3

I was working on a project which contained very classified information. I am now planning on using the computer for personal work but I'm worried that replacing the HDD won't be enough. Is there any chance that any data or data 'dust' could be stored elsewhere other than the HDD?

Would replacing the HDD be enough to assume the computer is safe to use with no risk or should I just torch the whole thing?

techraf
  • 9,141
  • 11
  • 44
  • 62
Alex T
  • 31
  • 1
  • If the information you worked on was "very classified", why don't you consult with the people in charge of ensuring the security of that information instead of asking random strangers on the Internet? – user Dec 13 '16 at 15:21

2 Answers2

2

There are instances where malicious software can persist elsewhere than the main storage drive - it can rewrite device's firmware (BadUSB, etc). However when dealing with trustworthy software like a standard OS, text editor, etc, wiping the hard drive will be sufficient.

Ask yourself - why would legitimate development software ever store some data on system firmware, USB device firmware, etc?

André Borie
  • 12,706
  • 3
  • 39
  • 76
1

A good reference will be how Guardian's computers holding Snowden data were destroyed under the supervision of GCHQ. Guardian video and The Intercept analysis.

picture

As you can see from the picture above, apart from the hard disk, a large number of chips were removed. Apparently, the theory is they could be "imprinted" if the same data frequently go through the same pathways.

Whether you believe this is true and if this is worth it is up to you.

However, one thing that has been demostrated is that any device with its own persistent storage (BIOS, firmware chips, etc.) can be used to storage and exfiltrate data.

Quote from The Intercept:

The track pad controller, they said, can hold up to 2 megabits of memory. All the different “chips” in your computer — from the part that controls the device’s power to the chips in the keyboard — also have the capacity to store information, like passwords and keys to other data, which can be uploaded through firmware updates. According to the public documents from other members of Five Eyes, it is incredibly difficult to completely sanitize a device of all its content. New Zealand’s data deletion policies state that USB memory is only destroyed when the dust is just a few millimeters in length. “This wasn’t a random thing,” said Tynan, pointing to a slide displaying a photo of a completely destroyed pile of USB chip shards.

billc.cn
  • 3,852
  • 1
  • 16
  • 24