Forgot your password?
typodupeerror
Security Media Technology

Memories of a Media Card 266

Posted by kdawson
from the embarassing-moments dept.
twistedmoney99 writes "Anyone who has upgraded their digital camera probably has a few older, incompatible media cards lying around — so why not post them on Ebay? Well, if you do, be sure to properly wipe them because the digital voyeurs are watching. Seth Fogie at InformIT.com purchased a bunch of used cards from Ebay and found recoverable data on most of them. Using the freely available PhotoRec application, he was able to extract pictures, movies, and more from apparently formatted cards. The picture is clear — wipe anything that can store digital data before getting rid of it."
This discussion has been archived. No new comments can be posted.

Memories of a Media Card

Comments Filter:
  • by Anonymous Coward on Tuesday January 02, 2007 @07:06PM (#17436918)
    It adds to the value on auction sites. A lot of people are willing to pay a fortune to see images of my dick.
  • same old story (Score:2, Insightful)

    by born4fun (1045582)
    Hm, haven't we had this story already with hard disks, some time ago?
    • by garcia (6573)
      While I don't remember the one about HDDs, I do remember the one about mobile phones [slashdot.org] (there may be more but this is the first one I found).
    • Re: (Score:3, Funny)

      by blantonl (784786)
      Ahh.. Hard disks - With all the above posts, I thought you said hard dicks for a second there.
    • Re: (Score:3, Funny)

      by ruiner13 (527499)
      No, this one is a copy someone left on a flash card sold on ebay.
    • Re: (Score:3, Funny)

      by Fred_A (10934)
      Hm, haven't we had this story already with hard disks, some time ago?
      But we haven't had it with tapes, flopticals or CDRW yet. I'm waiting till we can collect the whole set.
  • What are the best methods for removing almost any record of data? Recently moving to ubuntu, I've found shred is rather exciting, but I still use many windows-only things. What would work best there?
    • Re: (Score:2, Informative)

      by Anonymous Coward
      dd from /dev/urandom onto the media multiple times ( in excess of 20 times if you are paranoid )
      • by croddy (659025) on Tuesday January 02, 2007 @07:39PM (#17437286)

        Better (and more convenient) than dd'ing from /dev/urandom is wipe(1). It will, at your option, overwrite the disk using 34 different byte patterns, 8 of which are random.

        Its man page is also the only one I know of that uses the phrases "rising totalitarianism", "Department of Homeland Security", and "THIS IS AN EXTREMELY DANGEROUS THING TO DO".

    • As root:

      dd bs=1024 if=/dev/random of=/dev/sda1
      Do that a 3 or 4 times, and anything on sda1 (or whatever other block device) will be completely unrecoverable.
      • by whoever57 (658626)
        dd bs=1024 if=/dev/random of=/dev/sda1
        That's going to take a very long time. In most circumstances, it is probably acceptable to use /dev/urandom instead.
      • by timeOday (582209) on Tuesday January 02, 2007 @07:30PM (#17437202)
        dd bs=1024 if=/dev/random of=/dev/sda1
        That was my system boot partition, you insensitive clod!

        As for erasing solid state media, I'd feel perfectly safe simply overwriting it with zeroes, one time over.

        I realize years ago magnetic media were written sparsely (inefficiently) with sloppy positioning mechanisms, but those days are long gone. I'd be really impressed to see somebody recover overwritten data on a hard drive instead of just talking about it.

        As for flash memory, I'll believe it when I see it.

        As for leaking information through discarded camera memory cards in the first, place, it's about the 1000th thing down my list of privacy concerns, way down below "binoculars." If you want to see pictures of random people's snapshots of each other, they're all over the web. How many of us really use our digicams to capture super-secret info? I just can't bring myself to care when I know databases of thousands of credit card numbers and SSNs are being bought and sold on the black market.

        • by Qzukk (229616)
          As for flash memory, I'll believe it when I see it.

          I don't think any magic whizbang stuff is needed, the vast majority of these devices are FAT filesystems where undelete.exe can recover deleted files. Or they do "fast formats" which just write out a new file allocation table without actually erasing any of the data (Not sure if the "full format" actually writes over data either, Microsoft's KB says the difference is that the full format scans for bad sectors).
          • by timeOday (582209)
            I don't think any magic whizbang stuff is needed, the vast majority of these devices are FAT filesystems where undelete.exe can recover deleted files.
            I'm claiming it's safe to overwrite once over with non-random information, not to simply unlink the information.
        • by Nazlfrag (1035012) on Tuesday January 02, 2007 @08:31PM (#17437800) Journal
          Secure Deletion of Data from Magnetic and Solid-State Memory [auckland.ac.nz] is a good insight into magnetic memory issues, and his followup paper [cypherpunks.to] covers solid state devices. It's by Peter Gutmann, Department of Computer Science, University of Auckland. His homepage [auckland.ac.nz] has more good info.

          In a nutshell, for hard drives, "If commercially-available SPM's are considered too expensive, it is possible to build a reasonably capable SPM for about US$1400, using a PC as a controller". So it is in the reach of the hobbyist to recover up to around the last 20 items recorded on any magnetic media (easier for floppies, harder as drives become denser). On solid state memory, I believe an electron microscope is needed for analysis. Still, data that has been in one location in RAM for more than five minutes is in theory recoverable.

          • by timeOday (582209)
            So where does he actually do an experiment and prove he can recover a significant amount of overwritten information?
        • Re: (Score:3, Interesting)

          by jetmarc (592741)
          > As for erasing solid state media, I'd feel perfectly safe
          > simply overwriting it with zeroes, one time over.

          For most purposes, this might be perfectly enough.

          Certainly an "all-zero" overwrite is far better than a "all-one" overwrite (flash erase operation). But then again it also depends on the controller, because what ends up in the floating gates is what really counts.

          See link (below) for some techniques to recover erased or overwritten flash memory. The basic idea is to measure the trapped charg
      • by afidel (530433)
        Nope, not completely unrecoverable, just difficult. Using an SEM anything written to a modern (mid 90's or later) HDD can be recovered even after many passes with "secure" delete patterns. Peter Gutmann wrote [sourceforge.net] about the problem years ago. Although he doesn't specifically mention flash ram I would imagine the problems facing DRAM and SRAM would be even more prevalent with flash due to wear leveling and other protection techniques meant to keep data safe on the flash device. When the data really needs to be se
        • In the case of flash a simple overwrite pattern of 0000 followed by an erase back to FFFF is sufficent to ensure complete erasure.
          Should the memory not have single bit writability, then an erase to FFFF followed by a write to 0000 and an erase back to FFFF is sufficent. This is because the data is not stored in magnetic domains, so simply ensuring all cells are written makes the charges on the cells fairly equal, the following erase operation and post erase repair that happens will obfscuate any remaining
        • The NSA still does a secure erasure / destruction process on flash-based drives. A clever person with an SEM can read a few layers deep on a flash cell, sorta similar to magnetic media. DRAM and SRAM don't really have any kind of long-term storage capability, so it's a non-issue there. Of course, physical destruction is always good, which is why some of the highest security solid-state disks include a mechanism for this.
    • There's an opensource app called "wipe" that I just used to wipe my drive before sending it in for repair. It's in portage if you're using Gentoo.

      It's slow, but probably not much slower than using dd manually.
    • by Sylver Dragon (445237) on Tuesday January 02, 2007 @07:37PM (#17437274) Journal
      If it's data you care about someone else getting a hold of, I would recommend using Thermite [wikipedia.org]. It's a wonderful, all purpose, cleanser of just about everything.
    • by phalse phace (454635) on Tuesday January 02, 2007 @07:48PM (#17437376)
      "What are the best methods for removing almost any record of data?"

      Have Chuck Norris give it a roundhouse kick.
    • Who cares what's on there? If you used a strong, 1-time key, you're done.
  • by PurifyYourMind (776223) on Tuesday January 02, 2007 @07:10PM (#17436988) Homepage
    I'm not entirely certain it'd work on memory cards, but it works great on hard drives. You can overwrite clustertips, free space, etc. with many passes of psuedo-random data. I think the new version is commercial, so here's a link to an older version: http://www.tolvanen.com/eraser/ [tolvanen.com]
    • by rbanzai (596355)
      Eraser can (and will) destroy your install even if you do everything properly. Please check their support forum before using this software, it is hideously buggy and destructive.
  • Memory effect (Score:5, Informative)

    by Anonymous Coward on Tuesday January 02, 2007 @07:19PM (#17437074)
    Memory cards do not have nearly as strong of a memory effect as hard drives. With a hard drive you can write and rewrite multiple times and still have data recovered by someone willing to spend the time, effort, and money. But memory cards are much harder. You could be relatively sure of safety if you just:

    1. Delete everything on the card.
    2. Fill the card with something not private (maybe a text file that just repeats the same character).
    3. Delete everything on the card.
    4. If you're paranoid do 2 and 3 again.

    If you don't have a computer handy, you can accomplish step 2 by taking photos of a blank sheet of paper or a lenscap or something of that sort.
    • by izomiac (815208)
      Or, if you're lazy...

      1. Delete everything on the card.
      2. Fill the card with images from certain sites every slashdotter knows about.

      I highly doubt anyone will have the desire to recover anything after that.
    • Shouldn't shred [die.net] used on the device (/dev/sdc or whatever) work fine for Linux users?
  • dd /dev/random (Score:4, Informative)

    by ettlz (639203) on Tuesday January 02, 2007 @07:22PM (#17437112) Journal
    I've recovered photos by hand for family members who've accidentally nuked their memory cards (did it the hard way with a hex editor, dd and cut). So wouldn't dd if=/dev/random of=/dev/ memory-card bs=1K count= card-size-in-kib suffice?
    • Re:dd /dev/random (Score:4, Informative)

      by ewhac (5844) on Tuesday January 02, 2007 @07:35PM (#17437252) Homepage Journal
      I wouldn't use /dev/random; it depletes the entropy pool far too quickly. Use /dev/zero instead:

      dd if=/dev/zero of=/dev/mem_card_node bs=256k

      If you want to be extra-friendly to the card's buyer, write a new partition table to the card after wiping it and format it for FAT32.

      Schwab

      • by Anonymous Coward on Tuesday January 02, 2007 @07:54PM (#17437438)
        Bols, I don't get it: are you actually saying there's NOT ENOUGH randomness out there?

        Here, have some of mine: ldjaofp9 bpm ]ak e]-07

        • by gardyloo (512791)
          Bols, I don't get it: are you actually saying there's NOT ENOUGH randomness out there?

          Here, have some of mine: ldjaofp9 bpm ]ak e]-07


              Huh. Somehow I *knew* you'd write that.
      • by drinkypoo (153816)
        If you want to be extra-friendly to the card's buyer, write a new partition table to the card after wiping it and format it for FAT32.

        Only cards over 2GB should be formatted FAT32. FAT16 supports partitions up to 2048MB and most devices will not read a FAT32 filesystem - typically, though, anything that supports devices larger than 2GB can and does use FAT32.

    • by opk (149665)
      /dev/zero would be just as good. Trouble with doing that is that you then need to reformat the memory card. For some reason, I find reformatting memory sticks/cards tends to result in very slightly lower capacity than they started with.
      • Nah, just delete your files and then write one big file that fills the existing filesystem:

        dd if=/dev/zero of=/mnt/sdcard/bigfile bs=1M; rm /mnt/sdcard/bigfile

        I do this all the time when I want to save an image of a partition using Ghost in sector-copy mode. I have an equivalent utility I wrote in Batch for Windows. All those zeroes compress quite well. ;)

        Anyway, analysis of the remaining FAT may reveal some of your old filenames, but not the data in them.

  • Stolen? (Score:2, Insightful)

    by monkeyboythom (796957)
    The evidence suggests that people are not aware that their privacy is at risk. In addition, the fact that some of the cards contained undeleted images is a bit disconcerting. At a bare minimum media card owners should have deleted the viewable images.

    After reading the article, I wondered how many of these cards are actually stolen?

    And I don't mean Pamela Anderson and Tommy Lee stolen either.

  • by DaveM753 (844913) on Tuesday January 02, 2007 @07:25PM (#17437142) Homepage
    I had a 4-month-old 250gb hard drive die of heatstroke within a fanless drive enclosure. The drive had, shall we say, material of an "educational" nature. (ahem)

    Anyway, I didn't want to release said material to the general public at [insert HD manufacturer here], so I abandoned any warranty recovery and just physically destroyed the drive. So much for that $100.
    • Some HD manufacturers will honor warranty with return of only the top cover of the HD unit.

      Ron
    • by miyako (632510)
      Many HD makers will send you a replacement drive without requiring the platters from the bad drive. Most of the time they just want the case to the hard drive.
    • Re: (Score:3, Funny)

      by noidentity (188756)
      That, my friend, is why you should keep a backup of your "data"! Then if the original drive goes bad, you still have a copy of the data to destroy if neessary.
  • So, if you're a pervert who enjoys walking around in a trench coat naked underneath, is this a good way to make money and satisfy the urge and make a few bucks?

    I'm wondering what a card will go for if it's advertised to *still* have pictures and data on it?

    Kind of like a mystery grab bag?

    • Re: (Score:3, Funny)

      by drawfour (791912)
      So, if you're a pervert who enjoys walking around in a trench coat naked underneath
      You know, we're all naked beneath our clothes.
  • by syousef (465911) on Tuesday January 02, 2007 @07:36PM (#17437268) Journal
    I'm sure a lot of people don't wipe the camera cards because they don't care if someone gets photos of their pets or disney vacation or drunken stupor. They figure most people - ie. those not interested in writing an alarmist privacy article - will simply wipe and use the card. Unless you're a celebrity, or have a stalker why would you care? You're probably photographed more by traffic cameras these days anyway.
    • by Kelson (129150) * on Tuesday January 02, 2007 @08:07PM (#17437544) Homepage Journal
      There's also the possibility that they might not have a way to delete it. If, for instance, the only thing they have that reads the card is the camera itself (and they've been retrieving images via USB), and the reason they're discarding the card is that the camera itself is broken, and their new camera uses different media...

      I can see the thought process going from "crap, I left some photos on there" to "eh, they're already on Flickr anyway." Unless there are photos that they haven't already downloaded, there's less motivation to track down something that will read (and erase) the card.
    • by SuperKendall (25149) on Tuesday January 02, 2007 @10:52PM (#17439034)
      From the article:

      In addition, the fact that some of the cards contained undeleted images is a bit disconcerting. At a bare minimum media card owners should have deleted the viewable images.

      Why? Why should they have, if they don't care who saw them? As they said, the images were all of clothed people and disney world and things, worth nothing to anyone but the owner.

      Privacy just for the sake of privacy seems to have taken hold of too many people, who do not stop to think - is there any point to privacy in this instance?

      Obviously if people did not want images being seen they should remove them; I just object to catiioning users against leaving images with the vague fear that "someone may see thier images" when that may not matter at all.
  • by GrumpySimon (707671) <email.simon@net@nz> on Tuesday January 02, 2007 @07:48PM (#17437382) Homepage
    There are ten or fifteen posts here with people suggesting that people should use dd, or wipe to write over these removable media to stop people recovering the data. Most people seem to be suggesting doing a dd from /dev/random TWENTY times.

    What I would like to know is what the most effective method is. Someone should take a bunch of these cards (and harddrives etc) and do a little controlled test to see how much of a photo/file is recoverable after one round of dd, after 10 rounds of dd, etc. In short - what's the most effective (time v.s. security) method for cleaning these things?
    • by Kelson (129150) *
      what's the most effective (time v.s. security) method for cleaning these things?

      That depends on whether you want the card to be usable afterward...

    • by rrohbeck (944847)
      Every bit cell on a Flash or EEPROM is a capacitor. Since it doesn't have remanence in spaces that may not see a flux change and the possibility of offtrack writes like a hard drive, overwriting with random data is unnecessary - better write 0x00, then 0xff, a few times.

      Writing a word or block in one of those devices means:
      - Erase the word/line/block to 0xff if necessary (i.e. if there are bits that need to be flipped to 1)
      - For each bit that is to be set to 0,
      -- bang on it with a pulse until it turns 0
      -- b
  • NASA's methodology (Score:4, Interesting)

    by Audacious (611811) on Tuesday January 02, 2007 @08:08PM (#17437546) Homepage
    When I first started at NASA the methodology was to use something like Norton's Erase, put it on Government Erase (three passes of writing first all ones, then all zeros, then all ones again, then doing half tracks). When Windows 98 came along we still used Norton's Erase but it had a different algorithm which was quite good too. When Windows 2000 came along we were no longer trusted to erase everything properly and we had to send the disk drives to a centralized location where they were wiped before being sold. When Windows XP came along we were told to just take a hammer to them. This was because the government had made so many cutbacks that there wasn't any money to properly erase the disk drives.

    On a side note: When I first started working at NASA we had a budget of well over a million dollars. We got rid of all of the really big mainframes, and minis, and went to micros. Our budget was reduced to somewhere around $500,000.00 a year (about a third of what we originally were given each year). What I'd like to know is - whatever happened to all of that money? We certainly never go pay raises which equaled the amount of money lost. So where did it go? The answer might be a bit more surprising than anyone really wants to know about. :-/
    • When Windows 2000 came along we were no longer trusted to erase everything properly and we had to send the disk drives to a centralized location where they were wiped before being sold.

      Interesting. I would rather trust a utility like Darik's Boot & Nuke than trust UPS or FedEx to actually get the drive to the centralized location. If UPS or FedEx fails, somebody might end up with a drive with NOTHING erased.

  • by frdmfghtr (603968) on Tuesday January 02, 2007 @08:32PM (#17437806)
    Why would I not post them on eBay, even if wiped?

    Aren't there data recovery services that recover data from supposedly wiped media (hard drives, memory cards, etc.)?

    Besides, how likely are you to to make back the listing fees on used media? Given how the prices are coming down, why would you buy used when you can buy new for only a little more? Brand new 1 GB CF is going for $10, why buy used?

    I would be worried that I would lose money selling used memory media on eBay; it would make more sense moneywise to just smash them with a hammer; get some exercise, and anything that was on them is now unrecoverable.
  • Who cares? (Score:3, Insightful)

    by ErikTheRed (162431) on Tuesday January 02, 2007 @08:32PM (#17437810) Homepage
    I mean seriously, the discussion shouldn't be about "proper erasure techniques that 99.999% of the public couldn't understand if they tried", it should be about not being such a tight-ass cheap fuck that you have to sell your old drives (flash / hard / whatever) on E-Bay. I mean, seriously, do you need to spend that much effort to net yourself an extra $5 or $10?

    I erase my old media with a sledgehammer. Try to recover that, bitch.
    • Re:Who cares? (Score:5, Insightful)

      by ivan_13013 (17447) <ivan DOT cooper AT gmail DOT com> on Tuesday January 02, 2007 @08:51PM (#17438008)
      Throwing away or destroying manufactured items when they are working and reusable is irresponsible, because it does not attempt to minimize environmental impact.

      Used items that are still in demand should be reused as much as possible, to reduce the demand for manufacturing these items (with all the power and waste involved in that) and the size of landfills.
      • Re: (Score:2, Insightful)

        by maxume (22995)
        I commit to not smashing ~1 memory card a year the second you get every(hell, some of them) Jim-Bob to stop driving his V8 100 miles to work everyday.
      • Re: (Score:3, Insightful)

        by pclminion (145572)

        Throwing away or destroying manufactured items when they are working and reusable is irresponsible, because it does not attempt to minimize environmental impact.

        And burning who knows how much gasoline in order to physically transport an object across the country that weighs something around 2 grams is not irresponsible?

        What would be responsible is giving it to an acquaintance or selling it locally on something like Craigslist. Putting it on eBay and shipping it to somebody who may be thousands of mile

    • I mean seriously, the discussion shouldn't be about "proper erasure techniques that 99.999% of the public couldn't understand if they tried",

      99.999% of the public probably can't imagine that I can still get it back after they've emptied the Recycle Bin on Windows 95-Vista.

      it should be about not being such a tight-ass cheap fuck that you have to sell your old drives (flash / hard / whatever) on E-Bay. I mean, seriously, do you need to spend that much effort to net yourself an extra $5 or $10?

      I sell o

  • by Perseid (660451) on Tuesday January 02, 2007 @09:01PM (#17438124)
    I'd just keep the damn thing. You know that as soon as you sell it you'll have a desperate need for it. That's just how the world works.
  • Why would somebody want to sell memory cards on eBay anyway? The only reason I can think of is because it was an original accessoiry for a digital camera or something. But the biggest one tested was 128 MB, which sells for - uh cannot find that one. 1 GB sells for 12,50 over here (SD).
  • by Erris (531066) on Tuesday January 02, 2007 @09:05PM (#17438180) Homepage Journal

    Much of the information in the article about data recovery is also covered by DebianAdministration.org [debian-adm...ration.org]. TestDisk and photorec, are afterall, free software.

    Hip, hip hooray!

FORTRAN is a good example of a language which is easier to parse using ad hoc techniques. -- D. Gries [What's good about it? Ed.]

Working...