This is either a general question or a great debate, but since
it is more likely to become a debate, I’ll post it here.
I was reading another post about people getting arrested for kiddie porn, and I began wondering, how long does information stay on your hard drive after you have deleted it.
And also, if you get your computer repaired and they run across some questionable files that you deleted, can you be charged with possession (I don’t have any cites, just word of mouth that this happened). Would this be an invasion of privacy. The technition in my opinion has no right to look
at anything on your computer that’s not related to repairing it.
And also, can you be arrested for something that you had in the past but don’t have access to?
Now you could say that if you downloaded illegal images you lose your rights to privacy, BUT what about the computers that do not have anything illegal on them? I know that I have some personal information on my computer. Songs
and lyrics that I wrote, an unfinished novel, love notes to my wife, etc. that I don’t want anybody to see. Just because they occasionally run across something,
does that give them the right to go rummaging around your personal bussiness?
Also if you speak out about this, people will put you on the side of the pedophiles (sp?).
when you delete a file the directory entry is marked as unused and the data is still there. that is why it is possible to undelete. even if the directory entry is overwritten, special software that scans the disk can retrieve information. i have heard that data has to be overwritten 10 times before it is totally unrecoverable. of course the disk has to be taken apart and special equipment used to get the data. some government agencies deliberately crush their hard disks when they are no longer used.
i know a woman who was looking at an EX-boyfriends computer and found some files talking about her daughter. she went ballistic. be careful what you write and who has access. does anyone make a word processor with built in password scrambling. LOL!
Dal-timgar is pretty much right about this. When you delete a file, all you’re doing is erasing the part of the disk that prevents other data from writing over it. (The fat, or file allocation table.) The data is still there, and if you don’t add anything to your drive that overwrites it (installing/defragging/downloadin/creating files or even editing existing files can do this), the information is still there, although your drive pretends not to see it. So when the gov’t decides that you’re a menace to society, they’ll kick down your door and send your hard drive to their labs for examination.
What dal isn’t quite correct about is about the overwriting part. Once data is overwritten, it’s gone forever. Hadr drives today are too sensitive to allow for “ghosting”, or residual images (like you get on an old tape that hasn’t been played in years). So, once over-written, there is virtually no trace of your trangressions.
The problem Dal might have meant to say is that even though you might copy stuff over the spot that you think the pics were hidden, peices of that pic may be scattered around your drive. From these peices, if there are enough of them, or the peice is large enough, the investigators can rebuild what information you had stored. In this case, it may take you 10-20-100 tries to fill up your drive before your computer overwrites the offending sectors.
This problem is worst with windows. While all computers tend to scatter files, most OS’s will generally try to optimize their placement to take the least space. Windows just puts stuff wherever. There are programs you can install that will allow you to erase not only the FAT entry, but will automatically overwrite the sectors for you.
The better solution is to get a hobby and find something more productive to do with your time, IMHO.
It stays on there forever, or until you have overwritten it enough times that is is no longer recoverable.
**
Since the technician is not a government agent, laws against illegal search do not apply to him. He can look at what he wants. If he then reports illegal content to the law, they can get a search warrant based on his report.
Also, files CAN be recovered even though they have been overwritten by using certain very expensive methods that are able to pick up magnetic traces directly off the drive.
This isn’t correct (unless things have changed substantially in the past year or so.) When a part of the disk is rewritten, it doesn’t hit exactly the same part of the disk; it’s a tiny, tiny bit out. Using extremely sensitive devices, it’s possible to read previous levels of data that were stored, and therefore recover previously deleted and overwritten files.
The good news is that that kind of kit is very expensive, and it’s only likely to be used if you’re some kind of threat to your country. I don’t think your porn collection qualifies (at least, I hope not!)
I’m willing to be corrected on this if indeed things have changed recently.
disk over-writing program such as PGP disk this isn’t a problem. Doing a compress, followed by a free-space-erasure using PGP or possibly Norton Utilities will prevent anyone from recovering information. You need to set the number of erasures to 10 or more though and have a LOT of free time on your hands if it is a big hard drive.
The bit about techs seeing things is going to happen if the files are there and not encrypted, it’s called “custodial curiousity.”
Seriously though, I would recommend you encrypt anything you don’t want someone to see. Get PGP to do it with as this uses peer-reviewed encryption algorithms and is considered extremely safe in the industry.
One thing to watch out for though is the encryption keys. If you have encrypted data and some tech or accident on your part destroys those keys, that data is gone. Even the company that made the encryption software can’t retrieve it for you.
Regards.
Testy.
As an Oh-By-The-Way, I don’t have any financial arrangements with an encryption company. S
Well, as data densities increase, and they get more data onto each platter (for God’s sake, they have 80GB drives now as opposed to 6GB a few years ago), won’t the recovery of those trace bits become harder and harder?
All of this erasing is irrelevant. Why? Decause windows keep a log of every site you went to, and many things you did on a particular computer. One of the log files is USER.DAT, usually located in the windows folder or Administrator folder. It is a real SOB to replace this file with a ‘clean copy’, without ruining your system, but it is posible. There are other log files, fromother programs. Only way to truly get rid of those files is to re-format and reinstall windows.
Yes, it will and has. I remember reading something written in 1996 describing how to build your own data recovery system, using a PC as a controller (I found it yesterday on the web, and now I can’t! Argh!). I very much doubt this would be feasible now (anyone done it just to prove me wrong? ).
That’s why I mentioned earlier that the equipment to do it is very expensive, and it’s unlikely that anyone would go to all the trouble if the data has been overwritten more than once. IIRC, the maximum that can be recovered at the moment is about 10 overwrites, so Testy’s method would work.
But then, they would say that, wouldn’t they?
Capacitor: Yeah, but I don’t think you’d be using Windows if you really wanted to keep your stuff secure.
I still say go with full encryption if you really need it secret…and remember to burn your hardcopy…
