Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security Media Technology

Memories of a Media Card 266

Posted by kdawson from the embarassing-moments dept.
twistedmoney99 writes "Anyone who has upgraded their digital camera probably has a few older, incompatible media cards lying around — so why not post them on Ebay? Well, if you do, be sure to properly wipe them because the digital voyeurs are watching. Seth Fogie at InformIT.com purchased a bunch of used cards from Ebay and found recoverable data on most of them. Using the freely available PhotoRec application, he was able to extract pictures, movies, and more from apparently formatted cards. The picture is clear — wipe anything that can store digital data before getting rid of it."
This discussion has been archived. No new comments can be posted.

Memories of a Media Card More

Memories of a Media Card

Comments Filter:

  • Re:speaking of wiping data (Score:2, Informative)

    by Anonymous Coward on Tuesday January 02, 2007 @07:09PM (#17436978)
    dd from /dev/urandom onto the media multiple times ( in excess of 20 times if you are paranoid )

  • Re:speaking of wiping data (Score:1, Informative)

    by Anonymous Coward on Tuesday January 02, 2007 @07:11PM (#17436992)
    Eraser

    http://www.heidi.ie/eraser/ [heidi.ie]

  • Memory effect (Score:5, Informative)

    by Anonymous Coward on Tuesday January 02, 2007 @07:19PM (#17437074)
    Memory cards do not have nearly as strong of a memory effect as hard drives. With a hard drive you can write and rewrite multiple times and still have data recovered by someone willing to spend the time, effort, and money. But memory cards are much harder. You could be relatively sure of safety if you just:

    1. Delete everything on the card.
    2. Fill the card with something not private (maybe a text file that just repeats the same character).
    3. Delete everything on the card.
    4. If you're paranoid do 2 and 3 again.

    If you don't have a computer handy, you can accomplish step 2 by taking photos of a blank sheet of paper or a lenscap or something of that sort.

  • dd /dev/random (Score:4, Informative)

    by ettlz ( 639203 ) on Tuesday January 02, 2007 @07:22PM (#17437112) Journal
    I've recovered photos by hand for family members who've accidentally nuked their memory cards (did it the hard way with a hex editor, dd and cut). So wouldn't dd if=/dev/random of=/dev/ memory-card bs=1K count= card-size-in-kib suffice?

  • Re:dd /dev/random (Score:4, Informative)

    by ewhac ( 5844 ) on Tuesday January 02, 2007 @07:35PM (#17437252) Homepage Journal
    I wouldn't use /dev/random; it depletes the entropy pool far too quickly. Use /dev/zero instead:

    dd if=/dev/zero of=/dev/mem_card_node bs=256k

    If you want to be extra-friendly to the card's buyer, write a new partition table to the card after wiping it and format it for FAT32.

    Schwab

  • Re:speaking of wiping data (Score:5, Informative)

    by croddy ( 659025 ) on Tuesday January 02, 2007 @07:39PM (#17437286)

    Better (and more convenient) than dd'ing from /dev/urandom is wipe(1). It will, at your option, overwrite the disk using 34 different byte patterns, 8 of which are random.

    Its man page is also the only one I know of that uses the phrases "rising totalitarianism", "Department of Homeland Security", and "THIS IS AN EXTREMELY DANGEROUS THING TO DO".

  • unnecessary (Score:3, Informative)

    by oohshiny ( 998054 ) on Tuesday January 02, 2007 @08:11PM (#17437586)
    Something like "wipe" is needed for rotational magnetic media. For flash, a simple cat /dev/zero > /dev/sd... is sufficient.

  • Re:speaking of wiping data (Score:3, Informative)

    by Blkdeath ( 530393 ) on Tuesday January 02, 2007 @08:12PM (#17437596) Homepage

    At my last job, we used "Darik's Boot and Nuke", available at dban.sourceforge.net. You boot off the floppy, type "dod" and it wiped the drive according to Dept of Defense standards. It worked great (I hope)!

    {sigh} This has been discussed before. The DoD's standards for highly classified computers amounts to a very large hole-punch and an incinerator. The "standards" you refer to amount to the wiping they do on receptionist and non-classified computers.

  • Re:I don't even bother to erase mine. (Score:5, Informative)

    by MS-06FZ ( 832329 ) on Tuesday January 02, 2007 @08:13PM (#17437616) Homepage Journal

    You should try using a zoom lens.
     
    (Just kidding!)
    <sigh>
    He'd need a zoom lens if he were very tall - or if otherwise his dick or parts of it were very distant from the camera.

    If it were small, he'd want a macro lens.

  • Re:cipher.exe is overkill for flash memory (Score:2, Informative)

    by RvLeshrac ( 67653 ) on Tuesday January 02, 2007 @08:16PM (#17437642)
    http://www.zdelete.com/dod.htm [zdelete.com]

    The DOD already answered this question.

    Whenever there's any doubt, DOD standards are the way to go.

  • Re:speaking of wiping data (Score:3, Informative)

    by udderly ( 890305 ) * on Tuesday January 02, 2007 @08:29PM (#17437772)
    I've been using Eraser for years. What more could you want? DOD & better wipe capability, secure move, right click context menu, erasing report and all for the low, low price of FREE!

  • Re:speaking of wiping data (Score:4, Informative)

    by Nazlfrag ( 1035012 ) on Tuesday January 02, 2007 @08:31PM (#17437800) Journal
    Secure Deletion of Data from Magnetic and Solid-State Memory [auckland.ac.nz] is a good insight into magnetic memory issues, and his followup paper [cypherpunks.to] covers solid state devices. It's by Peter Gutmann, Department of Computer Science, University of Auckland. His homepage [auckland.ac.nz] has more good info.

    In a nutshell, for hard drives, "If commercially-available SPM's are considered too expensive, it is possible to build a reasonably capable SPM for about US$1400, using a PC as a controller". So it is in the reach of the hobbyist to recover up to around the last 20 items recorded on any magnetic media (easier for floppies, harder as drives become denser). On solid state memory, I believe an electron microscope is needed for analysis. Still, data that has been in one location in RAM for more than five minutes is in theory recoverable.

  • Re:Memory effect (Score:5, Informative)

    by ivan_13013 ( 17447 ) <ivan DOT cooper AT gmail DOT com> on Tuesday January 02, 2007 @09:12PM (#17438234)
    Whoa there. It is NOT bullshit. In fact it is COMPLETELY POSSIBLE to recover overwritten data from a hard drive, even if it was written over several times with random or nonrandom data. Remember that magnetic media cannot really store 1 and 0. It can only store a magnetic flux using ANALOG electronic components!

    The NSA today (and other people) can use Magentic Force Microscopy to extract enough detail to reconstruct what used to be on the drive. With only one or two overwrites, a sensitive oscilloscope could suffice.

    Here's one paper from ten years ago that talks more about the recovery technique.
    http://www.usenix.org/publications/library/proceed ings/sec96/full_papers/gutmann/ [usenix.org]

    From the paper:

    "In conventional terms, when a one is written to disk the media records a one, and when a zero is written the media records a zero. However the actual effect is closer to obtaining a 0.95 when a zero is overwritten with a one, and a 1.05 when a one is overwritten with a one. Normal disk circuitry is set up so that both these values are read as ones, but using specialised circuitry it is possible to work out what previous "layers" contained. The recovery of at least one or two layers of overwritten data isn't too hard to perform by reading the signal from the analog head electronics with a high-quality digital sampling oscilloscope, downloading the sampled waveform to a PC, and analysing it in software to recover the previously recorded signal. What the software does is generate an "ideal" read signal and subtract it from what was actually read, leaving as the difference the remnant of the previous signal."

  • Re:I don't even bother to erase mine. (Score:1, Informative)

    by Anonymous Coward on Tuesday January 02, 2007 @09:18PM (#17438296)
    Nitpick: you mean "telephoto", not "zoom". A zoom lens has a range of focal lengths - eg, Canon makes a wide-angle zoom lens that goes from 10mm to 22mm for their digital SLRs, or 17mm to 40mm for their full frame (film, 5D, 1Ds series) bodies. They're genuine zoom lenses, but you get more reach from a 50mm prime than you can from those zooms.

    In other words: zoom => you can change the focal length within a certain range. Telephoto => narrower field of view => bringing distant objects closer. A lot of zoom lenses are telephotos, but not all; similarly, a lot of telephotos are zooms, but not all. (Drool ... 400mm f/2.8 prime ... niiiiiice.)

  • Re:speaking of wiping data (Score:3, Informative)

    by fireman sam ( 662213 ) on Tuesday January 02, 2007 @10:10PM (#17438712) Homepage Journal
    Here is a tried and trusted method:
    http://en.wikipedia.org/wiki/Gutmann_method [wikipedia.org]

  • ncrypt (Score:2, Informative)

    by shastry ( 1046162 ) on Tuesday January 02, 2007 @11:04PM (#17439130) Homepage
    Just use http://ncrypt.sourceforge.net/ [sourceforge.net] to wipe data. It offers Gutmann and Military grade wipes.

Slashdot Top Deals

Any circuit design must contain at least one part which is obsolete, two parts which are unobtainable, and three parts which are still under development.

Close