Skip to main content

Replies sorted oldest to newest

Art, this is a serious issue. This is no different than hard drives in our computers, laptops, netbooks or anything that uses a HD. They are all storing electronic digital magnetic information. Those that have encryption are not safe if you know what you are doing. These encrypted containers can easily be tapped and opened. If you don't believe me do a little research on computer forensics.

http://en.wikipedia.org/wiki/Computer_forensics

This has been an interest of mine that is quite fascinating to explore. Did you know that if you format a hard drive that the data can still be recovered? There are wipe methods to prevent software recovery and hardware recovery. The dept. of defense has a specific 7 pass sanitize method that Sharp utilizes. That will prevent hardware recovery. However no matter where the hard drive comes from there have been documented cases of reverse engineering to bypass the wipe method. If know the wipe method used. This is why the specific methodologies are top secret and you can customize your sanitation method that is unique to prohibit this reversing process. The maximum security is 35 passes to sanitize the HD. This is based on Peter Gutmanns' paper "Secure Deletion of Data from Magnetic and Solid-State Memory". The method is designed to erase data regardless of disk raw encoding. It effectively removes the magnetic remnants from disk, preventing hardware recovery tools from restoring any data.

I knew someone that had a HD in which they took a sledge hammer to. Broke the HD platters in many chunks & pieces. Guess what? That was not enough. Data was still recovered from chunks that were encrypted.

So the best thing to do is pulvzerize your HD's to dust then you can rest assured everything is gone.

Sharp was the first to address security in digital imaging and received the first Common Criteria Validation for an MFP in 2001. Even today, Sharp remains the highest rated company for validated MFP products, and is regarded as one of the industry's greatest security innovators.
wow, thanx for that!

I thought we were safe with the lastest Ricoh security measures. Are we?

I knew older copiers were very suceptable to getting information, however with recent upgrades with Ricoh products are we safe?

Seems like none of us are safe except for pulverizing the drive as you stated.

How is everyone else handling this?

Is the CBS guy blowing smoke, or are there criminals out there buying copiers just to get access to the hard drives and if so, it's gotta be a hot and miss approach if they get one with real data they can use.

Would like to hear from others also.

Montecore thanx for the excellent review!
Hey all, ServiceGuy raises an excellent point here! Is there a potential liability issue - did we know or should we have known that the HDD on the traded in or shipped back unit MIGHT have had personally identifiable information or other sensitive data on it? Did we take any precautions to prevent compromising that info?
On all current Toshiba copiers with HDD, 128 Bit AES Encryption is offered standard but it has to be turned on by a Service Code. The cost is that it somewhat slows down the copier's performance. In my experience, 128 Bit is rarely turned on when I inform the customer of the trade off. Maybe I should just turn it on in the future and not tell the customer.

The optional DataOverwrite kit is very rarely purchased by small Commerical customers but often by Gov't & Schools.
quote:
Originally posted by Art Post:
I thought we were safe with the lastest Ricoh security measures. Are we?


I've haven't worked in this area in a while, but last I knew, the Ricoh security options were OPTIONS. The multiple overwrite options did not come standard, the customer would have to pay extra to get them.

In other words, if this is a customer concern, you can address it. If however they are only concerned at end of term... options are limited.
I'm fine with sales reps who choose to take on the role of consultant in this area but liable??? I am not seeing that at all. Someone needs to help me understand how a dealer is liable if no promises to wipe the HDD are made. That's like accusing the Tooth Fairy of teaching kids it's OK to sell body parts for money...it just seems like too big of a stretch to me. I see manufacturers being held liable long before a dealer would be brought into the fight but even that is a stretch.
I think the liability enters in when the customer is never informed that the machine is storing copies, and then later the information shows up in a damaging fashion.

In that case, I think a Jury would be empathetic to a customer who says "he never told me it was storing those documents".

Let's pretend I sell cell phones. I sell you a phone, and you use it for 2 years. At the end of your contract, you turn the phone back in to me.

I didn't mention to you that the phone records every conversation you make, and then I sell that phone to someone else and they can listen to everything you've said.

From the uninformed customer perspective, you had no reason to suspect it was recording you all this time, and I imagine you'd be pretty upset with me not telling you.
I think that many used copiers available for resale still have the original dealer sticker on them. This would be the first step a lawyer would take to attach liability.

It seems odd that either 3/4 or 4/4 of the copiers that the CBS reporter picked were Toshiba. Balanced reporting would suggest he should have bought a mix of machines.

It also seems very long odds that 3/4 copiers the data expert examined had large amounts of personal data on them.

The report seems a little contrived to me. The Data Expert has some self interest to promote himself in this piece.
SalesSerice:

I agree! Not only that it seems these were KM machines right? Also if you stopped and paused the video you could see the dates of the documents also. I saw nothing newer than 2008, again I'm thinking not a real big deal, however there could be liability for someone.

The word is out now, it's all over twitter and I believe we'll all now have to answer these questions about security and what happends at the end of the term of a lease.

It may create another profit center for scrubbing, replacing with a blank drive when the machine is returned and then giving theold drive to the customer for them to do whatever they want with it.
this came across my alerts today!!

« How Computer Forensics Firms Market Themselves | Main

April 21, 2010
Going to Ditch a Copier? Think Twice. It May Carry Your Data.
We had an e-mail from the Virginia State Bar's ethics guru, Jim McCauley, asking about an article he had read about how copiers can be gold mines for identity thieves. Indeed they can.

Jim asked John to comment on the issue for a piece Jim is writing. As always, John's information is valuable and generally unknown to many lawyers, so I am including it as today's post. I hope it proves illuminating to readers who may not be aware of this problem. Here's what John had to say:

As with any electronically stored device, data can be retrieved if it is not properly overwritten (wiped) and/or the device does not store data in an encrypted form. I know that many of the Konica Minolta Bizhub copiers store the data in an encrypted form and also wipe the drive area following a print, scan or fax operation. I know that several of the other copier manufacturers have this ability, but it may be an add-on option and not part of the default offering.

I think the best way to maintain confidentiality is to remove the hard disk from the copier and wipe it prior to return or disposal. There may be some problems with this approach, especially if you lease the equipment. Wiping the drive would render the copier useless since you would also remove any operating system that resides on the disk. I would check with the lessor prior to starting any manual wipe effort. Obviously, it’s a real problem if you are leasing a copier that doesn’t automatically wipe the data like the Konica Minolta AND the lessor wants a functioning machine upon return. Perhaps the only choice in that case is to purchase the machine and then wipe the disk.

I’m thinking that it is a best practice to wipe the drive prior to disposal if you own the machine or make sure that you have a model that wipes the data after each job.

John's advice is sound and many lawyers, unaware of this security concern, simply buy or lease copiers without ever considering the issue. Ditto when they go to dispose of the copiers. Yet another way for data to leak out of a law firm . . . .
quote:
Originally posted by Art Post:
copiers can be gold mines for identity thieves. Indeed they can.


Well.... not really. I do agree there is a "concern" about your info left on the copier. However, the vast majority of copiers will have little or nothing of value and it'd take me a significant amount of time to determine if the copier had anything worth taking.

Give that I'd have to pay at LEAST $300 (as in the CBS story) for just the CHANCE to find out if there may be some shred of info there, I think it's very doubtful any identity thief would pursue this.

Even if they did, it would never match the amount of data stolen directly from companies through various forms of hacking/social engineering.

I also agree with SSG. Not much chance that you'd buy 4 machines at random and then find out that you hit the jackpot with a police sex crimes division, a health care company and an architecture firm with plans of a building near ground zero, all on the day CBS decided to follow you with a camera.

I'm thinking he had to know up front where they came from and picked them for that reason.
Certainly not to come across as a conspiracy theorist (although that can sometimes be fun, too), but didn’t the video show that return shipping paperwork was lying on the platen glass on at least one of the copiers purchased? I wonder how many copiers in that NJ warehouse have shipping paperwork attached or simply lying under the ADF. Wouldn’t an identity thief looking to purchase a copier be able to browse the NJ warehouse looking for shipping paperwork from financial institutions and turning down copiers being returned from “Mom & Pop” businesses?

The plot thickens…
Perhaps the take away on this is that we all should be notifying customers of the potentiality and offer to mitigate that with DOSS and Encryption, for a fee of course, if they so choose. They were warned though I seriously doubt we've heard the end of this knowing attorneys can find fault wherever they look.
I have seen statements on return forms from lease companies that state that the leasee is responsible for securing data that may be on the HDD.

Regarding the show, CBS producers get paid to make reports for "good TV". I heard about this HDD concern a few weeks ago in an early morning "tip" from Clark Howard on CNN a few weeks ago. I Googled it at the time and found a print article. I think that the concern is valid but I think that it probably the hard way to find personal information. As the producers of the show likely did, you have to first find the machines amoung thousands to find the machines that might have a HDD containing what you are looking for.
I have 21 machines (mpc3500) to be relocated to another acct. Don't want to purchase new HD(s) or DOSS options, can something be done like put them in a computer and run some of the utilities that do the multiple overwrites of various bit patterns to feel fairly confident that the existing data is impracticable to recover. Or as one person suggested run large enough documents with grey pages in each function scan, print, copy, fax to fill the hdd with such images.
I bet a product engineer/programmer could write a program to take care of this.
Here is a letter that management shared with us in our Monday morning sales meeting regarding the security of Ricoh hard drives. It is at least good to know that anything on the HDD is in a proprietary format.

I don't think the difficult thing is going to be to make our RFG customers feel at ease that their data is not compromised. The real challenge will be addressing the concerns on competitive systems that clients want us to send back to the leasing company for them. Of course, that is also where there could be a potential revenue stream.

Attachments

I have added the following line item to all my Service Contracts going forward. Hopefully, it covers me.

"7). All current model copiers equipped with a Hard Drive, will have the included 128 bit AES Data Encryption feature turned on upon initial delivery. This reasonably protects the confidentiality of any customer information stored on the copier’s Hard Drive, in case that Hard Drive is replaced or the copier is eventually disposed of. It is the customer’s complete responsibility to manage their Hard Drive’s information security upon disposal. Initial ____ "
Last edited by SalesServiceGuy
I would be most concerned about brands that do not use proprietary compression systems but use variations of Windows. The brands that the show used are probably the most vulnerable.
I agree with JasonR, removing the HDD and overwriting it would be a reasonable solution, or simply charge the customer a fee equal to the price of a new HDD or about $100 and hand the old HDD over to the customer before the machine is picked up seems reasonable to me.
Simply handing over a copier's HDD removes the OS within the copier making it unuseable. Plus there is some labour to remove the HDD and reload the firmware onto it. At least $200 - $300.00 total vs turning on 128 Bit AES Encryption at the start - Free.

Going forward, we format the HDD on all of our own brand copiers we remove. For competitors brands, where we do not know the Service Codes, we can only inform the customer of the risks.
I talked to an IT Manager today who told me that if you format a HDD immediately twice in a row, it effectively destroys all useable data on the HDD.

Most HDs store data in two parts. The Security Key and the data. Some Data removal software programs only remove the security key.

I am told this is like removing the Index from a book and scrambling up the book. The data is still there but needs to be rebuilt.
quote:
Originally posted by SalesServiceGuy:
if you format a HDD immediately twice in a row, it effectively destroys all useable data on the HDD.


Well... Here's the deal. There are two levels of "Format". The most common "quick" format does not actually delete the data, it just forgets where the data is. That data can then be recovered by readily available software.

A "low level" format actually writes over the data. Formatting a HDD a single time this way "effectively" destroys the data.

The problem arises due to the fact that all this "writing" is actually placing + and - charges onto a metallic disk to represent 0 and 1. Even though the disk has been formatted and all the data now says "0", very sophisticated software can actually tell if it was a 1 before. It does this by detecting tiny differences in the amount of electrical charge, though the effectiveness of it has been in dispute.

Here's a good article about this.

Encryption is totally different. In Encryption, the data on this disk is scrambled and you need a key to unscramble it. Losing or deleting the key means the data is "Effectively" destroyed, however, the strength of the encryption comes into play.

If 128-bit encryption was unbreakable, why would 256 and 1024 bit encryption exist?

Still, this is only a concern for spies and nuclear physicists. for "normal" business, one real (not quick) format or ANY encryption would prevent a casual snoop.

Add Reply

Post
×
×
×
×
Link copied to your clipboard.
×
×