To illustrate the magnitude of this threat, in 2003 Simson Garfinkel and Abhi Shelat published an article in "IEEE Security & Privacy Magazine" reporting on an experiment in which he purchased 158 used hard drives on the secondary market (most of them from different sellers on eBay) and checked to see whether they still contained readable data. To their astonishment, around one third of the drives appeared to have information that was highly confidential and should have definitely been erased prior to the drive's resale.
They acquired a total of 75 Gbytes of data, consisting of 71 Gbytes of uncompressed disk images and 3.7 Gbytes of compressed tar files. One of these drives was most likely used in an ATM machine in Illinois, and that no effort was made to remove any of the driveís financial information. The log contained account numbers, dates of access, and account balances. In addition, the hard drive had all of the ATM machine software. Another drive contained 3,722 credit card numbers (some of them repeated) in a different type of log format.
In order to make sure that your data is erased properly I'd recommend using one of the programs listed below, each is for a different operating system: Windows, Linux or Mac OS X.
Eraser (Windows) - Free
Eraser is an advanced security tool for Windows, which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
ShredIt X (Mac OS X) - Shareware
ShredIt is the file shredder / hard drive cleaner that offers all the features you need to clean a hard drive, wipe a file and more - as well as the ease of use and safety features you really want from data file shredder software.
dcfldd (Linux) - Free
dcfldd is an enhanced version of GNU dd with features useful for forensics and security. Based on the dd program found in the GNU Coreutils package, dcfldd has the following additional features:
- Hashing on-the-fly - dcfldd can hash the input data as it is being transferred, helping to ensure data integrity.
- Status output - dcfldd can update the user of its progress in terms of the amount of data transferred and how much longer operation will take.
- Flexible disk wipes - dcfldd can be used to wipe disks quickly and with a known pattern if desired.
- Image/wipe Verify - dcfldd can verify that a target drive is a bit-for-bit match of the specified input file or pattern.
- Multiple outputs - dcfldd can output to multiple files or disks at the same time.
- Split output - dcfldd can split output to multiple files with more configurability than the split command.
- Piped output and logs - dcfldd can send all its log data and output to commands as well as files natively.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.