Regarding the below paragraph: I am not too sure that any hard drive, even one that
contains your password protected operating system, can't just be plugged into any
other computer with a similar bus (EIDE, SCSI, etc.) as a second drive and just
directly accessed, irrespective of the file structure, providing of course that the
host system understands the file structure (FAT16 vs FAT32 vs NTFS, etc.).

For example, I am typing this on a system that has a dual boot capability for
booting either Win98 or WinNT. This is an older system, and I use it now primarily
for email and the web access, so that my other systems which I do all of my work on
are isolated, to some extent, from viruses and other types of attacks (he thinks),
which would cause me a lot of problems with the data on my work machines. Anyway,
the point is that I have a ton of email folders containing a lot of email "archives"
on this machine, so much so in fact, that I have had to move several of my larger
email folders over onto the WinNT drive (which is only FAT16), and my currently
running operating system (Win98) never blinks an eyelash accessing the WinNT Drive.
Now it is true that Win98 cannot read NTFS, and that WinNT cannot read FAT32, but I
am not sure that that applies to newer operating systems such as Win2K or WinXP. In
the worst case scenario this may only mean that you would have to try to access the
"hard drive" with each of these respective operating systems running on the host
system.

The point I am bringing up is that I do not think that any of the current operating
systems, even when installed on a stolen hard drive, will prevent accessing that
stolen hard drive when it is plugged into another system as a second or third (or
any other) hard drive.

It is interesting to note that virtually any of today's computer systems will reveal
what operating system(s) is (are) installed on the computer during the "boot"
process (and thus identify the drive file system), long before it gets to any
"logon" or "password" dialog box.

At the other end of the spectrum, if we are dealing with the type of people who
steal a Laptop because they are doing industrial or international espionage, people
that are really after the "data" on your Laptop, it doesn't matter too much how your
system is protected, since they have the hardware and software resources to get at
your "data" bit by bit and byte by byte if necessary, even if you think that you
have erased the data.

That brings up another topic:

I have been trying to find a program that will "overwrite" all of the "erased data"
on my hard drive, but only the "erased data", and not anything else.

I thought I had located one from "Ontrack", which I purchased, only to find that it
will only overwrite your entire hard drive (which some people and IT Departments
like to do when the get rid of a system) such that "all" of the original "data" is
overwritten.

I can't seem to find a program that will just "clean up" the "residual data" in my
"empty" and otherwise "erased" file area on my hard drive.

I wrote a program in BASIC back in the early days of the IBM PC that would do this,
simply by opening a file, and then continually appending to that file in a loop that
would write a 512 byte block of data that had some text in it to the effect of " * *
* THIS DATA INTENTIONALLY OVERWRITTEN * * * ", until I would finally get a "Disk
Full" error, at which time the program would exit out of that loop to an Error
Handling routine that would first close the file, and then erase the file, leaving
the whole disk clean from the perspective of "residual data".

I have often thought of trying to track that early program of mine down (I know that
I still have all of the disks that it would be stored on), and revive it a bit, and
add a "buffer" cleaning ability to it, which would copy every file on the disk to a
temporary file, one file at a time, and then copy it back into it's original
location, where the file would be copied into this temporary file, block at a time,
where it would only read the original file up to the point defined by the specific
"size" of the file as actually detailed in the files "directory entry", such that
any leftover "data" that is remaining in the file "buffer" after the last byte of
the actual file has been written, would be cleared out and overwritten (possibly
with "FF's" or "E5's", or whatever).

Many people do not realize that many if not all of today's Computer Software
Applications, such as MS Word for example, and virtually all of today's Operating
Systems, all use "buffers" to "read" and "write" any "data" to the disk, a "block"
at a time, and that that "block" is built up in a "buffer", and that that "buffer"
is continually "re-used", and that it is usually never "cleared", and will almost
always contain "data" from whatever was previously "written" to the disk, such that
many, if not most of the files on your disk will have "extraneous data" appended to
the end of your files (to round it up to the next "block" or "cluster" size), which
was left over from some other "letter" or whatever kind of "data" that was
previously read or written.

A great example of this happened to me at a company I used to work for, which I will
not name (since I know that some people still at that company are members of this
list). At the time, every system in the company was on a network, for email (Lotus
Notes) reasons, but not every system had a full distribution of standard software,
such as MS Office, or even MS Word installed on it. Well, one day we all got an
email from the President of the company, about some short announcement of some kind
as I remember, that was distributed as an attachment, where the actual short message
was written in MS Word. Well, my computer did not have MS Word on it, and when ever
I got an attachment in MS Word format, I simply used to load it using "DOS Debug"
from the "DOS Command Prompt", and scan thru the whole thing to read it. The funny
thing here is that "Debug" lets you look at the whole file, much of which is garbage
about where the file came from and where templates are located, and other such stuff
about the file system of your computer (along with a lot of stuff in hexadecimal),
from which you can actually deduce which computer the file was actually written on
among other stuff, but more importantly it also contains several large buffers that
actually contained a majority of the previous large document that was written by
that same person. This "previous document", most of which was still contained in the
internal "buffers" that MS Word for some reason actually contained in the actual
".doc" file (possibly for "backup" or "undo" purposes), contained some very
sensitive and highly confidential company data, that was distributed to everyone in
the company, and also some people outside of the company, without their even knowing
it. Well, I printed it all off, and took it to the President and showed him what was
embedded in the MS Word Document that his secretary had unwittingly typed and
distributed, just after the previous document she had done which was for "division"
level "management's" eyes only, and explained how and why it happened. Well, this
was a very large company, which was a division of a large world wide mega size
company, which collectively spent millions of dollars on Microsoft Software each
year, and you better believe that it hit the fan, and I understand that it was taken
all the way to "security" at the top of the company, which took it to Microsoft
themselves. I never did find out what happened after that except that I understood
that that particular President wrote all of his own emails directly without MS Word
after that incident. Interestingly enough, I just loaded a ".doc" file written in MS
Word format from Office97 on this system that I am typing this on, and the problem
is still apparent, so I don't think that Microsoft did anything about it.

Oh well, now that I have made everyone "paranoid" about that document that they just
sent out as an email attachment, it's time to get back to the drawing board.

JaMi

PS. To try this out on your current system, just go to the "DOS Prompt" or "Command
Prompt", and then type "debug filename", where filename is the name of the file you
wan't to load, and then at the "-" prompt type "d 0" (d space zero) and then enter,
followed continually by "d" enter, until you want to exit, which requires "q"
followed by enter, and then to get out of the "DOS" mode, type "exit" followed by
enter.

* * * * * * * * * *

----- Original Message -----
From: "Brooks,Bill" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Friday, October 22, 2004 8:56 AM
Subject: Re: [DC] Warning... when attending events


> Hi Karl,
>

<snip>

>
> Fortunately my Laptop has a password on the login so it may take them some
> time to get into it if they are amateurs, but I hear that if they are
> professionals it's not that difficult for them to run a program on the
> computer that replaces the passwords with their own and then get access into
> the hard drive. I have a lot of personal data, website development, work I
> have done for clients, files from the community college where I was
> teaching, family photo's presentation materials, and the book I was working
> on for PCB design... it's a huge loss. Years of work gone...
>

---------------------------------------------------------------------------------
DesignerCouncil Mail List provided as a free service by IPC using LISTSERV 1.8d
To unsubscribe, send a message to [log in to unmask] with following text in
the BODY (NOT the subject field): SIGNOFF DesignerCouncil.
To temporarily stop/(restart) delivery of DesignerCouncil send: SET DesignerCouncil NOMAIL/(MAIL)
Search previous postings at: www.ipc.org > On-Line Resources & Databases > E-mail Archives
Please visit IPC web site http://www.ipc.org/contentpage.asp?Pageid=4.3.16 for additional information, or contact Keach Sasamori at [log in to unmask] or 847-615-7100 ext.2815
---------------------------------------------------------------------------------