Digital Photocopiers Loaded With Secrets 204
skids writes 'File this under "no, really?" CBS news catches up with the fact that photocopiers, whether networked or not, tend to have a much longer memory these days. When they eventually get tossed, few companies bother to scrub them. Couple this with the tendency of older employees to consider hard-copy to be "secure," and your most protected secrets may be shipped directly to information resellers — no hacking required. "The day we visited the New Jersey warehouse, two shipping containers packed with used copiers were headed overseas — loaded with secrets on their way to unknown buyers in Argentina and Singapore."'
Thats supposed to be obvious? (Score:5, Insightful)
Some people don't listen (Score:5, Insightful)
From the article (Score:3, Insightful)
Having worked in the digital industry up until 2007 I can tell you, that is a laughably inaccurate statement. We had half a dozen industrial-class copiers, all from 2004 or newer. The only one with a 'hard drive' in it was the high end color copier/printer; and we had to specifically add that option. I think it would be accurate to say that nearly all digital copiers might be configured to use a hard drive, though many are external and often separated from the device when it's sold.
Re:No one will bother (Score:4, Insightful)
Ok, let's try this again. No one is going to go through piles of keylogger data most of which is filled with lols and a\s\l?s to try and find a persons banking credentials, wait
No one will do it, except the people that do. There is a buck to be made, people will do it.
Re:No one will bother (Score:3, Insightful)
No one is going to sort through millions of pointless memos about employee picnics and birthday party announcements on the off chance that there's something potentially valuable to someone somewhere.
Want to bet? Oh, that's right you already are betting. If no one goes through your copier data you win -- nothing. If someone finds a password or credit card number you lose -- big time.
So nothing to gain and everything to lose. Sounds like wiping the copier disk is a "must do"!
that's an interesting bank statement, mr salesman (Score:3, Insightful)
Re:Thats supposed to be obvious? (Score:4, Insightful)
Security thru lack of features, maybe.
Re:Some people don't listen (Score:5, Insightful)
Instead now you have a situation where you're calling someone out on something that is not their responsibility... that's not the nicest (or most effective!) way of handling it.
Re:No one will bother (Score:5, Insightful)
Data is valuable. Labor is cheap.
Comment removed (Score:5, Insightful)
Re:Why? (Score:3, Insightful)
Why did they start designing copy machines to have long term storage, and to keep a copy of everything ever copied?
The news report is being sensationalist, and leading you to believe that it's keeping the data. Listen to the report again: they use a forensic program to get at the files. In other words, unless you tell the device to save the image, it's deleted. (The catch is that "deleted" means "entry deleted", not "file wiped off the drive".)
In other words, companies aren't wiping the hard drives of leased copiers. (Then again, are companies wiping the drives of leased PCs? Of PCs they owned, then threw away?)
Sun rises in east. Water is wet. Files that aren't wiped are able to be recovered from hard disks. Yawn...
Re:S/N (Score:5, Insightful)
the criminals will have to wade through a sea of lolcats and fail posters to get to any actual business information
Unless they find a way to make the text searcheable and just search for "social security number" or "credit card number" and look at what's written right next to it. And while I don't know how to do that personally, it seems like the type of thing that would take about 10 minutes to figure out and then another 10 minutes to actually do.
Re:Thats supposed to be obvious? (Score:4, Insightful)
Well, the original submission says,
Coupled with the tendency of older employees to consider hard-copy to be "secure"...
...so it looks like this is only a problem for the geezers; after all, digital photocopiers are like magic to them. There's virtually no chance that any of the savvy young hipsters in your organization could fail to be aware of this threat.
Re:No problem (Score:3, Insightful)
I always take care to disguise my ass before photocopying it.
Well in my day...
"People wrote books and movies, movies that had stories so you cared whose ass it was and why it was farting. And I believe that time can come again!"
Re:No one will bother (Score:1, Insightful)
Re:Thats supposed to be obvious? (Score:5, Insightful)
Re:Why? (Score:3, Insightful)
It probably comes down to cost.
If a printer has a 22ppm rate and has 64MB of RAM, you're not going to be able to print more than one or two larger print jobs at a time - particularly if they're RAW jobs. You'll need a print server for that, and you'll have a significant bottleneck before getting to the printer/the printer accepts the job. This leads to user agitation.
So, while 128MB costs $100 (at the time), a 40G disk costs roughly the same amount - and you can cache to disk with marginal overhead and provide a more seamless user experience than the RAM would provide - all while increasing how many jobs can be accepted to queue at a time.
Do ALL ATA HDs support secure erase? (Score:1, Insightful)
Your statement that "Every HDD out there, as part of the ATA standard, supports a secure erase command" seemed overbroad; I didn't think that was part of the earlier standards.
I checked www.t13.org to get a copy of the earliest ATA standard, but discovered:
1. It has been "withdrawn" and no longer available from that source;
2. You have to pay money to get the docs (no problem for corporations, more of a problem for individuals);
3. Following the link on the t13.org web page to "Antitrust Policy" results in a "404" error; and,
4. According to the the logo at the bottom of the t13.org home page, t13.org is "Powered by WD" (Western Digital).
Hmmmm...
ALL hard drives