TechByter Worldwide

If you enjoy today's article, please share it!

Program Date: 26 May 2013

How to Give Away or Sell a Computer or Hard Drive (Safely)

You'd be surprised by how many people, when they sell an old hard drive or computer (or give it away) do nothing to safeguard the information on the hard drive. There are several things you can do to remove the data from a hard drive, but only one of them actually does remove the data from the hard drive.

So those are the options that won't work. I said there's one that will. Actually, there are two, but you're not going to like one of them. I'll start there.

Here's How DiskWipe Works

To illustrate the process, I used a 2GB thumb drive and that brings up another point: If you're planning to sell or give away old thumb drives or flash cards from your camera or other device, these should also be cleared.

Click for a larger view.No installation is required, so you can place DiskWipe on a thumb drive or copy it to any location and run it from there.

After starting the application, I selected the thumb drive because that's the drive that I wanted to wipe. The interface is simple and easy to use. Just select the disk and click Wipe Disk.

Click for a larger view.But first you might want to see what's on the disk. In this case, I had formatted the thumb drive with the quick-format option. Prior to being formatted, the device contained 2 executable files and another file that would not have been human readable. Executable files do contain some text and this text is clearly visible even though the thumb drive had been formatted.

Click for a larger view.DiskWipe will detect the disk's current file system (NTFS=NT File System, FAT=File Allocation Table, and FAT32=32-bit File Allocatioin Table). You can leave the existing file system in place or select one of the others because DiskWipe's first action will be to format the drive. Depending on the size of the drive, this could take several minutes or several hours.

Click for a larger view.I selected the one-pass ("quick") option, which took about 1 hour and 20 minutes for a 2GB thumb drive.

If you believe that really determined crooks might get their hands on your drive, use the 35-pass Peter Guttman process, which is shown as "extremely slow". Based on a nearly 11-hour process for a 500GB drive using the 1-pass option, I would expect a 35-pass option to take approximately half a month.

Click for a larger view.The application will display the name of the disk and its letter for your confirmation and you'll be required to type ERASE ALL to continue.

Click for a larger view.Just to be sure, you'll have one more chance to cancel the process without proceeding. Once you click OK, the data on the disk will be in the process of being turned into toast.

Click for a larger view.At the conclusion of the process (1 hour 20 minutes), you can view the data on the disk.

What this image shows is the boot record, followed by random data. There is no longer any useful information that can be retrieved.

5 CatsDiskWipe is a Free Disk Clearing Application

The computer, disk drive, thumb drive, or flash memory card that you take out of service and want to sell or give away still contains data, maybe data that you don't want anyone else to have. DiskWipe is easy to use and free. It's not fast, but no application that deletes all data from a disk is fast.
For more information, visit the DiskWipe website.

WTOP and Federal News Radio Hit By Malware

According to the Department of Homeland Security/Computer Emergency Response Team (CERT), Washington DC radio station WTOP and Federal News Radio websites were infected with malware but as of late last week, the malware had been removed. CERT says that the exploit would affect users of Microsoft's Internet Explorer on computers where Adobe Reader, Adobe Acrobat Pro, or Oracle Java had not been updated.

The compromised websites were modified to contain a hidden iframe that referenced a JavaScript file on a dynamic-DNS host. Note that Oracle's Java and the scripting language JavaScript are not related in any way. The file loaded on victims' computers was what's called the Fiesta Exploit Kit, which uses several known vulnerabilities to attempt to download a file that will install malware on the computer.

The following descriptive links were provided by CERT:

Any systems visiting running Internet Explorer and vulnerable versions of Adobe Reader or Acrobat or Oracle Java may have been compromised.

WTOP General Manager Joel Oxley said that getting the websites back up and running safely for all users has been the organization's top priority. "We take our users' privacy very seriously," he said, "and we have taken steps to prevent similar occurrences."

The WTOP website noted that both sites were temporarily limited to browsers other than Internet Explorer "to allow for a careful examination of how site security was compromised."

The exploit kit that was used delivers and executes a known variant of the ZeroAccess Trojan and reportedly also downloads and installs a variant of FakeAV/Kazy malware, one of those pop-up antivirus warning scareware applications that are so difficult to remove.

Next, the ZeroAccess Trojan would attempt to communicate with one of two hardcoded command-and-control IP addresses using an HTTP GET procedure and reporting itself to be the Opera browser, version 10.

As a final gift to the victim, the malware downloads a custom Microsoft Cabinet file (via UDP on port 16464, if you're interested) from its peer-to-peer network. This cabinet file contains several lists of IP addresses and a fake Flash installer.

WTOP writes on its website: "Computers infected with the malware may display a pop-up message indicating that the computer is infected with a virus." This pop-up should be regarded as fake if it prompts the user to click on a link that goes to a website the user doesn't recognize. "This fake website offers security software for sale and prompts users to provide personal information, including credit card numbers. Users should not provide information, if prompted to do so," the site said.

Most up-to-date anti-virus programs would probably have recognized the threat and blocked it, even when the browser involved was Internet Explorer.

Short Circuits

Grilled Apples in Washington

This week the Senate asked Apple CEO Tim Cook about the company's tax strategies. You may recall the report from a few weeks ago that cited Apple's plans to sell $100 billion worth of bonds even though it has $145 billion in cash. It seems that the $100 billion that Apple couldn't use was unavailable because it wasn't in the United States. The $100 billion turns out not to be liable for taxes in any country on the planet. And it's all legal.

The money is in Ireland and Irish authorities say they did nothing wrong, which is what Cook said of Apple's practices.

Apple isn't alone. Continuing not to be evil, Google generated $18 billion in Britain between 2006 and 2011. Taxes paid to Britain: $16 million. In numbers that people like us might understand, that would be like charging $16 worth of tax on an $18,000 purchase. It's a rate of about 9 tenths of one percent.

Amazon's European headquarters is in Luxembourg, which allows it to minimize taxes in Europe, but it also makes it possible for Amazon to reduce its US tax rate to a rate of about 5.3%. You'd probably like that rate, too. Good luck getting it. The IRS suggests that Amazon owes the US Treasury about $1.5 billion; Amazon disagrees.

Calling the US corporate tax code "broken" seems to be an understatement but with the current climate in Washington, it's unlikely that anything will change.

Although Apple is headquartered in California and run from California, it maintains a shell operation in Ireland. That shell has no employees, but most of the company's profits are held there. The US considers it a "foreign" company. Because there are no employees in Ireland, that country's taxing authority also considers it to be a "foreign" company and the money isn't taxed.

Cook told senators that Apple pays every single dollar of taxes that it owes and that it's been using the same process since 1980. He stated that the procedures make Apple more "efficient" and is not intended as a "tax avoidance" strategy.

PayPal to be in 2 Million Stores Soon

You can pay for your RadioShack purchases with PayPal. That was a big win for PayPal because RadioShack has a quarter of a million stores. The two companies signed the deal last month and PayPal intends to quadruple that within the year. PayPal head David Marcus says other deals are in the works.

PayPal now has 128 million registered users, picking up 5 million new users between January and April of this year. PayPal's overall growth has dropped drastically, though, from 32% to "just" 18%. Most companies are delighted with 5% growth and anything over 10% is worth of a corporate celebration, just to put those numbers in perspective.

PayPal wants to offer more than just online payments and the goal is to couple PayPal payment options with smart phones.

Lots of Changes for Online Music Services

Google launched its online music service last week via the Play Store and competing services are updating their services. Whether this is because of Google's move into the market space or as part of planned, ongoing changes isn't clear. Internet businesses frequently change their operating practices regardless of competitors.

Pandora has added a new "Premieres" station offers the latest albums and actually makes them available for listening a week before the music is available for sale. John Fogerty's new album, Wrote a Song for Everyone, is available but it doesn't officially debut until the end of the month.

If you're a Pandora subscriber, search for "Pandora Premieres".

I had considered subscribing to Google's service ($8 per month, or $10 per month if you wait until June to subscribe) but decided against it because the results are not good on slow connections such as the one available on the public network at the office. With nearly 30,000 selections to choose from on my home computer, it seemed unlikely that I would need an online service there.

Spotify will start publishing a list of the most-streamed songs and most-shared selections on its service. The Top 50 lists will include links that will allow users to stream the tracks without logging in. In fact, no Spotify account is needed to stream those selections. Spotify has about 24 million users, of which about a quarter pay for the service. By comparison, Pandora reports 70 million users. No figures are available for Google's service yet.

And Last.fm has added 90,000 music videos to its service. The videos are from MUZU.TV and currently is available only in Europe. Last.fm says other countries will soon have the service, but hasn't explicitly promised that the US is covered by the term "other countries".