mysecurepc.com blog

Getting rid of a computer or a hard drive? Does it have sensitive data on it? Just deleting it does not do the job. Even reformatting the hard drive is not good enough.

Deleted data is simple to recover, especially in Windows XP. A data recovery program, often free, is all that is needed to undelete data. What can be done to ensure that prying eyes will never see your data?

Plenty.

Boot and nuke an open source program will completely wipe out any data on a hard drive. It is a dangerous program (i.e. there is no turning back once it erases) so be careful in using it. It meets the DOD (Dept of Defense) requirements for complete eradication of data. A bootable disk or CD is created then the computer in question is booted up and goodbye data.

Some entities such as some government agencies and private parties use drastic measures such as saws, sledge hammers, and grinders to ensure no data is left behind. While this may do the job the hard drive cannot be used again…it is off to the land fill.

There is an easier way to get rid of your data but still be able to reuse the hard drive. In Windows XP you can encrypt all your data files, reformat the drive and you are done. This erases the encryption file keys forever. Perhaps the encrypted files can be recovered but without the decryption key all is lost.

Don’t forget to securely destroy CD/DVDs used to store data. Several paper shredders have a feature for chopping up a CD/DVD. We do not think this is a good enough solution. Once the CD/DVD is chopped up, separate it into several piles and dispose of them separately.

Doug

The scams never go away. The PIN block fraud involves your debit card. When a debit card is swiped, say at a gas station, the information on it is sent to a server. Included in this information is your debit card number, the data from the magnetic strip, and the encrypted PIN code. When you enter a PIN number it is sent to the server, too. The server unencrypts the PIN number (residing from the magnetic strip) and compares it to the one you entered. Of course they must match in order to complete the transaction.

Here lies the problem: some retailers save your debit card information (including the PIN number) on their server. There is *no* reason to save it - it should be erased after it is used for the current transaction. A hacker then breaks into the retailer’s computer system and steals the debit card number, the encrypted PIN, and the key to unencrypt the PIN. Then counterfeit debit cards are made and it’s off to the nearest ATM machine.

How do you fight it?

A few ways.

1. Use a signature instead of a PIN number when using the debit card.

2. Do not use a debit card; use cash. Especially with no name gas stations, stores, etc. I only use the debit card at one grocery chain and I use cash for other transactions.

Doug

Think it is hard to get checking account information? It is not. Say you are filling out a check at a store to pay for groceries. A kid walks by with a cellphone and snaps a picture of your check. He goes home and blows up the image on a computer. And there it is. All the information needed to commit bank fraud.

Doug