Hard Disks Never Die - They go to Digital Forensics - Sister CISA CISSP
Home > IT Blogs > Sister CISA CISSP > Hard Disks Never Die - They go to Digital Forensics
>>VIEW ALL POSTS  

Sister CISA CISSP

« Adventures in Auditing #1
Adventures in Auditing #2 »
Jul 15 2009   8:47PM GMT

Hard Disks Never Die - They go to Digital Forensics



Posted by: Arian Eigen Heald
"How Do You Know?", Forensics, Digital Forensics, Hardware & InfoSec, information security

I’m attending an absolutely fascinating course on Digital Forensics provided by SANS. One of the things we will be doing is collecting data from hard drives for various practice exercises.

Imagine my amusement when the handout and appendixes recommend where to get used hard drives to practice on: eBay or Craigslist. Didn’t Simson Garfinkel do this a few years ago? And come up with a whole bunch of juicy information?

How do you dispose of hard drives? There are overwriting programs and businesses that will pick them up and dispose of them securely, providing a certificate (and thus transferring your risk). But how do you know they are performing as agreed?

I’m looking forward to my eBay hard drives and what they will disclose. Hope they’re not yours!

AddThis Social Bookmark Button     Comment     RSS Feed     Email a friend

Comment on this Post


You must be logged-in to post a comment. Log-in/Register

OldGoat1997  |   Jul 20 2009   12:46PM GMT

I disassemble the drives - remove the platters and scratch the heck out of each surface - then just to be safe I bend them so they can never be spun up again.


 

Bigitgeek  |   Jul 29 2009   4:21PM GMT

I attended that same SAN back in 2006 in Las Vegas. Forensics 508.2 and 508.3

Are they still promoting the use of Helix?

I use DBAN to clean my none commercial drives - for commercial purposes I recommend outsource so you can transfer the liability.

Kilroy
I use DBAN