Keeping personal details personal in the Digital Age

October 5, 2015 by Chris Marr, Sciencenetwork Wa, Science Network WA
The memory cards concerned are those found in devices such as digital cameras, mobile phones, tablet computers and even in some printers. Credit: raymondclarkeimages

Users of mobile phones, tablet computers and other devices with a memory card—that being practically everyone these days—risk having their identify stolen if they don't securely erase their personal data.

That is the message promoted by Edith Cowan University computer security lecturer, Patryk Szewczyk at a recent public lecture.

Mr Szewczyk and his colleague Krishnun Sansurooah have spent five years researching the secondhand market for memory cards which can be purchased on websites like eBay, and the kind of data that can be retrieved from the cards.

The memory cards concerned are those found in devices such as digital cameras, mobile phones, and even in some printers.

They found over the last couple of years that if the seller suggests the card may contain , the price goes up by around fifty per cent.

Mr Szewczyk said this suggests there are people out there specifically targeting such cards to try to gain personal information.

"Since no other research projects have been identified, the inescapable conclusion is that the buyers of these cards are intent on identity theft," Mr Szewczyk said.

He said the end user has not been educated about securely destroying digital information, which has led to inadequate data deletion.

This means personal details can be recovered using software that is easily obtainable, simple to use, and free, even if the files have been deleted.

Simply deleting a file only removes the pointer to that file, it does not remove the data itself, which can be pieced back together by the recovery software.

Only certified programs ensures data can never be recovered

A secure wipe of the memory card using software proven to do the job thoroughly every time, is the only sure way to erase the data.

Properly used, software such as Active@ Killdisk (for a Windows/Linux environment) or the "dd" command with appropriate parameters (in the Linux/Unix environment) will ensure the data in will never be recovered.

Mr Szewczyk noted that in one year just thirty per cent of the cards had been properly erased—this was the best result compared to cards surveyed in the other four years.

In many cases there has been no attempt whatsoever to erase the data.

During the project they recovered photographic images including sexualised selfies, images of (both sides) and passports, resumes, tax receipts, bank statements, employee payslips, company letters, client lists plus online authentication credentials for bank accounts, eBay, Paypal and Facebook accounts.

Explore further: JPMorgan to convert Chase cards to chip technology

Related Stories

JPMorgan to convert Chase cards to chip technology

May 12, 2015

JPMorgan Chase will replace all of its customers' debit cards with more secure chip-based cards nationwide, the bank said Tuesday, and expects to have chips on 70 percent of its debit cards by the end of 2015.

Here's why Americans are getting new credit and debit cards

October 2, 2015

The battle against credit card fraud is inching forward. As of Thursday, the liability for fraud committed using traditional MasterCard and Visa magnetic-stripe credit and debit cards will shift from banks to stores. The ...

30C3: SD card tricks can deliver MITM attacks

January 1, 2014

(Phys.org) —This year's 30th Chaos Communication Congress (30C3) in Hamburg from December 27 to December 30 carried numerous informative presentations, including a reverse-engineering story about SD cards, which two investigators ...

Recommended for you

Google braces for huge EU fine over Android

July 18, 2018

Google prepared Wednesday to be hit with huge EU fine for freezing out rivals of its Android mobile phone system in a ruling that could spark new tensions between Brussels and Washington.

EU set to fine Google billions over Android: sources

July 17, 2018

The EU is set to fine US internet giant Google several billion euros this week for freezing out rivals of its Android mobile phone system, sources said, in a ruling that risks fresh tensions with Washington.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.