Just how safe is your data?

So, tonight on BBC1, was a documentary highlighting a problem that can only become more prevalent over time. "Real Story" demonstrated how just throwing your old computer away in a local tip could lead to misuse of the information previously stored on it, and failure by the owners to safely dispose of it safely much like scrapping a car or an old desk with all your personal details inside.

The programme highlighted, surprise surprise, Nigeria as a capital for computer fraud. A local computer parts market sold 17 hard drives, of which 10 were from the UK. They then took it to Switzerland (strange in my opinion because the UK has some of the best forensic labs for data retrieval, one of which was a fellow student from college), where the data was read and printed out for the reporter. He then paid a visit to several people who had thrown away their computers in local tips. It was this data that was read back and interpreted.

Now, don’t get me wrong. I can do this quite simply. Most faulty PCs have anything but the hard drive as a culprit. Removing the hard drive involves opening the case and normally undoing 4 screws. This hard drive can then be installed into my PC and the data read. Even data deleted can be unerased, normally with free software widely available from somewhere like download.com. In the event it’s the hard drive that has gone to meet it’s maker, 99% of the time the drive is still functioning, but a faulty sector has led windows to forget how to read it. This is remedied with something like ZAR (Zero Assumption Recovery), a program which searches for any possible data that could be relevant and recovers it. In the rare chance the drive has failed altogether (the BIOS doesn’t even recognise it) then it can read but only with specialist electronic equipment.

So how do you solve this problem? First of all, you don’t take your old broken PC to a tip; try and get it repaired. Most PCs are repairable, but if it isn’t then at least the hard drive can be removed. If it really is cattled then fine, you can bin it, but if it isn’t then you still have the data yourself. If you are insistent you want to delete stuff on it then use something that securely deletes the files. I have an old program called "shredder" that wipes the data space up to 9 times when you delete the file. This will safely ensure that any data is no longer available. More importantly don’t take the old PC to the tip. There are salvage agents all over the UK, authorised to take this old equipment and you are safe in the knowledge it won’t end up in some Internet café in Lagos.

So as much as the fraud can be stopped, you can be sure that people will still throw away their PC when it breaks. Perhaps these people should be identified and warned, or even fined, and then perhaps over time the problem will subside.