Sister CISA CISSP

Jul 15 2009   8:47PM GMT

Hard Disks Never Die – They go to Digital Forensics

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

I’m attending an absolutely fascinating course on Digital Forensics provided by SANS. One of the things we will be doing is collecting data from hard drives for various practice exercises.

Imagine my amusement when the handout and appendixes recommend where to get used hard drives to practice on: eBay or Craigslist. Didn’t Simson Garfinkel do this a few years ago? And come up with a whole bunch of juicy information?

How do you dispose of hard drives? There are overwriting programs and businesses that will pick them up and dispose of them securely, providing a certificate (and thus transferring your risk). But how do you know they are performing as agreed?

I’m looking forward to my eBay hard drives and what they will disclose. Hope they’re not yours!

2  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • OldGoat1997
    I disassemble the drives - remove the platters and scratch the heck out of each surface - then just to be safe I bend them so they can never be spun up again.
    165 pointsBadges:
    report
  • Bigitgeek
    I attended that same SAN back in 2006 in Las Vegas. Forensics 508.2 and 508.3 Are they still promoting the use of [A href="http://www.forensicswiki.org/wiki/Helix"]Helix[/A]? I use DBAN to clean my none commercial drives - for commercial purposes I recommend outsource so you can transfer the liability. Kilroy [A href="http://analysisandreview.com/computer-hardware/how-to-erase-your-hard-drive/"]I use DBAN[/A]
    30 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: