Sign in with
Sign up | Sign in
Your question

IBM and Identity Theft--Hard Drive

Tags:
  • Hard Drives
  • IBM
  • Storage
  • Product
Last response: in Storage
Share
Anonymous
a b G Storage
September 8, 2005 3:32:38 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Recently I had a hard drive crash on my laptop during the warranty
period. IBM (Lenovo, I would guess) sent me a new hard drive, which I
installed and restored.

Now IBM wants the old drive back. I told them I would damage it so they
couldn't read the data. This is unacceptable to them. It must be sent
back no more damaged than it was at the time of the crash. The
representative said they often recyle them.

While my data was backed up, a lot of the data on the drive they want
returned is probably recoverable.

This raises serious identity theft issues in my mind, despite their
assurances that my data won't be used.

This may be industry practice--I don't know. If so, there is a lot of
data being sent back to computer manufacturers on damaged hard drives.

This presents an untapped (or maybe being used now) source for data and
identity theft.

IBM suggested I could send the hard drive to a data recovery company,
but 1. this solution is very expensive and 2. I'm not sure how to
verify that the data has been effectively erased so it is not
recoverable by IBM.

Shouldn't there be so kind of industry restriction in place to prevent
this ? Otherwise the warranty is a sham, unless you agree to send the
hard drive back--which in many cases may contain sensitive data.

This may be an industry wide issue.

More about : ibm identity theft hard drive

Anonymous
a b G Storage
September 8, 2005 7:07:32 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

<tfodom@gmail.com> wrote in message
news:1126204358.776813.163240@o13g2000cwo.googlegroups.com...
>
> Recently I had a hard drive crash on my laptop during the warranty
> period. IBM (Lenovo, I would guess) sent me a new hard drive, which I
> installed and restored.
>
> Now IBM wants the old drive back. I told them I would damage it so they
> couldn't read the data. This is unacceptable to them. It must be sent
> back no more damaged than it was at the time of the crash. The
> representative said they often recyle them.
>
> While my data was backed up, a lot of the data on the drive they want
> returned is probably recoverable.
>
> This raises serious identity theft issues in my mind, despite their
> assurances that my data won't be used.
>
> This may be industry practice--I don't know. If so, there is a lot of
> data being sent back to computer manufacturers on damaged hard drives.
>
> This presents an untapped (or maybe being used now) source for data and
> identity theft.
>
> IBM suggested I could send the hard drive to a data recovery company,
> but 1. this solution is very expensive and 2. I'm not sure how to
> verify that the data has been effectively erased so it is not
> recoverable by IBM.
>
> Shouldn't there be so kind of industry restriction in place to prevent
> this ? Otherwise the warranty is a sham, unless you agree to send the
> hard drive back--which in many cases may contain sensitive data.
>
> This may be an industry wide issue.
>

Yes, this is an industry wide issue.

Most individuals/companies do not understand their data can be recovered.

IBM will indicate the data would be wiped from your hdd and the technician
does not have any interest in your data (99% of the time this will be true).
What if your hdd is lost in transit? What if the technician that works on
your hdd is in the other 1%?

If the hdd will spin up and detect in the bios why not wipe it down
yourself. There are free software apps that will wipe your hdd.
If the hdd will not spin up the odds of an IBM tech trying to recover data
is very minimal.
Anonymous
a b G Storage
September 8, 2005 10:10:28 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

My proposal to IBM was that I would physically destroy the disk so that
data could not be recovered from it. Then, I would return it to them.


I guess there is a scenario that I could keep doing this during the
warranty period of one year and mangle my way through100 or so jard
drives--assuming quick delivery and no objection on their part after
"x" incidents.

Of course, this scenario could be played out on other items that don't
carry data on them like a cd-rom drive or keyboard. This is not an
issue that's been in the news lately.

I'm not qualified to determine how to protect the manufacturers. I'm
really more concerned how to protect my data from misuse in today's
world. Identity theft, as we know it today, is relatively new. Parts
return has been in place a long time.

It would be my belief that the industry can find some way to accomodate
both the manufacturer and the customer, e.g. perhaps provide only one
hard drive replacement during the warranty period. Dunno if that would
work for them.

I do know that replacement hard drives of this type are relatively
inexpensive at retail. I can buy one and may end up having to pay for
it. However, that makes the warranty useless to me, and, I'd suspect,
others.

It's just a matter of time until something happens that will require
legistlation. It would be nice if industry could head that off.
Identity and data theft is just too big a problem.
Related resources
Anonymous
a b G Storage
September 9, 2005 12:31:51 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

someone2 wrote:
>
> Yes, this is an industry wide issue.
>
> Most individuals/companies do not understand their data can be recovered.
>
> IBM will indicate the data would be wiped from your hdd and the technician
> does not have any interest in your data (99% of the time this will be true).
> What if your hdd is lost in transit? What if the technician that works on
> your hdd is in the other 1%?


I'm afraid from feedback I have received, it seems there exists a "club"
within certain organisations to see who can find the most sordid /
interesting data on returned drives.

If you have any doubts whatsoever, simply physically destroy the failed
drive and pay for the cost of a new one.

I don't agree at all with the returns principle of drive manufacturers -
but there's not much you can do about it without a good lawyer and
plenty of financial backing.


Odie
--
Retrodata
www.retrodata.co.uk
Globally Local Data Recovery Experts
Anonymous
a b G Storage
September 9, 2005 2:04:47 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

On Thursday 08 September 2005 12:32, tfodom@gmail.com <tfodom@gmail.com>
(<1126204358.776813.163240@o13g2000cwo.googlegroups.com>) wrote:

> Recently I had a hard drive crash on my laptop during the warranty
> period. IBM (Lenovo, I would guess) sent me a new hard drive, which I
> installed and restored.
>
> Now IBM wants the old drive back.

This is standard. Is there any "industry" where the customer is not
required to return the failed part as part of the warranty service?

> I told them I would damage it so they couldn't read the data. This is
> unacceptable to them.

This is standard. The vendor may just want proof the cause of the failure
was covered under the warranty.

> This raises serious identity theft issues in my mind, despite their
> assurances that my data won't be used.

This is standard. When I worked for the DoD, we couldn't return drives that
failed under warranty. We had to destroy them and pay the price for new
drives.

> Shouldn't there be so kind of industry restriction in place to prevent
> this ?

No.

> Otherwise the warranty is a sham, unless you agree to send the
> hard drive back--which in many cases may contain sensitive data.

If you want warranty service on a storage medium, don't keep anything
confidential on it.

> This may be an industry wide issue.

There's no issue.
Anonymous
a b G Storage
September 9, 2005 2:07:23 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

<tfodom@gmail.com> wrote:

> Shouldn't there be so kind of industry restriction in place to prevent
> this ? Otherwise the warranty is a sham, unless you agree to send the
> hard drive back--which in many cases may contain sensitive data.

Speaking of shams (or scams), how do you propose to protect
manufacturers from fraudulent warranty claims if they aren't allowed to
require the return of supposedly defective items for testing?
Anonymous
a b G Storage
September 9, 2005 2:07:30 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

"Odie Ferrous" <odie_ferrous@hotmail.com> wrote in message news:432091A7.F6A24FCC@hotmail.com
> someone2 wrote:
> >
> > Yes, this is an industry wide issue.
> >
> > Most individuals/companies do not understand their data can be recovered.
> >
> > IBM will indicate the data would be wiped from your hdd and the technician
> > does not have any interest in your data (99% of the time this will be true).
> > What if your hdd is lost in transit? What if the technician that works on
> > your hdd is in the other 1%?
>
>
> I'm afraid from feedback I have received, it seems there exists a "club"
> within certain organisations to see who can find the most sordid /
> interesting data on returned drives.

And what have you done with that information, Duncan?

>
> If you have any doubts whatsoever, simply physically destroy the failed
> drive and pay for the cost of a new one.
>
> I don't agree at all with the returns principle of drive manufacturers -
> but there's not much you can do about it without a good lawyer and
> plenty of financial backing.
>
>
> Odie
Anonymous
a b G Storage
September 9, 2005 9:03:13 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

tfodom@gmail.com wrote:
> Recently I had a hard drive crash on my laptop during the warranty
> period. IBM (Lenovo, I would guess) sent me a new hard drive, which I
> installed and restored.
>
> Now IBM wants the old drive back. I told them I would damage it so
> they couldn't read the data. This is unacceptable to them. It must be
> sent back no more damaged than it was at the time of the crash. The
> representative said they often recyle them.
>
> While my data was backed up, a lot of the data on the drive they want
> returned is probably recoverable.
>
> This raises serious identity theft issues in my mind, despite their
> assurances that my data won't be used.
>
> This may be industry practice--I don't know. If so, there is a lot of
> data being sent back to computer manufacturers on damaged hard drives.
>
> This presents an untapped (or maybe being used now) source for data
> and identity theft.
>
> IBM suggested I could send the hard drive to a data recovery company,
> but 1. this solution is very expensive and 2. I'm not sure how to
> verify that the data has been effectively erased so it is not
> recoverable by IBM.

> Shouldn't there be so kind of industry restriction in place to prevent this ?

Nope, you're always welcome to not exercise the warranty
and just pay for a replacement if the data matters to you.

You can also use the security mode that ensures that the
data cannot be readily obtained from the drive and that
only a wipe by the drive can be done before it can be used.

That isnt a bad idea anyway when laptops can be stolen etc.

> Otherwise the warranty is a sham, unless you agree to send the
> hard drive back--which in many cases may contain sensitive data.

> This may be an industry wide issue.

Yes, it always has been. You've only just noticed it yourself.

Just as true of repairs to the full laptop or PC too. You are
essentially risking the repairer having access to the data.
Anonymous
a b G Storage
September 9, 2005 11:02:41 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Folkert Rienstra wrote:
>
> "Odie Ferrous" <odie_ferrous@hotmail.com> wrote in message news:432091A7.F6A24FCC@hotmail.com
> > someone2 wrote:
> > >
> > > Yes, this is an industry wide issue.
> > >
> > > Most individuals/companies do not understand their data can be recovered.
> > >
> > > IBM will indicate the data would be wiped from your hdd and the technician
> > > does not have any interest in your data (99% of the time this will be true).
> > > What if your hdd is lost in transit? What if the technician that works on
> > > your hdd is in the other 1%?
> >
> >
> > I'm afraid from feedback I have received, it seems there exists a "club"
> > within certain organisations to see who can find the most sordid /
> > interesting data on returned drives.
>
> And what have you done with that information, Duncan?


I'm amazed you should ask that of me, Folkert.

I keep a copy my clients' recovered data for a week or until they
confirm they are entirely satisfied with it - whichever is shorter.

Then it is erased. Securely, of course.


Odie
--
Retrodata
www.retrodata.co.uk
Globally Local Data Recovery Experts
Anonymous
a b G Storage
September 9, 2005 4:14:09 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

tfodom@gmail.com wrote

> My proposal to IBM was that I would physically destroy the disk so that
> data could not be recovered from it. Then, I would return it to them.

Trouble is that anyone could use that approach if they wanted a new hard
drive that had not failed under warranty but had just been dropped etc.

> I guess there is a scenario that I could keep doing this during the
> warranty period of one year and mangle my way through100 or so jard
> drives--assuming quick delivery and no objection on their part after "x"
> incidents.

Or just once after you had dropped it etc.

> Of course, this scenario could be played out on other items
> that don't carry data on them like a cd-rom drive or keyboard.
> This is not an issue that's been in the news lately.

> I'm not qualified to determine how to protect the manufacturers.
> I'm really more concerned how to protect my data from misuse in
> today's world. Identity theft, as we know it today, is relatively new.

Then you had better learn how to use the security
feature thats been in laptop hard drives for years now.

> Parts return has been in place a long time.

And so has that data security question
when getting anything repaired etc.

> It would be my belief that the industry can find some way
> to accomodate both the manufacturer and the customer,

Been around for years now with that security feature.

> e.g. perhaps provide only one hard drive
> replacement during the warranty period.
> Dunno if that would work for them.

Corse not.

> I do know that replacement hard drives of this type
> are relatively inexpensive at retail. I can buy one and
> may end up having to pay for it. However, that makes
> the warranty useless to me, and, I'd suspect, others.

See above.

> It's just a matter of time until something
> happens that will require legistlation.

Wrong, there are perfectly adequate approaches available now.

> It would be nice if industry could head that off.

Nothing to 'head off'

> Identity and data theft is just too big a problem.

And that is one of the reasons laptop hard drives have that level of security.
Anonymous
a b G Storage
September 9, 2005 4:14:10 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Rod Speed wrote:
>
> tfodom@gmail.com wrote
>
> > My proposal to IBM was that I would physically destroy the disk so that
> > data could not be recovered from it. Then, I would return it to them.
>
> Trouble is that anyone could use that approach if they wanted a new hard
> drive that had not failed under warranty but had just been dropped etc.
>
> > I guess there is a scenario that I could keep doing this during the
> > warranty period of one year and mangle my way through100 or so jard
> > drives--assuming quick delivery and no objection on their part after "x"
> > incidents.
>
> Or just once after you had dropped it etc.
>
> > Of course, this scenario could be played out on other items
> > that don't carry data on them like a cd-rom drive or keyboard.
> > This is not an issue that's been in the news lately.
>
> > I'm not qualified to determine how to protect the manufacturers.
> > I'm really more concerned how to protect my data from misuse in
> > today's world. Identity theft, as we know it today, is relatively new.
>
> Then you had better learn how to use the security
> feature thats been in laptop hard drives for years now.


It's been possible (also for years) to bypass this security feature.

Not easy, but it can be done. It *is* done.


Odie
--
Retrodata
www.retrodata.co.uk
Globally Local Data Recovery Experts
Anonymous
a b G Storage
September 9, 2005 8:02:39 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Previously tfodom@gmail.com wrote:

> Recently I had a hard drive crash on my laptop during the warranty
> period. IBM (Lenovo, I would guess) sent me a new hard drive, which I
> installed and restored.

> Now IBM wants the old drive back. I told them I would damage it so they
> couldn't read the data. This is unacceptable to them. It must be sent
> back no more damaged than it was at the time of the crash. The
> representative said they often recyle them.

> While my data was backed up, a lot of the data on the drive they want
> returned is probably recoverable.

> This raises serious identity theft issues in my mind, despite their
> assurances that my data won't be used.

> This may be industry practice--I don't know. If so, there is a lot of
> data being sent back to computer manufacturers on damaged hard drives.

> This presents an untapped (or maybe being used now) source for data and
> identity theft.

> IBM suggested I could send the hard drive to a data recovery company,
> but 1. this solution is very expensive and 2. I'm not sure how to
> verify that the data has been effectively erased so it is not
> recoverable by IBM.

> Shouldn't there be so kind of industry restriction in place to prevent
> this ? Otherwise the warranty is a sham, unless you agree to send the
> hard drive back--which in many cases may contain sensitive data.

> This may be an industry wide issue.

It is. If the drive is not writable anymore your choices are to
decline the replacement or risk sending back your data. This
is one more good reason to use encryption on sensitive stuff.

Personally I decide on a case-by-case basis, but I have had
instances where there was sensitive data (with regard to
privacy laws) on an unaccessable disk. I did not send that back
but destroyed it.

Arno
Anonymous
a b G Storage
September 9, 2005 8:04:11 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Previously Odie Ferrous <odie_ferrous@hotmail.com> wrote:
> Rod Speed wrote:
>>
>> tfodom@gmail.com wrote
>>
>> > My proposal to IBM was that I would physically destroy the disk so that
>> > data could not be recovered from it. Then, I would return it to them.
>>
>> Trouble is that anyone could use that approach if they wanted a new hard
>> drive that had not failed under warranty but had just been dropped etc.
>>
>> > I guess there is a scenario that I could keep doing this during the
>> > warranty period of one year and mangle my way through100 or so jard
>> > drives--assuming quick delivery and no objection on their part after "x"
>> > incidents.
>>
>> Or just once after you had dropped it etc.
>>
>> > Of course, this scenario could be played out on other items
>> > that don't carry data on them like a cd-rom drive or keyboard.
>> > This is not an issue that's been in the news lately.
>>
>> > I'm not qualified to determine how to protect the manufacturers.
>> > I'm really more concerned how to protect my data from misuse in
>> > today's world. Identity theft, as we know it today, is relatively new.
>>
>> Then you had better learn how to use the security
>> feature thats been in laptop hard drives for years now.


> It's been possible (also for years) to bypass this security feature.

> Not easy, but it can be done. It *is* done.

I would have been surprisied if it was not known to the data-recovery
community by now...

My advice is to either do without warranty replacement or to use strong
encryption for the sensitive stuff. Encrypted or no swap is also a
good idea.

Arno
Anonymous
a b G Storage
September 9, 2005 10:00:57 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Odie Ferrous <odie_ferrous@hotmail.com> wrote:
> Rod Speed wrote:
>>
>> tfodom@gmail.com wrote
>>
>>> My proposal to IBM was that I would physically destroy the disk so
>>> that data could not be recovered from it. Then, I would return it
>>> to them.
>>
>> Trouble is that anyone could use that approach if they wanted a new
>> hard drive that had not failed under warranty but had just been
>> dropped etc.
>>
>>> I guess there is a scenario that I could keep doing this during the
>>> warranty period of one year and mangle my way through100 or so jard
>>> drives--assuming quick delivery and no objection on their part
>>> after "x" incidents.
>>
>> Or just once after you had dropped it etc.
>>
>>> Of course, this scenario could be played out on other items
>>> that don't carry data on them like a cd-rom drive or keyboard.
>>> This is not an issue that's been in the news lately.
>>
>>> I'm not qualified to determine how to protect the manufacturers.
>>> I'm really more concerned how to protect my data from misuse in
>>> today's world. Identity theft, as we know it today, is relatively
>>> new.
>>
>> Then you had better learn how to use the security
>> feature thats been in laptop hard drives for years now.
>
>
> It's been possible (also for years) to bypass this security feature.
>
> Not easy, but it can be done. It *is* done.

Irrelevant to how likely it is that IBM would be silly enough to bother.
Anonymous
a b G Storage
September 9, 2005 11:13:17 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

"Arno Wagner" <me@privacy.net> wrote in message news:3odq3qF5g6t9U3@individual.net
> Previously Odie Ferrous <odie_ferrous@hotmail.com> wrote:
> > Rod Speed wrote:
> > >
> > > tfodom@gmail.com wrote
> > >
> > > > My proposal to IBM was that I would physically destroy the disk so that
> > > > data could not be recovered from it. Then, I would return it to them.
> > >
> > > Trouble is that anyone could use that approach if they wanted a new hard
> > > drive that had not failed under warranty but had just been dropped etc.
> > >
> > > > I guess there is a scenario that I could keep doing this during the
> > > > warranty period of one year and mangle my way through100 or so jard
> > > > drives--assuming quick delivery and no objection on their part after "x"
> > > > incidents.
> > >
> > > Or just once after you had dropped it etc.
> > >
> > > > Of course, this scenario could be played out on other items
> > > > that don't carry data on them like a cd-rom drive or keyboard.
> > > > This is not an issue that's been in the news lately.
> > >
> > > > I'm not qualified to determine how to protect the manufacturers.
> > > > I'm really more concerned how to protect my data from misuse in
> > > > today's world. Identity theft, as we know it today, is relatively new.
> > >
> > > Then you had better learn how to use the security
> > > feature thats been in laptop hard drives for years now.
>
>
> > It's been possible (also for years) to bypass this security feature.
>
> > Not easy, but it can be done. It *is* done.
>
> I would have been surprisied if

> it

What 'it' ?

> was not known to the data-recovery community by now...

>
> My advice is to either do without warranty replacement or to use strong
> encryption for the sensitive stuff.

A bit late when the drive has died already.

> Encrypted or no swap is also a good idea.

Whatever that's supposed to mean.

>
> Arno
September 10, 2005 3:59:28 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Arno Wagner wrote in message <3odq0vF5g6t9U2@individual.net>...
>Previously tfodom@gmail.com wrote:
>[snip]
>> While my data was backed up, a lot of the data on the drive they want
>> returned is probably recoverable.
>> This raises serious identity theft issues in my mind, despite their
>> assurances that my data won't be used.
>
>[snip] If the drive is not writable anymore your choices are to
>decline the replacement or risk sending back your data. This
>is one more good reason to use encryption on sensitive stuff.
>Arno

I once wanted to test the old 'Color TVs can kill data', so I touched a
floppy disk to the TV screen. WHAM, no more data, couldn't even format it
for re-use.
I know that wouldn't work on the metal cased HD, but what about a TV
de-gausser? Or, a strong magnet placed against the case and moved randomly?
Think that would wipe it out?

And what about airport X-ray machines, is that just rumor?

--
Bob R
POVrookie
Anonymous
a b G Storage
September 10, 2005 3:59:29 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

On Fri, 09 Sep 2005 23:59:28 GMT, "BobR" <RemoveBadBobR@worldnet.att.net>
wrote:

>
>Arno Wagner wrote in message <3odq0vF5g6t9U2@individual.net>...
>>Previously tfodom@gmail.com wrote:
>>[snip]
>>> While my data was backed up, a lot of the data on the drive they want
>>> returned is probably recoverable.
>>> This raises serious identity theft issues in my mind, despite their
>>> assurances that my data won't be used.
>>
>>[snip] If the drive is not writable anymore your choices are to
>>decline the replacement or risk sending back your data. This
>>is one more good reason to use encryption on sensitive stuff.
>>Arno
>
>I once wanted to test the old 'Color TVs can kill data', so I touched a
>floppy disk to the TV screen. WHAM, no more data, couldn't even format it
>for re-use.
>I know that wouldn't work on the metal cased HD, but what about a TV
>de-gausser? Or, a strong magnet placed against the case and moved randomly?
>Think that would wipe it out?
>
>And what about airport X-ray machines, is that just rumor?

If you've reported a specific error code from the company's diagnostic
software in order to qualify for the RMA replacement, causing other
permanent defects with a degausser strong enough to affect the platters
and the r/w heads is going to void that replacement. They want a drive
they can wipe and resell as reconditioned. They (multinational
corporations like IBM) don't care about your data. They do care about
wringing every bit of resale value out of the drives they take back in.

After the Deathstar debacle I don't know why anyone with half a brain cell
would trust an IBM/Hitachi desktop drive.
--
Michael Cecil
http://home.comcast.net/~macecil/
http://home.comcast.net/~safehex/
Anonymous
a b G Storage
September 10, 2005 7:45:11 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Folkert Rienstra <see_reply-to@myweb.nl> wrote:
> "Arno Wagner" <me@privacy.net> wrote in message
> news:3odq3qF5g6t9U3@individual.net
>> Previously Odie Ferrous <odie_ferrous@hotmail.com> wrote:
>>> Rod Speed wrote:
>>>>
>>>> tfodom@gmail.com wrote
>>>>
>>>>> My proposal to IBM was that I would physically destroy the disk
>>>>> so that data could not be recovered from it. Then, I would
>>>>> return it to them.
>>>>
>>>> Trouble is that anyone could use that approach if they wanted a
>>>> new hard drive that had not failed under warranty but had just
>>>> been dropped etc.
>>>>
>>>>> I guess there is a scenario that I could keep doing this during
>>>>> the warranty period of one year and mangle my way through100 or
>>>>> so jard drives--assuming quick delivery and no objection on their
>>>>> part after "x" incidents.
>>>>
>>>> Or just once after you had dropped it etc.
>>>>
>>>>> Of course, this scenario could be played out on other items
>>>>> that don't carry data on them like a cd-rom drive or keyboard.
>>>>> This is not an issue that's been in the news lately.
>>>>
>>>>> I'm not qualified to determine how to protect the manufacturers.
>>>>> I'm really more concerned how to protect my data from misuse in
>>>>> today's world. Identity theft, as we know it today, is
>>>>> relatively new.
>>>>
>>>> Then you had better learn how to use the security
>>>> feature thats been in laptop hard drives for years now.
>>
>>
>>> It's been possible (also for years) to bypass this security feature.
>>
>>> Not easy, but it can be done. It *is* done.
>>
>> I would have been surprisied if
>
>> it
>
> What 'it' ?
>
>> was not known to the data-recovery community by now...
>
>>
>> My advice is to either do without warranty replacement or to use
>> strong encryption for the sensitive stuff.
>
> A bit late when the drive has died already.

Nope, you use the strong encryption before the drive dies, stupid.

Then whatever pervert gets to see the data
on the failed drive, its still useless to them.

>> Encrypted or no swap is also a good idea.
>
> Whatever that's supposed to mean.
Anonymous
a b G Storage
September 10, 2005 3:11:55 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

BobR <RemoveBadBobR@worldnet.att.net> wrote:
> Arno Wagner wrote in message <3odq0vF5g6t9U2@individual.net>...
>> Previously tfodom@gmail.com wrote:
>> [snip]
>>> While my data was backed up, a lot of the data on the drive they
>>> want returned is probably recoverable.
>>> This raises serious identity theft issues in my mind, despite their
>>> assurances that my data won't be used.
>>
>> [snip] If the drive is not writable anymore your choices are to
>> decline the replacement or risk sending back your data. This
>> is one more good reason to use encryption on sensitive stuff.
>> Arno
>
> I once wanted to test the old 'Color TVs can kill data', so I touched
> a floppy disk to the TV screen. WHAM, no more data, couldn't even
> format it for re-use.
> I know that wouldn't work on the metal cased HD, but what about a TV
> de-gausser? Or, a strong magnet placed against the case and moved
> randomly? Think that would wipe it out?
>
> And what about airport X-ray machines, is that just rumor?

Just mindless pig ignorance, actually. If they did wipe hard drives,
you'd have heard plenty of howling about them having been wiped.
Anonymous
a b G Storage
September 10, 2005 9:23:49 PM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

tfodom@gmail.com wrote:

[HD died and was replaced under warranty. Lenovo requires that the
old drive -- with sensitive data which cannot be erased because the
drive failed -- be returned.

> Now IBM wants the old drive back. I told them I would damage it so they
> couldn't read the data. This is unacceptable to them. It must be sent
> back no more damaged than it was at the time of the crash. The
> representative said they often recyle them.

> While my data was backed up, a lot of the data on the drive they want
> returned is probably recoverable.

> This may be industry practice--I don't know.

It is. Not just in the computer industry; in general if you have a
warranty claim the vendor usually will want the broken item back, either
to repair or to analyze the failure. There's also the issue that vendors
want to avoid being ripped off by users who claim a warranty-covered
failure that never occurred.

This has even more serious consequences in situations where the data on
the disk are classified, and more recently where the data are subject
to HIPAA restrictions. In these situations typically the user either
foregoes the warranty on the disk, or has a pre-existing agreement with
the vendor covering warranty issues of this type.

As a practical matter, it's probable that if they're asking for the
disk back they'll slap on a new circuit board; if it works the disk
will be reformatted and resold; if not it will go to the junk bin.
It's probable (but in no way certain) that nobody will bother to look
at what's on the disk.

In any case, however, given the incredibly low list prices even for
brand-name disk drives, if you're concerned about the data on the disk
being disclosed just forget the warranty, buy a new disk, and take the
opportunity to see how hard it is to completely disassemble the drive.

I had a situation like that a couple of years ago: division management
had lots of salary info on a 10 GB laptop disk that died. There was
no need to recover the data, and it would have been more expensive to
figure out how to wipe the disk than it was to replace it. I disassembled
the drive, scored the platter surfaces, and now pass around the
carcass of the drive when I do presentations to high-school students.

Joe Morris
--
Anonymous
a b G Storage
September 11, 2005 2:21:28 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

"Odie Ferrous" <odie_ferrous@hotmail.com> wrote in message news:43212581.ED6B2CF5@hotmail.com
> Folkert Rienstra wrote:
> > "Odie Ferrous" <odie_ferrous@hotmail.com> wrote in message news:432091A7.F6A24FCC@hotmail.com
> > > someone2 wrote:
> > > >
> > > > Yes, this is an industry wide issue.
> > > >
> > > > Most individuals/companies do not understand their data can be recovered.
> > > >
> > > > IBM will indicate the data would be wiped from your hdd and the technician
> > > > does not have any interest in your data (99% of the time this will be true).
> > > > What if your hdd is lost in transit? What if the technician that works on
> > > > your hdd is in the other 1%?
> > >
> > >
> > > I'm afraid from feedback I have received, it seems there exists a "club"
> > > within certain organisations to see who can find the most sordid /
> > > interesting data on returned drives.
> >
> > And what have you done with that information, Duncan?
>
>
> I'm amazed you should ask that of me, Folkert.

You should well be, Duncan, as 'that' 's not what I asked.

>
> I keep a copy my clients' recovered data for a week or until they
> confirm they are entirely satisfied with it - whichever is shorter.
>
> Then it is erased. Securely, of course.

The question was "And what have you done with that information, Duncan?".

Meaning, what action did you take with the knowledge you received.
Or are you part of that "club".

>
>
> Odie

(Blatant advertizing removed)
Anonymous
a b G Storage
September 11, 2005 11:34:57 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Folkert Rienstra wrote:
>
> "Odie Ferrous" <odie_ferrous@hotmail.com> wrote in message news:43212581.ED6B2CF5@hotmail.com
> > Folkert Rienstra wrote:
> > > "Odie Ferrous" <odie_ferrous@hotmail.com> wrote in message news:432091A7.F6A24FCC@hotmail.com
> > > > someone2 wrote:
> > > > >
> > > > > Yes, this is an industry wide issue.
> > > > >
> > > > > Most individuals/companies do not understand their data can be recovered.
> > > > >
> > > > > IBM will indicate the data would be wiped from your hdd and the technician
> > > > > does not have any interest in your data (99% of the time this will be true).
> > > > > What if your hdd is lost in transit? What if the technician that works on
> > > > > your hdd is in the other 1%?
> > > >
> > > >
> > > > I'm afraid from feedback I have received, it seems there exists a "club"
> > > > within certain organisations to see who can find the most sordid /
> > > > interesting data on returned drives.
> > >
> > > And what have you done with that information, Duncan?
> >
> >
> > I'm amazed you should ask that of me, Folkert.
>
> You should well be, Duncan, as 'that' 's not what I asked.
>
> >
> > I keep a copy my clients' recovered data for a week or until they
> > confirm they are entirely satisfied with it - whichever is shorter.
> >
> > Then it is erased. Securely, of course.
>
> The question was "And what have you done with that information, Duncan?".
>
> Meaning, what action did you take with the knowledge you received.
> Or are you part of that "club".


It goes nowhere, Folkert. Unless, of course, it involves terrorism or
child porn - but fortunately I've never seen that.



Odie
(Blatant advertizing [sic] reinstated)
--
Retrodata
www.retrodata.co.uk
Globally Local Data Recovery Experts
Anonymous
a b G Storage
September 14, 2005 4:56:45 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

"Odie Ferrous" <odie_ferrous@hotmail.com> wrote in message news:4323D011.FCF7F008@hotmail.com
> Folkert Rienstra wrote:
> > "Odie Ferrous" <odie_ferrous@hotmail.com> wrote in message news:43212581.ED6B2CF5@hotmail.com
> > > Folkert Rienstra wrote:
> > > > "Odie Ferrous" <odie_ferrous@hotmail.com> wrote in message news:432091A7.F6A24FCC@hotmail.com
> > > > > someone2 wrote:
> > > > > >
> > > > > > Yes, this is an industry wide issue.
> > > > > >
> > > > > > Most individuals/companies do not understand their data can be recovered.
> > > > > >
> > > > > > IBM will indicate the data would be wiped from your hdd and the technician
> > > > > > does not have any interest in your data (99% of the time this will be true).
> > > > > > What if your hdd is lost in transit? What if the technician that works on
> > > > > > your hdd is in the other 1%?
> > > > >
> > > > > I'm afraid from feedback I have received, it seems there exists a "club"
> > > > > within certain organisations to see who can find the most sordid /
> > > > > interesting data on returned drives.
> > > >
> > > > And what have you done with that information, Duncan?
> > >
> > > I'm amazed you should ask that of me, Folkert.
> >
> > You should well be, Duncan, as 'that' 's not what I asked.
> >
> > >
> > > I keep a copy my clients' recovered data for a week or until they
> > > confirm they are entirely satisfied with it - whichever is shorter.
> > >
> > > Then it is erased. Securely, of course.
> >
> > The question was "And what have you done with that information, Duncan?".
> >
> > Meaning, what action did you take with the knowledge you received.
> > Or are you part of that "club".
>
>
> It goes nowhere, Folkert.

You still don't have a clue of what I just asked, don't you, Duncan.

> Unless, of course, it involves terrorism or child porn -

> but fortunately I've never seen that.

I'll guess that's just one way of saying that you are indeed part of that "club", Duncan.

>
>
> Odie
> (Blatant advertizing [sic] reinstated)
Anonymous
a b G Storage
September 14, 2005 8:18:55 AM

Archived from groups: comp.sys.ibm.pc.hardware.storage (More info?)

Folkert Rienstra wrote:
>
> >
> > It goes nowhere, Folkert.
>
> You still don't have a clue of what I just asked, don't you, Duncan.

Folkert, if you could learn to ask questions directly instead of beating
around the bush (in other words, try to incorporate some sort of sense
in your ramblings) then perhaps you would get better (for you, at any
rate) answers.

Until such time, please stop trolling. I would have thought you above
all that - but I am clearly mistaken.


Odie
--
Retrodata
www.retrodata.co.uk
Globally Local Data Recovery Experts
!