Local councils dish out shoddy computer recycling advice
Delete data properly
SaaS data loss: The problem you didn’t know you had
People looking to recycle old computer kit are being given confusing advice by local councils that could lead to identity theft, a consumer group has warned.
Which? Computing magazine telephoned more than 100 councils across the UK asking for information on how to safely recycle defunct computers and monitors.
Only two fifths of them were able to provide concrete assurance that equipment would be recycled. A sizeable number gave questionable advice, while one in seven had no idea what would happen to donated PCs.
"They literally go into the landfill; they get smashed apart," one council worker told the magazine. Many also failed to point out the importance of individuals erasing data from their computers before handing them over to be recycled.
One council worker advised: "You can easily uninstall any information," while another said that leaving personal data on a donated PC "shouldn't be a problem".
The magazine's editor, Sarah Kidner, said: "Our investigation shows the quality of advice and availability of services vary from one council to the next.
"Perhaps more worrying is the lack of knowledge and advice on how to dispose of the data stored on your computer. This could mean that the local tip becomes a hunting ground for identity thieves."
A number of factors have led to an upsurge of interest in people wanting to recycle old computer kit, including growing awareness around environmental issues, as well as the recent introduction in the UK of the Waste Electronic and Electrical Equipment (WEEE) directive.
Just last week Computer Aid International, a charity that sends equipment donated from UK businesses to developing communities around the world, kicked off an ambitious appeal to bring in 50,000 PC and laptop donations in 2008.
Computer Aid International's PC donations manager Anja Ffrench told The Register that people need to be clear that data stored on their hard drive has been deleted irreversibly.
She added that the person making the donation should also be provided with proof that data has been successfully destroyed, and finally that they can track where their computer ends up.
"There is a lot of confusion about how to completely remove all sensitive personal data from the hard drive, and what people need to understand is that simply hitting delete is not enough," she said.
Ffrench said the charity was confident that donated machines it receives go through a "rigorous refurbishment process" to prevent personal data stored on PCs being stolen.
The service Computer Aid International offers includes a free guide on WEEE compliance as well as a reporting system that tracks when each computer's data was wiped. ®
COMMENTS
@William
Yes trollboy, I really do "do all that stuff"
One because it works, and Two because I enjoy it immensely, I'm officially a headcase.
clockwise and anticlockwise rubbish
The AC who claimed that 0s and 1s are recorded as clockwise and anticlockwise signals on the disk platter is ignorant, and claiming knowledge that he, she, or it, clearly doesn't have.
All modern hard drives are recorded using coding schemes where a signal is recorded when the data changes from a sequence of 1s to a sequence of zeros, with the length of a given sequence limited within constraints - these coding schemes allow the packing of more data onto a platter, which is why they are used. Moreover, there is a ECC coding scheme layered on top to provide data recovery in the event of a missed signal. There is no simple relationship between the signals on the hard drive and the original data.
Physical destruction of the platters is sufficient to protect the data - you can do this by grinding them into powder, dissolving them in acid, melting them - whatever takes your fancy. Anything less, is less protection.
One of the theoretical exposures is that the disk heads move slightly during writes, so one disk write may not cover the previous write exactly - might be a bit further in or out. So there may be a trace of a previous write left behind no matter how many times you overwrite. Overwriting may be 99.9% secure. Physical destruction is 100.000% secure.
Replacing the hard drive in a machine that is being recycled is cheap, and will probably give the recycled machine a longer life. Replace the drive, open the old one, remove the platters - destroy them.
But it's still a prob for the general populace...
Let's face it: I still find I frequently have to explain to others the difference between a computer's memory (as in RAM) and storage (as in HDD). I still have users who refer to something they call "the hard drive", by which it turns out they mean that big tall box under their desk with the little green lights on it, as distinct from their "terminal" by which it turns out they mean the big screen thing on top of the desk. Gawd knows what they make of an iMac. Since so many folk are clueless about what bits make up a Personal Computer, it's no wonder they're clueless about how to erase data terminally with extreme prejudice. So give Which? a break. As long as people can buy cheap computers in Tesco without needing to show their ECDL, this ignorance will prevail.
As for me: why would I ever want to trash a working component? Green computing means there's always a repurpose for it somewhere. If I had a dead HDD, I'd trash it physically before dumping it, and it's pointless being paranoid about data recovery after that - realistically, the Spetznaz have better things to do with their time and budget.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
