2009-02-27

Mister Sloppy's hard drive hygiene hints

Of a recycling eve, I often meet a guy we'll call "Mister Sloppy", due to the perpetual cloud of kitty litter crumbs surrounding him. And because evil geniuses need snappy pseudonyms. And because he refuses to be called the traditional "Doctor Sloppy". Go figure.

Mister Sloppy often carries a computer or two rescued from recycling, because he's wiring together some kind of junkyard supercomputer with which to take over the world. The mounds of grubby beige boxes crammed into his place would confound Michael Dell. I avoid asking exactly what 'ol Slop plans, because the thought of any world run by him horrifies me. He, discretely, eschews details.

But he does tell what he sees on these castoffs when he fires 'em up to wipe off Windows and load his personal homemade Mister Sloppy World Domination Operating System (MS-WDOS). The latest find was exemplary: right on the desktop, two PDFs, each a filled-in loan application form. Birthday, income details, mother's maiden name -- bog-standard identity-theft stuff, really. Not very well hidden in the directories were about a quarter of a sizable hard-drive's worth of pirated MP3s, mostly bad thug rap and Britney's and Christina's (and Bananarama's) sappier stuff. Another quarter-drive was, ummm, educational literature and videos. Or possibly pornography. The rest comprised a truly astounding variety of worms, viruses, trojans, keyloggers, scamware, scumware, pestware and the like. Guess that's what ya get for piratin' dodgy MP3s and porn.

Oh, and a mess of Internet chat logs. Didja know MSN automatically archives a plain-text transcript of every personal text conversation for just any old evil genius to read? Not hard to find, either. The guy who owned this computer apparently had five or seven girlfriends on the hop, judging by the logs. And the photos. He left a startling number of JPEGs of himself, getting slitty-eyed drunk with buddies and appearing to behave somewhat better with young women. I say "appearing" because also in there was a 120-page PDF file disclosing full techniques for boffing one's companion for the evening on the first date, whether she wanted to or not.

Now, Mr. Sloppy has no interest in following any of this up for purposes of penny-ante evil. He has, ummm, far bigger fish to fry.

But I just have to give an advisory shout out to this guy (whom we'll call Pete): PETE! Although the personal information you left hangin' out in the digital wind ironically suggests that you work in a supervisory capacity in a security-related field, I do believe you're insecure (in many senses of the phrase). Don't you know that there's both information and all sorts of free program downloads on that same Internet you so enthusiastically trolled for movies of [redacted] sex and incredibly bad music? That, like, wipe files and hard drives in such a way that interested (or disinterested) snoopers can't read them? Mister Sloppy tells me they're easily available at download sites like this. And this.

Now, certain schools think industrial shredders, shotguns or explosives are the only certain ways to ensure that personal data on hard drives are erased beyond redemption. But I disapprove of firearms, and have better uses for explosives. So, Pete. Next time ya kick a computer to the curb, do yourself a favour, search out one more tiny little download from Bit Torrent, and cover your ass in all senses of the phrase. Because right now, Mr. Sloppy and I know way more about you than is good for any of us. And while he has deleted it to get on with his own thing - you don't know that, do you...?

8 comments:

XUP said...

Eschew .... what a cool word..."eschew obfuscation"... is one of the funniest things I ever read.

zoom said...

Coyote, I think you're onto something. This could be an interesting sideline for those of us looking for alternative ways to generate income...not blackmail, exactly, but post-curb hard drive cleansing preceded by discreet revelations and negotiations with the original hard drive owners.

coyote said...

Zoom, you have a beautiful mind...

coyote said...

Oh.

And I am, of course, shocked - shocked!! - that you would suggest such a thing...

marcelo said...

greetings from Argentine

Milan said...

Darik's Boot And Nuke is good software for addressing this problem.

See also: Secure Deletion

coyote said...

Mr. Sloppy tells me those are both nice resources, and commends your attention to detail.

But he adds, as you have probably noticed, that not getting and using delete software before scrapping the box was only the last of, ummm, Pete's long, compounding series of insecure security decisions. If one may label as 'decisions', in/actions that stem from an apparently utter lack of awareness.

I guess if you don't think to wipe obvious icons off of a desktop, you're probably unequipped to go deeper...

coyote said...

And of course, if you yourself lack technical skill, there are always hired consultants.