who didn't do THEIR due diligence in wiping them before reselling them to a third party.
I bet a lot of Japan's rivals in the region will have proxies bidding on these disk sales again if they haven't been this entire time, because this is exactly the kind of treasure trove an intelligence organizations routine fishing expeditions are made to collect.
(Score: 2) by DannyB on Tuesday December 10 2019, @06:14PM (12 children)
Was it the same drive? 27 TB is an awfully big hard drive. Especially for an old PC to have.
He could have bought a liquidated lot of multiple drives that came from various old government computers in different departments.
At the dawn of the year 2020 we would think everyone has learned these lessons by now. But nope.
Dear support department: I received your recent request for me to send you my most recent backup. Please find the floppy disk stapled to this letter.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 2) by Immerman on Tuesday December 10 2019, @06:37PM (11 children)
> Please find the floppy disk stapled to this letter.
And what's wrong with that? So long as you only staple the corner, which is what most people do most of the time, the disk itself will be fine. Heck, even the edges are probably okay (for a while) so long as the disk isn't full. Which probably led to some people being really confused when every once in a while the data was corrupted because they poked a hole through a data-bearing bit of disk.
My favorite was the lady who couldn't figure out why her data kept getting corrupted when keeping her disks safely secured to a filing cabinet with magnets...
(Score: 5, Funny) by DannyB on Tuesday December 10 2019, @07:17PM (10 children)
I was making regular backup copies of the floppy disk, but right now our photocopier is broken.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 2) by Immerman on Tuesday December 10 2019, @07:34PM (5 children)
I must say, I've never before seen someone manage to break their New Years Resolution before New Years even arrives. That's got to be some kind of record.
(Score: 2) by DannyB on Tuesday December 10 2019, @09:18PM (4 children)
The idea is that maybe 2020 could finally be the first year that I don't break it. I'm trying so hard.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 2) by Immerman on Wednesday December 11 2019, @02:39PM (3 children)
Well... I suppose if you squint just right making a self-breaking resolution is kind of like not breaking it yourself?
(Score: 2) by DannyB on Wednesday December 11 2019, @03:52PM (2 children)
Self breaking resolutions are better than resolutions that require manual effort to break. Easier to deploy. More complex to construct.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 2) by Immerman on Wednesday December 11 2019, @04:06PM (1 child)
I suppose at the master level you construct resolutions that preemptively break next year's resolution? Or perhaps retroactively break last years?
(Score: 0) by Anonymous Coward on Wednesday December 11 2019, @10:22PM
This sentence is a non-self-breaking non-resolution of itself.
(Score: 2) by maxwell demon on Tuesday December 10 2019, @08:10PM (3 children)
I've once read somewhere on the internet of an incident where support asked for a copy of the installation disk of a program to find out why it didn't work. The customer sent a photocopy. And yet, support could help them: They found out from the label that it was the wrong version.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by DannyB on Tuesday December 10 2019, @09:37PM (1 child)
I had been making backups, as you said, but then I read: DON'T COPY THAT FLOPPY! So I quit making backups believing that to be the right thing to do.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 3, Insightful) by maxwell demon on Wednesday December 11 2019, @09:30AM
“No, I didn't obtain an illegal copy of the floppy. I'm just keeping a backup floppy for a friend. You know, it is important to store backups off-site. Why I installed the program on my computer? Well, it is important to test backups to ensure they actually work.”
The Tao of math: The numbers you can count are not the real numbers.
(Score: 1) by notrandom on Wednesday December 11 2019, @07:04AM
Welp, i'm a webmaster/sysadmin and also a client of the hosting industry. I had to deal with many more idiotic sysadmins and support personnel than with stupid clients... =/
(Score: 2) by DannyB on Tuesday December 10 2019, @06:09PM (11 children)
It's cheaper1 to "liquidate" old drives (for incoming money) than to have them sand blasted (expense).
1for some definitions of "cheaper", assuming drives could never have anything sensitive
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 2) by Immerman on Tuesday December 10 2019, @06:44PM (10 children)
Yep. Which is why somebody should be sued into bankruptcy for failing to wipe the disks properly first - make sure the economic incentives are properly aligned.
It's not like it's terribly difficult or expensive to do the job properly - recording a single pass of zeros is enough to render the data inaccessible to any proven technology, though in theory you might still be able to recover data by extracting the platters and analyzing them with far more sensitive hardware.
(Score: 0) by Anonymous Coward on Tuesday December 10 2019, @06:50PM (5 children)
Is probably enough to 'securely' wipe actual high security drives as well. The odds of coherent data being visible after at least one noise pass that has time to sit before being zeroed is next to nill.
(Score: 2) by Immerman on Tuesday December 10 2019, @07:27PM (4 children)
Do you have any evidence that a second pass, much less the sitting around, actually improves the situation? I can't imagine how sitting would make any difference whatsoever.
With modern drives I haven't even seen any evidence that that random data instead of zeros actually improves the situation - though so long as you can generate random data faster than you can write to disk it certainly won't hurt anything, and may well help, at least against well-funded data recovery attempts.
In the days of yore, when hard drives heads were imprecise and disks had large "neutral zone" gaps between tracks to prevent accidentally overwriting data on adjacent tracks, a single pass would leave quite a bit of the previously recorded data remaining in the "neutral zones". It usually wasn't possible to recover the data using the same drive, but putting the platters in a more flexible recovery drive could recover quite a bit it from the "neutral zones". Which led to "military grade" wiping procedures with 5+ passes of noise - each pass would write over a slightly different part of the tracks and surrounding neutral zones, and after several passes you could be confident that the neutral zones would be well-scrambled.
With modern hard drives though the "head slop" and associated "neutral zones" have been virtually eliminated in the quest for greater data densities. And while the platter will still show magnetic anomalies to sensitive enough equipment after a single pass of zeros, I've heard of no evidence that anyone has proven the ability to actually use those anomalies to recover data. Of course there's no guarantee I'd hear about the data-recovery capabilities of covert government intelligence agencies - so a few more random passes to err on the side of safety is probably called for with high-security drives, and even physical destruction probably isn't overkill.
And then we have SSDs - where there's basically no possible way to be completely sure that you've wiped the drive, and physical destruction is the only secure option. Yes, *if* you used whole-disk encryption from day one,and *if* it was 100% flawlessly implemented, then just wiping the key will do the job. But that a whole lot of "if" to rely on for a high-security application.
In fact, it seems to me the lack of a way to wipe SSDs securely is a major flaw for modern PCs. Whole-disk encryption is usually not called for, and comes with a lot of potential risks and headaches to the point that it's hard to recommend without a good reason. But there should be a way to reasonably effectively wipe the data before passing it on to someone else.
(Score: 2, Informative) by Anonymous Coward on Tuesday December 10 2019, @08:35PM (3 children)
I think the "standard" for secure erasure is:
1) a zeros pass
2) a ones pass
3-6) random data passes
7) a zeros pass
The "need" for this 7 pass erasure is why "Cryptographic Erasure" drives actually exist. Basically, a CE drive is one that is encrypted, but the key is "under the door mat" so to speak. The idea being that when you erase it, you overwrite that key 7 times (fast) and you have nothing but garbage on the rest of the drive, then a zeros pass and you are done.
(Score: 0) by Anonymous Coward on Wednesday December 11 2019, @02:07PM (1 child)
yeah 'tis is funny. one would assume that HDD manufacturers "know best" and would have a device for sell, that is maybe 3xAAA battery powered sits on the desk and you can slot-in a 3.5" and press the big red "erase" button?
but noooo ... it is nigh impossible (time wise) to erase them, so junk 'em and don't recycle/second-hand 'em.
(Score: 2) by Immerman on Wednesday December 11 2019, @02:37PM
DBAN - Darrel's(?) Boot And Nuke.
Burn it onto a CD, boot the computer off it, and select how secure an erase you want to apply to the hard drives.
Not quite a standalone box, but you can use any old computer you happen to have lying around. There might even be a Raspberry Pi version which would allow for a pocket-sized option.
(Score: 2) by Immerman on Wednesday December 11 2019, @02:22PM
I think you're right that the standard is something like that. My point is that it's a standard that was created when hard drive implementation details were very different than they are now, and data could be readily recovered by inserting the platters in a drive that would read the gaps between tracks.
Cryptographic erasure is a wonderful alternative - but only if the encryption is theoretically unbreakable (which is... almost nothing in the face of emerging quantum computers) and the implementation is perfect. And as we've seen time and again with such drives, the implementation is often deeply flawed.
(Score: 2) by dry on Wednesday December 11 2019, @05:34AM (3 children)
Spare sectors are another way to possibly leak some data. Need controller access but on an old drive some sectors may have been swapped with a spare and still be readable.
(Score: 2) by Immerman on Wednesday December 11 2019, @02:44PM (2 children)
That's a *huge* problem with SSDs, which may have a significant portion of their entire size as spare cells not directly accessible to the computer.
I don't think it's possible for hard drives though - hard drives don't exclude bad sectors, the file system does. So long as you're ignoring the file system and overwriting the tracks and sectors directly, you can be sure of getting the entire thing.
(Score: 2) by dry on Wednesday December 11 2019, @03:52PM (1 child)
Look at the Smart output on a spinning drive, there's "Reallocated Sector Count" as one of the more important attributes, along with "Reallocation Count" and Pending Sector Count". This happens at the hardware level as the manufacture knows there might be a weak spot on the drive. I've had drives where this number has been non-zero and if it is increasing, the drive should be retired quick.
For security, it's only a worry for the most secure stuff as it is likely to be random sectors and need a modified hardware controller to read, though as you say, SSD's are different and worse.
Here's a description of the attribute, https://harddrivegeek.com/reallocated-sector-count/ [harddrivegeek.com]
(Score: 2) by Immerman on Wednesday December 11 2019, @04:16PM
So there is, I had forgotten abut that.
A nightmare from a performance and security perspective, but I suppose once they start showing up in any quantity the drive is likely destined for the waste bin in the near future anyway.
Not that I don't have a few such drives still in service years later, but I don't trust them with anything important.
(Score: 0) by Anonymous Coward on Tuesday December 10 2019, @06:27PM
That data should have been spread far and wide.
Buy more used HDDs.
(Score: 4, Interesting) by SomeGuy on Tuesday December 10 2019, @06:48PM (4 children)
Unfortunately, some higher ups are going to see this story and make an extra push to destroy used drives and equipment rather than letting it be re-used. Not that destroying "modern" stuff (anything with blue LEDs) is a major loss, but unfortunately that winds up including everything "vintage", for which there is a good demand. Things like MFM/RLL hard drives, 50-Pin SCSI drives are in demand for people who want real vintage systems and run some kinds of software like they were meant to be run. And these sorts of polices wind up encompassing all hardware - that TRS-80 Model III *MUST* go in the chipper shredder because it *MIGHT* have sensitive data in it somewhere. Thanks assholes.
On the flip side, when you purchase a used drive, you might not like what you find on it. You could see things that might melt your tiny little brain. One should generally wipe drives before using them. If you have to retrieve drivers or application programs, do NOT look at personal documents, then wipe it and never admit to looking at it at all.
This guy was a jerk for recovering this data, but sadly there are genuine crooks out who would be happy mis-use such data. Ideally, those disposing of disks with truly sensitive data like this should wipe them first, but that takes time, power, and know-how.
(Score: 0, Funny) by Anonymous Coward on Tuesday December 10 2019, @07:29PM
Good advice for your own tiny brain. Real men should recover that data and dump it on the internet.
(Score: 2) by epitaxial on Tuesday December 10 2019, @07:38PM
I bought an SGI Octane that belonged to the department of defense. They removed the eeprom with the MAC address and even the RAM! As if it would still hold confidential information...
(Score: 2) by Nuke on Tuesday December 10 2019, @08:27PM (1 child)
He did not "recover" it, he simply read it. He was not a crook and even if he had not read it I don't think his shining example would stop any crooks in their tracks. And I'm a jerk too because I have bought used HDDs and reading them as received was the first thing I did, if only to check that the things worked.
In one case there was loads of personal info including photos (no pr0n, before you ask) and the guy's schedule of meds - he took pills in bucket loads. I just zeroed it.
(Score: 2) by ewk on Wednesday December 11 2019, @09:34AM
From the article: "he used recovery software"
Not sure in which universe that can be interpreted as "he did not recover it" (with or without quotation marks around 'recover').
I don't always react, but when I do, I do it on SoylentNews
(Score: 2) by Acabatag on Tuesday December 10 2019, @06:55PM (1 child)
I once bought an old laptop at a University Surplus auction. There were a lot of laptops sold at auction that day, and the notice at the auction stated they all had their hard drives removed. This was in the era of the Pentium 4 laptop, but the one that I bid on was much older, I think it sported a 486 processor. I was buying it for almost nothing for my collection. It turned out to have a hard drive, with Windows 3.1, and a large amount of medical research data, with entries assigned to children by name. Obviously I just deleted it all.
The apes in charge don't always know what to do, especially when it's not the typical hardware they are used to being apeshit destructive toward. Thank goodness, because the most interesting old hardware sometimes eludes their gorilla scrutiny. I also once bought a SparcStation at that auction that had belonged to a professor. He had no password on his account and just abandoned it with his home directory, etc just sitting there.
(Score: 2) by Acabatag on Tuesday December 10 2019, @07:01PM
I'll add that I also have a rather nice top-end for it's time laptop that came with Windows XP and a locked account. The flea market seller told me that it would need a new hard drive. So I ran lophtcrack on it, deleted all the lawyer's legal documents they had left on it, and it's a very nice laptop. A good machine for retro XP-era games.
(Score: 3, Insightful) by jimtheowl on Wednesday December 11 2019, @01:12AM (3 children)
If I am disposing of a hard drive (or more likely giving it away), I will boot the machine with a CD/DVD with https://dban.org/ [dban.org]DBAN, and run different algorithms on it for a few days.
I'm not saying it is the best solution, but it does at least prevent people from writing such articles.
(Score: 0) by Anonymous Coward on Wednesday December 11 2019, @01:15AM (2 children)
Man, it's all about that volcano disposal. HDD in, lava out.
(Score: 2) by jimtheowl on Wednesday December 11 2019, @01:46AM (1 child)
ie: https://www.youtube.com/watch?v=tgv0YF4dtAY [youtube.com]
(Score: 2) by maxwell demon on Wednesday December 11 2019, @09:45AM
The volcano method is more secure, because you can closely guard the disk until it actually is thrown into the volcano. While if you send it into the sun, your adversaries have the option to use a faster spacecraft to retrieve your hard disk before it reaches the sun.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by Freeman on Wednesday December 11 2019, @03:57PM
http://www.asahi.com/ajw/articles/AJ201912070027.html [asahi.com]
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 0) by Anonymous Coward on Wednesday December 11 2019, @04:16PM
Well at least he didn't sell it to China or similar... :)