Agent 001 leaves no trace

Friday, 15 January 2016 by Sam Wiltshire

“Paranoia's the garlic in life's kitchen; you can never have too much.” - T. Pynchon

The amount of electronic information out there is overwhelming. You might think that your data is a safe needle in this haystack, but you’d be wrong. Malicious hackers would do anything to get it — your infrastructure, your online identity and your company’s confidential data are tasty morsels for their ilk. That’s why they’re so dangerous. If you use information technology for any purpose, you need to be a little bit paranoid — know how to disguise your identity, how to encrypt your communications and stored data, but also how to effectively destroy it forever, so that it won’t ever be used against you. You need to know how to leave no trace!

An IT expert could find things on your hard drive that you had no idea even existed — and so could a cybercriminal. Many of those things you might never wish for anyone to see. To be honest, I would bet that even a newbie ‘hacker’ could find out more about you than you were ever prepared to disclose. All that’s needed is a bit of know-how and an opportunity. Does this mean that you’re defenceless? Of course not — all you need is to know what to do.

Woody Allen said: “Just because you're paranoid doesn't mean they're not out to get you!” — I completely agree, and I will try to make you just as sensitive to vulnerabilities as I am, because there is nothing worse than a false sense of security, which is really an ignorance of the real and present dangers.

In the next few lessons, I will show you the potential scale of the threat — you’ll see what kind of data gets written into your hard drive and how it can be accessed, what it could potentially be used for, and what errors we most often commit when trying to erase this data. I’ll also show you how to destroy it safely and effectively.

The experiment

Let’s start with an experiment. I want you to do this yourself, using your home or office equipment. You will need:

  1. a used portable data storage device - it can be a flash drive, an SD card, a smartphone or even a portable hard drive (be warned that the bigger the storage of your drive, the longer this experiment will take);
  2. data recovery software. You can find a free one online or use the free demo version of Ontrack EasyRecovery, which you’ll find here:

Download Ontrack EasyRecovery >>

If you’ve chosen EasyRecovery, install it in ‘demo mode’ and follow the instructions to scan your portable storage device. What did you find?

If you’ve used your portable storage device a lot — saved lots of files, written and deleted and overwritten them repeatedly— it’s very likely that you’ll find an extensive history of those actions, complete with entire files ready to be restored. If you’re not the first owner of this device, you will likely find out a lot about whoever used it before you. Does that surprise you? It really shouldn’t. The things that this software is able to retrieve are a tiny fraction of what a professional could find in a lab full of specialist equipment.

Do you know who owns your old laptop, smartphone or desktop computer now? No? Well, you might want to find out!

See you soon!

P.S. If you want to share any questions, doubts or comments about this course you can do so in the comment box below.