US-CERT: ST18-005: Proper Disposal of Electronic Devices

US DHS US-CERT has new advice, including this excerpt:
ST18-005: Proper Disposal of Electronic Devices

Deleting Data: Removing data from your device can be one method of sanitization. When you delete files from a device—although the files may appear to have been removed—data remains on the media even after a delete or format command is executed. Do not rely solely on the deletion method you routinely use, such as moving a file to the trash or recycle bin or selecting “delete” from the menu. Even if you empty the trash, the deleted files are still on device and can be retrieved. Permanent data deletion requires several steps. Computers: Use a disk cleaning software designed to permanently remove the data stored on a computer hard drive to prevent the possibility of recovery.
* Secure erase. This is a set of commands in the firmware of most computer hard drives. If you select a program that runs the secure erase command set, it will erase the data by overwriting all areas of the hard drive.
* Disk wiping. This is a utility that erases sensitive information on hard drives and securely wipes flash drives and secure digital cards.

It would be nice if it mentioned resetting system firmware, ensuring no user account  information is on system. The above discussion is all about data on the hard drive. You can replace the hard drive and the firmware data will remain. Then again, if you’re disposing of a system, you may not care if the new owner inherits your bootkits (you probably didn’t know about the bootkits in the first place). But if you’re at the receiving end of second-hand — aka ‘grey market’, used — hardware, you should not trust the firmware, and only accept the hardware if the manufacturer has tools and images to let you restore the firmware back to a known-good-state.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s