http://www.wired.com/news/technology/0,1282,54986,00.html [Data destruction doesn't have to be tedious, with some specialized tools: http://www.23.org/~chs/gallery/defconx/shoot/pict2159f.jpeg http://www.23.org/~chs/gallery/defconx/shoot/pict2170f.jpeg Good clear conditions, and few good friends, you can get the desired effect, and guarantee that **NO ONE** is going to be able to read the information on your former drives: http://www.23.org/~chs/gallery/defconx/shoot/pict2206f.jpeg http://www.23.org/~chs/gallery/defconx/shoot/pict2205f.jpeg :) - WK] -=- By Elliot Borin 2:00 a.m. Sep. 25, 2002 PDT Who is Bob Knowles and why does he claim that "if the right terrorist got the right 10 or 15 or 20 (surplus) computers, this country could be bankrupt?" Among other things, Knowles is the founder and CEO of Technology Recycling. And he would much rather people pay him $37.50 per component to break their old PCs down to tin, glass and molten hard drives than have them sell the machines intact to someone else. But that doesn't invalidate his claim that "the true toxicity in recycled computers is the data ... the lead and mercury are small potatoes." Citing a Gartner report that the only way to truly protect computer data from pirates is to destroy a system, Knowles said that selling the units without hard drives is not an adequate solution. Critical bits of information can be reclaimed from the RAM chips and CPU core. "I can't name any government agencies that are doing a good job at this," he said. "Banks, insurance companies, hospitals -- they're all clueless. The FAA, IRS, Federal Reserve (Board) all sell their computers. Charles Schwab, all the major hospitals, sell their computers. "One day they're spending millions on firewalls and encryption to protect these computers and the next they're selling them to the highest bidder. You say, 'You shred your documents, why don't you shred your computers,' and they go, 'Ooohhhh, my god.'" Many security experts agree that "dustbin computer" data poses a legitimate threat, if not to the fate of the nation, then to individuals' privacy rights. Consider pop icon Paul McCartney. His manager once sold some old PCs with financial records still intact on the hard drive, revealing to a not terribly surprised world that the ex-Beatle is not, in fact, a pauper. "You can find used drives on the cheap in bulk from any number of sources," said security consultant Richard Forno. "Anyone selling used hard drives should sanitize them thoroughly. Absent that, you will always have information getting out.... (It's) a very bad problem." Computer swap-meet vendor Jim Jensen relies on the General Services Administration's auction site for a consistent supply of spare parts for orphaned or obsolete machines. "Normally I boot them up, make sure the CPUs, RAM, hard drives, motherboards and power supplies are OK, strip them and sell the parts," he says. "Occasionally I do read a few files ... the most interesting so far was e-mail about a failed missile test that was on a NASA unit." Jensen suggests the GSA could make life more difficult for snoopers if it were more circumspect in describing its wares. "They tell you exactly who used it and where," he noted. "Who wouldn't fire up a data-recovery program to see what was on a drive labeled 'CIA, Langley, Virginia'?" Techno-junk disposal is an 800-going-on-800,000-pound gorilla. EPA regulations severely limit what can go into landfills because of toxic materials. The 2001 Gramm-Leach-Bliley Act requires companies collecting personal financial data to provide cradle-to-grave security for it. One solution is donating used, but functional, computers to organizations trying to bridge the digital divide. As far as Knowles is concerned, even that approach is fraught with peril. "Some states give obsolete equipment to prisons for training inmates," he said. "There have been a lot of identity thefts and even cases of ex-cons stalking state employees." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Sep 26 2002 - 02:19:00 PDT