Two MIT graduate students bought a number of used hard drives on E-Bay and analyzed them. They were able to recover lots of files, including files containing very personal information (such as a love letter), and in some cases even restore the operating system of the computer to which the hard drive belonged. Some of these disks had simply been discarded, but others had files deleted, or were reformatted—and still the students could recover the files!

The news article said that the students’ results showed how unaware people were of security issues. Is the data being on the discarded disks in fact a vulnerability? Are the delete, rm, format, and other such commands used to erase these disks secure? If not, what is the vulnerability in these programs, and how would you fix it?

UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 153, Computer Security
Version of April 15, 2018 at 6:05PM

You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh