Pinterest Stumbleupon Whatsapp
Ads by Google

I recently found a discarded desktop computer, a Dell Inspiron model, lingering by the dumpster. Anything left next to dumpsters signifies that the former owner wants you to take it. Whoever abandoned the computer wants to do someone a favor. Unfortunately, computer donators don’t really know what they’re actually giving away: Privacy, passwords, security and potentially a great deal of money.

After giving the discarded computer a quick teardown, I put it through a variety of security tests and found glaring problems – problems our readership may learn from.

Stealing someone’s identity doesn’t take a lot of intelligence or even a lot of effort. The bad guys only need you to trust them with your hard drive and a combination of bootable live disks, brute-force password crackers and recovery software can turn your financial and personal life into a living hell.

Initial Observations

The computer itself had a great deal of dust inside of it – suggesting that the previous owner  likely didn’t properly dispose of their data. Upon close inspection, the dust itself had a peculiar kind of texture to it. When hit with canned air, it didn’t immediately disperse the way most dust does. A sure sign that the owner smoked around his electronics.

closeup of fan

For those who don’t know – smoking around computers is a big no-no. Smoke carries with it oil, which adheres dust to surfaces. You can tell the difference between dust from a smoke-free home and dust from a smoker’s. Just put your nose to the power supply exhaust and you can smell the difference.

Ads by Google

Opening the computer up revealed a dust-choked, yet still intact computer. All the primary components were there – motherboard, CPU, DVD drive, RAM and the power supply. This shot was taken after blowing it out with canned air. Notice the dust’s persistence.

fan clogged with dust

The component that caught my eye, the soul of the computer: a hard drive. Getting access to just the hard drive gives an attacker a tremendous amount of power. They don’t really need anything other than the hard drive to launch a penetrating assault into the darkest corners of your personal life. Just two kinds of software make it easier than stealing candy from a baby.

Ophcrack

There are about a dozen easy ways to perform a password reset or password recovery on someone’s computer. Ophcrack is a Linux-based Live USB/CD that does just this without any understanding of computers required. Simply download and burn the image to a USB or CD/DVD and boot it on the target computer, just like an installation disk. By default it will attempt to solve up to 14-character long passwords using what’s referred to as a Rainbow Table.

While a brute-force attack attempts to guess the locked computer’s password, a Rainbow Table differs slightly in that it offers a variation on the brute force method, combining a pre-generated table. Here’s a great explanation of how Ophcrack works Ophcrack - A Password Hack Tool to Crack Almost Any Windows Password Ophcrack - A Password Hack Tool to Crack Almost Any Windows Password Read More . In short, it can break passwords very rapidly. Considering that most users don’t use secure passwords, it oftentimes takes a few minutes to work. Actually, even secure passwords don’t last long against Ophcrack.

ophcrac

I want to demonstrate how easy it is for a data-thief to steal someone’s password; it’s not my intent to bypass any security measures. How easy is it? On my own computer (not the discarded computer) Ophcrack guessed the password in 0 hours, 0 minutes and 0 seconds. To put that in perspective, the password didn’t withstand a single second getting hammered with brute force. In short, you can’t rely on your login password to protect sensitive data on your computer, unless it’s longer than 14-characters.

On the positive side of things, Ophcrack can recover forgotten Windows passwords Lost Your Windows Administrator Password? Here's How to Fix It Lost Your Windows Administrator Password? Here's How to Fix It You've lost control. All the accounts you can access on your Windows computer aren't Administrator accounts, meaning you're helpless to install software, update drivers or do any kind of administration whatsoever. Don't panic. There are... Read More . Also, as a means of providing security audits, the software remains an absolutely invaluable service.

Recuva

Recuva can undelete data that you’ve sent to the recycling bin, even after emptying it. It exploits a loop-hole in how operating systems erase data Why It Is Impossible To Recover Data From An Overwritten Hard Drive [Technology Explained] Why It Is Impossible To Recover Data From An Overwritten Hard Drive [Technology Explained] Recovering deleted data from a hard drive is generally possible because typically the actual data is not deleted. Instead, information about where the data is stored is removed. In this article I will explain how... Read More . In order to preserve performance, information isn’t deleted after you clear the recycling bin. Although the operating system marks “erased” data for deletion, it leaves it on the hard drive’s platter until it is eventually overwritten with new data. Here’s a shot of what Recuva looks like as it undeletes your data:

recuva snatches data

Data isn’t actually reliably destroyed until the portion of the hard drive it inhabits gets overwritten – several times. That’s why data destruction software oftentimes writes over data multiple times. For example, the Bush-Cheney administration used a special wipe process known as a “seven level” wipe. The method writes over erased data seven times, ensuring that not even data fragments could be recovered, even with techniques such as Magnetic Force Microscopy.

Unfortunately, judging from the exterior of the computer, the individual who generously gifted their computer probably didn’t take any precautions. A tell-tale indicator that someone hastily wiped their data prior to handing off a computer is an empty recycling bin. Most people don’t wipe their recycling bins on a regular basis. And if it was recently wiped, chances are that data still inhabits the computer’s hard drive.

Password Theft

When a thief goes for the Triple Crown of skulduggery, he recovers your hard drive, breaks through your password and then loots your computer of its internally held passwords. The two most vulnerable programs are instant messenger clients and most browsers, which store unencrypted passwords. A nearly axiomatic expression has been to not store passwords of any kind on your desktop.

  • Chrome: There’s several password recovery tools available for Chrome. You may want to check out ChromePass.
  • Internet Explorer: Internet Explorer requires that you use a recovery tool like IE PassView.
  • Firefox: Unlike Chrome, Firefox at least includes a password manager, which you can lock using a password. Password recovery tools do exist for it, though.
  • Instant Messengers: One of the best password recovery tools for instant message clients is MessenPass. It works on a variety of clients as well.

There’s a great deal of software options out there for recovering a password from instant messengers, browsers and other software. Considering that many of us reuse passwords on multiple platforms and websites, thieves getting hold of just one can potentially lead to financial disaster.

What Should You Do?

For those seeking to dispose of their own computer 5 Things You Must Check Before Disposing of Old Computers 5 Things You Must Check Before Disposing of Old Computers Read More , and for those who find one, perform a multi-pass wipe 4 Things You MUST Do When Selling or Giving Away Your Old Computer, Phone or Tablet 4 Things You MUST Do When Selling or Giving Away Your Old Computer, Phone or Tablet Here’s a fun thing I like to do: buy an old hard drive on eBay, then run recovery software on it. It’s a little data treasure hunt, and you’ll be amazed at what you can... Read More on it. Ubuntu or Linux Mint are great for performing formats. Also, simply overwriting the original installation may not prevent data recovery attempts, but it will reduce the likelihood of it.

For destroying data 5 Tools To Permanently Delete Sensitive Data From Your Hard Drive [Windows] 5 Tools To Permanently Delete Sensitive Data From Your Hard Drive [Windows] In a recent article I explained why it is impossible to recover data from a hard drive after overwriting it. In that post I mentioned that simply deleting files or formatting your hard drive typically... Read More , try Parted Magic. Parted Magic includes several disk wiping Parted Magic: A Complete Hard Drive Toolbox On One Live CD Parted Magic: A Complete Hard Drive Toolbox On One Live CD Take control of your hard drives. Whether you want to edit your partitions, clone an entire drive, check SMART data or otherwise manage the way your computer's data is organized, Parted Magic is the tool... Read More (and cloning) utilities that include multi-pass functionality. If you prefer another solution, try one of the many LiveUSBs offered in Live Linux USB creator (our guide to LiLi Linux Live USB Creator: Easily Boot Linux From Your Flash Drive Linux Live USB Creator: Easily Boot Linux From Your Flash Drive Read More ). We have covered several password recovery options 6 Free Password Recovery Tools for Windows 6 Free Password Recovery Tools for Windows Read More . On the other hand, we cannot stress enough how important it is to use strong passwords Everything You Need To Know About Passwords Everything You Need To Know About Passwords Passwords are important and most people don't know enough about them. How do you choose a strong password, use a unique password everywhere, and remember them all? How do you secure your accounts? How do... Read More  to protect your data.

Conclusion

If you intend on throwing out an older computer, at the very least, consider using a multi-pass formatting tool on the hard drive. At the most, remove your hard drive from your computer before handing it off. A second point that I wanted to make with this article, is that data thieves only need your hard drive in order to get your passwords. The best precaution is to remove your hard drive.  A third point is that you should be empathetic. If you ever find a discarded computer, take the hard drive and wipe it. You get Karma for doing so.

For the computer in question, I performed a multi-pass wipe. With a free hard drive on hand, I then used it in a Linux-based RAID array What Is RAID Storage & Can I Use It On My Home PC? [Technology Explained] What Is RAID Storage & Can I Use It On My Home PC? [Technology Explained] RAID is an acronym for Redundant Array of Independent Disks, and it’s a core feature of server hardware that ensures data integrity. It’s also just a fancy word for two or more hard disks connected... Read More  and donated the remaining parts 5 Great Ways To Donate Your Old Computer 5 Great Ways To Donate Your Old Computer Read More .

Did anyone else ever forget to wipe a discarded computer? Or find a computer? Let us know in the comments.

  1. shortcode70
    December 18, 2013 at 8:59 am

    In the thread you questioned breaking passwords on a Mac. It's too easy actually. If you have an installation disk you just boot from that like you are going to install the OS and it gives you an option to reset the administrator password on the computer somewhere in that dialog. It's been a minute since I had a Mac and had to do that so I can't remember the exact steps once CD boots but it isn't a hidden option or anything like that.

    • Kannon Y
      December 18, 2013 at 5:58 pm

      Great tip! Thanks for the comment.

    • RogueDecibel
      December 20, 2013 at 2:31 am

      Actually it's even easier, you just need to hold CMD+S when booting, type 3 lines of code and ten you have yourself a brand new admin account.

  2. Serendipitous Critter
    December 13, 2013 at 10:32 pm

    O)ppz I was referring to an electromagnet.......
    **This method only works with older type media no good for usb sticks, SSHDs, memory cards punch cards or handwritten notes...... Be careful with your passwords folks.

  3. Serendipitous Critter
    December 13, 2013 at 10:28 pm

    DEGAUSSE / MAGNITIZE

    either construct one at home or visit a metals yard or someplace

    outcome NO WASTE
    No data
    it's a win win or a window, but NOT ONE OF OPPORTUNITY
    Help our society avoid gratuitous waste.
    Every time we waste we raise the price on a new one and have to deal with that much more trash - If you donate no one will have to steal to get one......And we wont get raped to get a better one. Just my opinion / religion way of life....

  4. jelabarre
    December 12, 2013 at 5:40 pm

    Personally I'll use a DBAN bootable CD and run either short-DOD or a full DOD wipe. Or, if I can attach the drive to a running system, I'll run shred with 7 passes and a zero fill. Sometimes I'll do this even if I'm keeping the drive, because it's a good way to exercise the drive if I think it's questionable. How *much* you want to wipe the drive will always depend on the percieved value of the contents. A thief grabbing a home computer is merely taking a chance there may be something usable. If it will take any noticable amount of tome, effort or money to extract data, they'll move on to another, presumably easier target. A HDD from a bank or military system, on the other hand, is considered to contain more of value, and will be worth more effort. A "short-DOD" wipe should be enough for home systems, full DOD will make you more comfortable if you have time to run it.

    As for destroying drives: considering it's getting near impossible to find PATA drives now, I'd prefer people would at least try repurposing them. And in teh midst of our current economic depression, not everyone has the cash to cough up for even new SATA drives.

  5. 1234
    December 12, 2013 at 3:41 pm

    hulk smash hard drive. hulk don;t want ppl to find pictures already posted on facebook. hulk smart

    i will destroy my old hard drive because i had super secret blue prints, messenger conversation wit nwo leaders, alien invasion details, and the next lottery numbers . what kind of super important info do keep on those hard drives that the only option is to physically destroy them?

    if you don;t want ppl to find out you are into gay furry porn i understand

    • Kannon Y
      December 12, 2013 at 8:03 pm

      LOL, thanks for the good laugh, Banner. :-)

      To answer your question, a thief can steal your identity with just a small amount of the information contained on an old hard drive. For example, if they get your WiFi password, they can infiltrate your home network. Or they can just nab your account passwords that were possibly stored in a browser or instant messenger.

  6. Jonathan
    December 12, 2013 at 2:42 pm

    sudo dd if=/dev/zero of=/dev/sdX
    encryption slows down everything .___.

  7. Joe
    December 11, 2013 at 1:07 pm

    [Offense removed], you have no idea what you're talking about
    "you should never save passwords in Chrome is that there’s no password protection at all."

    Uh, yes you can and I am NOT a Chrome fan at all. Get informed. Stop misinforming people and using wiseass cracks about people who arent around anymore. Move on.

    • Kannon Y
      December 11, 2013 at 5:32 pm

      Thanks for the comment Joe - Chrome recently updated its browser to include password management (finally) but that occurred after this article was published. I'll have to edit that part out.

      I shouldn't have written Cheney administration. That was an unconscious slip and completely uncalled for. I bear no prejudice toward any political organization.

  8. Josh
    December 10, 2013 at 8:06 pm

    And just think... if the owner hadn't smoked so much, all their data would have been safe.

  9. Kannon Y
    December 8, 2013 at 6:24 pm

    I believe the computer will be reimaged when it's refurbished, but there's a number of programs out there that will accomplish a similar task as wiping the drive, without actually wiping the drive.

    https://www.piriform.com/ccleaner

    CCleaner (in its advanced option) gives you the option to "wipe empty space". So whatever data you've erased will get a one-pass wipe. This isn't bulletproof, but in my evaluation, it's pretty darn effective.

    Before wiping empty space, you may want to uninstall all of your software - particularly your browsers and instant messengers. Also use CCleaner to wipe all your cookies and temporary data. Hope that helps!

  10. Bill Mac
    December 8, 2013 at 2:56 pm

    I purchased a laptop 3 weeks ago that I need to return for a refund. How do I securely erase my data before returning the laptop?

  11. Tiamat
    December 8, 2013 at 6:40 am

    Ok so we know it's ridiculously easy to get data off of a used hard drive that the average user just dumps off at the side of the road. Here's a question... what can you do to make sure someone can't get at your data if say they steal your computer or laptop? If it takes less than 2 seconds to break into a Windows logon then what can you do to encrypt the whole hard drive itself from even booting up or to stop someone from ever trying to do data recovery on it?

    • Kannon Y
      December 8, 2013 at 7:39 am

      That's a really good question and I'm very glad you asked.

      To my knowledge, out of the Windows operating systems, only 8 offers hard drive encryption on installation. It might even be 8.1. But we know that Microsoft has been quite friendly with certain intelligence agencies, so their system is probably filled with holes just waiting to be found.

      Otherwise, Linux is the best way. It supports disk encryption upon installation.

      I believe unless the hard drive supports full drive encryption, there's some weaknesses in software encryption. And on top of that, the NSA has been introducing flaws and exploits into many encryption standards, so you have to be careful what you pick.

    • Mister TechE
      December 10, 2013 at 8:09 pm

      Or just use TrueCrypt. You can use it to perform a full disc encryption on the hard drive. Works with Windows.

  12. TheNameThatShould
    December 7, 2013 at 9:30 pm

    If you're accessing a Windows system, OPHcrack is most of the time a poor method. You can just use 'Windows/NT Password Reset & Registry Editor' to delete passwords and activate password-free administrator accounts, and edit the registry in any other way. Unless the system is encrypted, it will work, even for servers.

    For Data wiping, using an installation of Ubuntu is a work-around method at best. This is not necessary, and doesn't provide as great of security. Use DBAN with Whirlpool and at least a DOD-7 Pass. You can use the PRNG stream in 8 passes as well, which is better, but takes double the time. You could then install Ubuntu as a way of deception to thieves.

    To do either of these, you will have to make 'bootable' software. YUMI (The program) can put both of these bootable ISO's onto a formatted USB.

    These methods are a bit more advanced, but they work very well.

    • Kannon Y
      December 8, 2013 at 2:36 am

      I understand your rationale and you of course are correct.

      OPHcrack reveals several things about our computers. First, it shows how quickly even secure password can be bypassed. Second, it recovers our passwords, which can then be used to perform a variety of other exploits for those who may have resused their passwords.

      Great comment, thanks for sharing!

  13. Ketim
    December 5, 2013 at 5:14 am

    I recently bougth a new hard drive (second-hand) for my laptop and it was completely functional. I mean, I just plugged it to my laptop and the OS started up. The OS was still installed and some documents, pics, videos and more where stored in it. I formatted the disc and started a new OS installation. So, things happen!

  14. Don
    December 5, 2013 at 1:14 am

    Usually most eRecyclers of any caliber usually shred HDD's along with everything else and then sort out the various components for recycling, i.e., plastics, rare metals, iron, copper, etc. so it won't really matter if you hammer your HDD's or not..... I worked for a non-profit 501[c][3] for a couple of years that received donated computers, printers and flat screens/CRTs from corporations around the Denver metro area when they upgraded computers corporate-wide and they recycled the equipment that was out of specification and securely wiped the HDDs and reused them unless they were less than 20gb in size; the smaller ones were recycled and I was able to go see how they recycled them by shredding everything! Definitely no data existed on those drives that were shredded.....

    • Kannon Y
      December 5, 2013 at 7:10 am

      Awesome! Thanks for sharing Don!

  15. Brandon R
    December 3, 2013 at 1:31 am

    Well this is certainly on of the best articles I read in a while I'll have to Pocket this and add it to my favourite articles :P

  16. Steve
    December 2, 2013 at 7:22 pm

    You could always install Ubuntu or other Linux and use it for practice and learning as a spare computer. Or you could use the removed HD for storing your music files or photos on externally.

  17. Ben
    December 1, 2013 at 8:27 pm

    nice article....it pains me thought, when people choose to destroy working hard drives rather than wiping them and passing them on to someone else, or using them for excess storage....I have 4 40gb hard drives that my public library was throwing away that I keep photos and things on, if it works and is over 8gb there is no sense in smashing it.....

    • Kannon Y
      December 1, 2013 at 8:31 pm

      Exactly. Also, there's RAID arrays that allow multiple drives to be used as a single cohesive storage unit, with redundancy.

  18. bart
    December 1, 2013 at 11:22 am

    Because hard discs contain many elements that are under 'spring tension', I would stronly recommend against smashing, hammering, ... it.
    Just wipe and re-use.

    • Kannon Y
      December 1, 2013 at 8:30 pm

      There's also glass platters on older drives that can cause serious shrapnel problems. Wiping and reusing is definitely my preferred method of disposal. But even so, one can never be too cautious.

  19. Anonymous
    November 30, 2013 at 11:37 pm

    I bought an external HD from eBay as is. It turns out the only thing wrong was the on/off switch was broken. Once fixed I found all sorts of personal information including resumes and pictures of someone smoking pot.

  20. Liliana Kelly
    November 25, 2013 at 6:35 pm

    I had my identity taken away sometime in 2008 , I DID not find out until now.

    • Kannon Y
      November 25, 2013 at 7:25 pm

      I am so sorry. How did you find out?

  21. Amber G
    November 25, 2013 at 1:18 am

    Wow, that is interesting. Is this true for macs as well? I've heard macs are harder to hack.

    • Kannon Y
      November 25, 2013 at 3:01 am

      Interesting question! I'm not an expert on Macintosh software, but my understanding is that you can probably reset passwords and access user's information in the same manner as a Windows PC.

      I don't know about password recovery, though. But the rest of the software with vulnerabilities are still there - for example, the browser, instant messengers and other software that store passwords insecurely.

    • Anonymous
      December 6, 2013 at 5:33 pm

      Yes, it's true for macs. Mac OS X hard drive paritions are in HFS+ format and aren't encrypted by default. That format can be read by many free data recovery tools the same way as Windows' default NTFS format or Linux's default EXT4 format can.

    • RogueDecibel
      December 20, 2013 at 2:26 am

      Actually just as easy on Mac. You hold CMD+S while starting up, type in 3 lines of code and then you have a brand new admin account..

  22. Martin
    November 22, 2013 at 9:43 am

    If it is a Windows PC, why not just use Kon-Boot. It simply allows you to log in without the need to know or crack the password. once you are in just change the password to something else.

  23. Tracy
    November 22, 2013 at 3:33 am

    What do you do if you are technologically stupid and have 6 (yes 6) computers who don't work or wont power up and have all that still there.

  24. cachescouter
    November 22, 2013 at 12:59 am

    After living in an Apartment complex I collected multiples of computers and did just that, wiped the drives with multipass software and even did a return to Manufacturer Settings reinstall from the partitioned hard Drive returning the computer to new conditions. One computer handed off to me had video problems and they could figure it out, the previous owner had informed me he tried going off the mother board instead of the graphics card, so when I had the time to inspect the system I pulled the video card out and started the graphics off the Motherboard, well looky there it works fine, I preceded to look through the HD and thought wow he left a ton of info on here AND it had the partitioned original OS, so I did as I did with the other computers and wiped everything, as it turns out, I discovered this process f reinstalling had already been tried and had caused the initial problem...the driver for the graphics card was corrupted... after downloading and installing the correct driver from the manufacturer I reinstalled the graphics card and and BAM this beast was ready to go for gaming, I set the computer to the side thinking I'd either upgrade my system to this or sell it for some quick cash, BUT my son found it and asked if could we hook it up and he could do homework on it. Now he's discoved the speed of the system and has made himself a great gaming system...

  25. dragonmouth
    November 21, 2013 at 8:47 pm

    Reading Windows HDs on a Linux PC and vice versa bypasses all the passwords. If the drive is encrypted, GParted or PartedMagic will format it nicely and make it usable again.

    It is unbelievable what data is left on discarded computers. Over the years I have refurbished and sold couple of hundred discarded computers. I have also sold parts on eBay and CraigsList. However, had I had a larcenous bent, I could have made way more money by raiding people's bank accounts, using the information they left on their discarded computers.

    Percussive maintenance with a BFH will stop all identity thieves that do not have something like the resources of a government agency.

  26. Sharon Bias
    November 21, 2013 at 7:50 pm

    I'm a big fan of using a large hammer on the hard drive. The recyle folks I send my units to don't care that the hard drive is mashed. Since I'm not doing anything the FBI, CIA, NSA, etc might be interested in, the time / benefit ratio works for me.

  27. Tim Baucus
    November 21, 2013 at 6:33 pm

    You could always put your mind at ease from Identity Theft, and never will you have to worry about it again Ever. Ask me, how? and I'll show you.

  28. Matthew
    November 21, 2013 at 5:35 pm

    The old "multiple overwrite" solution is rather dated, the Gutmann method being devised to target the transitions in MFM and RLL formats.

    In practice, a single full overwrite (eg. 1 pass from DBAN), should 100% prevent sofware based recovery ... the original data is overwritten - forensics may be able to recover something, but it'll be expensive and time consuming.

    The BEST, if your setup is compatible, and the BIOS doesn't lock the drive to avoid malicious use of secure commands, is HDDerase
    http://cmrr.ucsd.edu/people/Hughes/Secure-Erase.html
    This initiates the in-drive ATA secure erase command (or if available, the enhanced secure erase can be used )

    • Paul P
      November 22, 2013 at 2:19 pm

      Yeah, I think if I remember correctly, the multiple pass method was introduced after one faulty scientific paper came out. A secure erased one pass disk has never had any data worth writing home about, ever successfully recovered even with an electron microscope.

      Note secure eras the program available for Hughes site, invokes the app that has been available on all hard drives I think since 2001. It not only erases data on the drive of active sectors, but goes into the reserved section where faulty sectors have been set aside by the drive and erases them.

      I may not have all my terms correct but essentially, it is important to use an app to erase your drive that engages the built in drive eraser and not a third party drive eraser that doesn't go into the portions of the hard drive that have beens set aside as being faulty earlier in the disk history.

  29. cathie west
    November 21, 2013 at 3:09 pm

    hubby bought a hard drive form someone on a bootsale. he only wanted a couple of quid so no loss if it didnt work, so plugs it in when he gets home. as u do. then reaslizes it hadnt been wiped at all. now in the past we had found some naughty pics of girlfriends ect. have a giggle then delete them. but this time it was a huge shock. it was loaded with porn of the worst kind. child porn. and no we didnt open any of the files. the titles made us feel sick. so took it to the local police station where they handed it on to the relevant dept. we had a call within a day. our fears where justified. luckily we knew where the seller lived and took the police there. after he had been investigated it came to light he had found the broken p.c in a skip nearby. and he was innocent. but the skip was near the home of someone who had a nasty mind. and he was arrested. it helped break a paedo ring. so be careful what u pull out of skips,

    • Took
      February 11, 2014 at 7:32 pm

      whats a bloody skip? You mean a bin las?

  30. Lynda
    November 21, 2013 at 1:32 pm

    This is what I have been doing for several years now.....

  31. Beatle4
    November 21, 2013 at 12:59 pm

    I've had to replace a few computers in the past and I've found the easiest solution for protecting myself from having personal information stolen. Once I transfer everything from my old computer to the new one, I remove the hard drive from the old system, open it up and destroy the disc inside. Then it's just a matter of scrapping everything.

    • edzu
      November 21, 2013 at 2:58 pm

      Yes, and the drive magnets are very powerful and useful around the house.

  32. Andy
    November 21, 2013 at 12:55 pm

    I had a dozen old hard drives to recycle. a 3 lb. sledge works great with 2.5 in. drives. Whack them a few times until they rattle. I find the best way the erase a 3.5 in. drive is open it up and take a coal chisel and that hammer to each platter. Then I took them to the recycle center.

    • Anonymous
      December 6, 2013 at 5:08 pm

      If you've been reading the posts, you'd know that makes them harder to recycle and more likely to be thrown in a landfill by the recycler.

  33. Bben
    November 21, 2013 at 12:05 pm

    For the truly paranoid that actually believe a data thief is going to even try to recover data from a HD that has been hit with a hammer - here's your tin foil hat.
    That kind of stuff is reserved for FBI level data recovery. Even a reasonably determined data thief is not going to have either the resources or time required to get any data off of a physically damaged HD. Besides, there are just too many HDs available at goodwill or thrift shops (or sitting out beside the dumpster) where if they bothered to try to remove the data at all, it may be easy to recover it using the techniques in the article. They are NOT going to bother with an obviously physically damaged HD. Simplest way to keep your data from being taken when you dispose of a computer - remove the HD and hit it with a hammer - several times - real hard. One of my geek friends shoots them. That works just as well.

  34. Farverpearce
    November 21, 2013 at 11:04 am

    Does exposure to a strong magnet still work? Did it ever? Is the drive useful after the magnet treatment?

    • Tom W
      November 21, 2013 at 11:40 am

      On an SSD, I don't think this would work. On a HDD, it has a chance of working depending on the strength of the magnet. This is because HDD's store data magnetically. I wouldn't rely on it though.

  35. danny
    November 21, 2013 at 10:40 am

    secure erase has been built into all motherboards and hard drives for ten or 15 years. boot it of a floppy or cd and it only deals with the motherboard and hard drive a it is free to download. have a look at myharddrivedied.com

  36. Steve
    November 21, 2013 at 10:12 am

    @Ian How much time/energy will be used to securely wipe a hard disk compared to the actual value of what can be recycled ( minus the time spent doing the recycling) ? Also if the disk isn't working, you might not be able to securely wipe it but someone else might be able to recover the data. A dent made by the sharp end of a log splitter solves the security problem and doesn't take much energy/time.

    • dragonmouth
      November 29, 2013 at 9:00 pm

      "A dent made by the sharp end of a log splitter solves the security problem and doesn’t take much energy/time."

      It may solve the security problem but how many readers (people in general) have access to a log splitter?

      Don't get me wrong, I think it's a great idea. I may try it the next time I need to dispose of an HD or two. Unlike most people, I do have access to implements of percussive maintenance such as a log splitter, sledge hammers and mauls.

  37. Frank P
    November 21, 2013 at 9:18 am

    one of the ways I used to bypass windows "Profile Encryption" was using windows own backup system. you make the backup and when you restore, select no encryption.

    I'm sitting with a stack of hdd at home from my first p2 and upwards. thanks for the reminder: Gotta leave them in a metal box with a magnet for a few days lol!
    (or opening them to make them completely useless)

  38. Liam C
    November 21, 2013 at 9:04 am

    You're assuming that I leave hard drives in dead computers.

  39. Jochen
    November 21, 2013 at 8:43 am

    I usually remove the harddiscs and either destroy them with hammer and drill or I open them and have them on the shelf as I like their looks :) It's amazing to see a 5" 20MB drive next to a 2" 2GB one :)

  40. Rene´
    November 21, 2013 at 8:14 am

    There's no need to crack Windows password, when there is Trinity: http://trinityhome.org/Home/index.php?wpid=1&front_id=12

  41. Steve
    November 21, 2013 at 7:35 am

    I find it simpler and quicker to pull the hardisk out and give it a wack with a 3Kg log splitter.

    • Ian
      November 21, 2013 at 8:28 am

      I object to physical destruction of hard drives. First, it doesn't erase the data. (Sure, it's pretty hard to get the data off, but it's still there and theoretically accessible with the right equipment.) Second, it renders the hard drive and just about every part of it useless and difficult to recycle.

      I happen to be a student at a university that has open bins for collecting electronics to be recycled, where I and many other students scavenge parts. Most of the hard drives I've found this semester were either crushed or hammered. Disassembly was almost impossible due to the screws being damaged, and I found almost no intact parts in them. An intact but no longer functional hard drive is easy to disassemble and yields many useful parts.

      Securely erasing a hard drive leaves it usable for other purposes, or recyclable if you have no use for it or it's unreliable. Destroying it leaves it and most or all of its parts useless and less easily recyclable.

    • Will
      November 21, 2013 at 8:32 am

      exactly

    • dragonmouth
      November 21, 2013 at 8:26 pm

      @Ian:
      "Destroying it leaves it and most or all of its parts useless"

      That is the general idea. Why should I compromise my security so that you can practice your data recovery skills?

      With proper percussive maintanance even the NSA won't be able to recover data.

  42. Pat
    November 21, 2013 at 7:05 am

    Thanks for the article, I have two old computers stored upstairs because I didn't want to give them away or send them to recycler without erasing the hard drive. My husband, a non-techie person called me paranoid about those computers. I will check out the programs in your article, get them properly cleaned and out of storage... and then tell him I was right for once in the last twenty years!

    • Justin P
      November 21, 2013 at 4:37 pm

      You could just remove the hard drive, then give the computer away. Then smash the hard drive with a sledge hammer. Then scatter the various pieces in dumpsters around the city. That'll do it.

  43. Kent Haase
    November 21, 2013 at 3:24 am

    DBAN (Bing it).

  44. Joel L
    November 21, 2013 at 1:26 am

    0 hours, 0 minutes, 0 seconds? Wow. I'm starting to second guess a lot of things now...

    • Kannon Y
      November 21, 2013 at 2:10 am

      I was surprised myself. I thought to myself - yup - another live disk that doesn't work as advertised. But on closer inspection.. yup... it worked. Sat there for a half hour thinking it wasn't though. Anyway, for this reason, login passwords are pretty much useless.

      I think it was James who suggested using Linux and encrypting the hard drive. Hard drive encryption is one of the options provided when one installs Ubuntu.

      Seriously, though, I'm totally going to try using Linux in more builds.

Leave a Reply

Your email address will not be published. Required fields are marked *