Feeds

Datawiping doesn't work

eTesting Labs finds products wanting

  • alert
  • submit to reddit

eTesting Labs has run a series of tests of eight commercial available diskwiping products - and only one of them worked properly.

This is Redemtech Data Erasure, from the company which
contracted eTesting to run the trials. So the results should be treated with caution. The eight products were run on six variously configured PCs.

IBAS Expert Eraser failed to overwrite all of the disk sectors on one of the PCs under test. Ontrack DataEraser and Blancco Data Erasure failed to overwrite all the sectors on two PCs; East-Tec Disk Sanitizer and InfraWorks Sanitizer failed in the same task with five PCs; while NTI Diskscrub and Wipe Clean (freeware in wide circulation, according to Redemtech) failed to overwrite all the sectors on all six PCs.

Norton Wipeinfo/Wipedisk is no longer being updated, and works so differently from the others - it's very fiddly - that eTesting Labs did not feel able to include it with the rest.

The eTesting Labs report, complete with methodology, is available as a PDF here.

Of particular note is the poor showing for Infraworks Sanitizer, used by the Department of Defense in the US and the MOD on the UK. It's surprising that eTesting Labs/Redemtech found something that the US government missed.

Secondly, there are quirks in all testing tools - Norton Datawipe does not recognise NT partitions - and all hard drive technologies - software will not write over RAID for example, and why should it - RAID is designed to protect data. It's necessary is to strip out each HDD and overwrite individually. sometimes a very large HDD.

Paul McCartney's worth - how much?
Datawiping is a boring but important subject for end of life kit.

Corporates pay recycling firms to dispose of their equipment - the residual value of the kit rarely covers the cost of collection, datawiping - important for security and for data protection - and reselling. By far the cheapest option is smashing and dumping - but that's dirty and in many rich countries, illegal.

But what if the broker is not datawiping the kit, or is using the wrong datawiping software? Then there's a headache. The most famous case in recent years was Morgan Grenfell, now part of Deutsche Bank, which let loose an end-of-life PC containing the bank details of Sir Paul McCartney into the secondhand market.

But there has been a series of incidents, including details of children at risk found on a PC dumped on a skip by Lincolnshire Council, and a register of sex offenders contained on a PC used by students studying statistics furnished them by Bristol police. The machine was later sold, with the register. Then there was the doctor who returned his machine to PC World under a 21 day no-quibble swap-out. This was later sold as a shop refurb, complete with patient records.

Related stories

Windows wipe utilities fail to shift stubborn data stains
Paul McCartney account details linked on second user PC

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?