Two MIT graduate students bought a number of used hard drives on E-Bay and analyzed them. They were able to recover lots of files, including files containing very personal information (such as a love letter), and in some cases even restore the operating system of the computer to which the hard drive belonged. Some of these disks had simply been discarded, but others had files deleted, or were reformatted—and still the students could recover the files!
The news article said that the students’ results showed how unaware people were of security issues. Is the data being on the discarded disks in fact a vulnerability? Are the “delete,” “rm,” “format,” and other such commands used to erase these disks secure? If not, what is the vulnerability in these programs, and how would you fix it?