Hidden personal info in Windows

[Viking]

I run XP with SP1.
I admit that I have not tried to find those files on my pc, I just assumed the article was right also about XP.

I couldn't resist to dig up some more info, and I found that the article "probably" don't apply for XP. So you're most likely right, Vincent. The article apply more to older Win versions, take a look at this forum.


We shouldn't fear that MS plan to take over the world... they did long ago. An old melody comes across my mind:

He's got the whole wide world,
In His hands,
He's got the Win and the drain,
In His hands,
He's got the every little bug,
In His hands,
He's got the whole world in His hands.

Mr Gates, I dedicate it to you  :-D

Edit: I just had to edit the song

[mikeymike]

The thing that irritated me about the article was that the guy sounded like he had discovered something new and horrifying, and that it really needed shouting about, when in reality pretty much anyone who is well-acquainted with the foibles of Windows is perfectly aware of.  Was the system doing anything nasty "behind the user's back"?  No.

Like Steve Gibson (grc.com), who talks like he invented the port scanner, but his isn't just a basic port scanner, it's a "laser death star shield" or some equally stupid name.  I think this sort of over-the-top security paranoia (IT security is very important, but it has to be kept in perspective, otherwise joe average user will ignore the advice of the professionals) probably started the day someone coined the name "firewall", which has no logical reference to its job.

Viking, don't take this as me criticising you, I'm just criticising the author of the article :-)  And I'm ranting, so don't mind me.  :-)

[Hammer]

Nope, they don't show even if you turn on "show hidden...". Not THESE files. They can not be accessed or deleted by Windows Explorer or Internet Explorer. The only way is by DOS, if you know exactly where they are. You can't even find them by executing the "DIR" command...

Not applicable to WinXP-SP1.

[Waccoon]

Some of those things in the article don't work anymore (or do work, now), because of critical updates.  I empty my cache and history periodicly, and can't find any trace of leftovers on my system, based on that article.

Mozilla has its own privacy issues, too.  No worse than IE, but not much better if you think about it.  Of course, "Open Source" makes it awesome by default, I guess.  Design flaws don't count as bugs and conspiracies, right?

Personally, I'm more concerned about wasted space than privacy, because if anyone REALLY wants to dig up dirt on you, they can -- no matter what system you use.  "Real" mainframes run UNIX, and identity theft is still a huge problem.

Besides, do you think Macs don't have their dirty little secrets?  Isn't Apple the company that started the "You don't need to know" craze?  Even some Linux systems hide things from the user to make them "easy".  There are some things in Mandrake that won't show up in the "normal" file listing.  You need a command prompt to find them.  Nobody complains about that, do they?

Just don't let anyone else use your computer.

[Ilwrath]

Just don't let anyone else use your computer.

Exactly.  Regardless of the OS, there are tons of stuff on computers you don't think about...  Maybe some old keyfiles on Amiga, even?  Seems a few of them have old addresses, phone numbers, etc, in them....

Why would you ever give up possesion of a computer with ANY data on it to someone you don't trust?  It only takes a few minutes to start a data destroyer, and let it grind away for a few hours......

[danamania]

Being a collector of ancient machines, it's quite amazing what kind of stuff is left on the things. Perhaps half of the computers I've bought from eBay have at least had full versions of applications on them, a few have had the complete formatting done, but there's still many with every document (Word, textedit, simpletext, excel, pagemaker, xpress, whatever) the owner could fit on the drive left there for open viewing. Resumes, personal letters, school assignments - the lot.

It's rather interesting to look at the file creation dates of the files on one machine, & see the whole history of its install, from new to the last couple of years when it stopped being used, especially 68000s, cos of the age

dana
--

[Quixote]

Danamania delighted:

It's rather interesting to look at the file creation dates of the files on one machine, & see the whole history of its install, from new to the last couple of years when it stopped being used, especially 68000s, cos of the age

;-) A few years ago, I found an older Apple powerbook at the local Goodwill charity thrift shop.  I bought it mostly for the ROM image, to use with Shapeshifter on my A4000, but I noticed with interest that the original user had left everything on it, including e-mail login data and such.  In her defense, the screen wasn't viewable when I bought it, so she probably wasn't able to do anything with it except to give it away.  I'd just assumed that it was a unique situation, but from your description, it seems that it wasn't.

[mikeymike]

Mozilla has its own privacy issues, too. No worse than IE

I'll take you up on this one.  Sure, no product is perfect, but do you know of any privacy issues in Mozilla?

Compared to the average of 24 unpatched vulnerabilities in IE at any given time...

[macto]

Aside from the age old privacy issue (cookies, referer data, etc.), I am unaware of any problems with Mozilla.  Does that mean there aren't any?  Of course not.

There is a lot of animosity towards Microsoft and their products.  There is also a lot more genuine scrutiny and hysterial media attention because of the wide spread use of Windows.  All ot this means two things: people are more likely to look for problems and more people are going to talk about those problems.

Now I'm sure you can claim that an unknown vulnerability is not a vulnerability because nobody is able to exploit it.  On the other hand, I would suggest it is just as much of a problem — particularly for businesses and governments who may be targetted for proprietary information.  Fortunately, most of us aren't considered to be all that important so no one will invest that sort of time/money/expertise into exploting the problem, but it still leave an opportunity for the vulberabilities to be discovered and later communicated.

[Viking]

In some cases data can be restored on a formatted disk. Also if the disk have been overwritten with 0's and 1's several times.
For the paranoid user, there is only one secure way. The disk has to be removed and annihilated.
(If you consider to do this I'll suggest that you call your doc  :-D )

[macto]

The only secure way to dispose of your hard drive is the do an eight way random write, followed by melting down the entire drive with at least a dozen other units of the same model from an unrelated sources.

Or you can write zeros and give away the hard drive.  Unless you have very valuable information relating to national security or highly competitive products, no one is going to attempt to recover the data.  The potential return is simply too low.  Besides, unless you know the characteristics of the drive very well, it would be impossible to read anything into the hysteresis of magnetic domains.  Keep in mind that drive manufacturers would try to reduce hysteresis in order to improve the reliability of data storage.  If it is even possible in the first place.

[Hyperspeed]

If you wanted to securely sell on your hard disk, wouldn't it be a
good idea to format it then fill it to the max with MP3 so that any
attempt to `hysteresis' (or whatever was discussed) would find the
present data there?

Failing that, format, low-level format, take the platter out and
blowtorch it and then grind the chips with a lathe to make sure they
aren't Eeproms storing secret data!

:-D :-D :-D :-D :-D

The biggest thing people overlook in this day and age is the common
CDR...  people back up to a write-once medium then all their files are
stored on a disc with extreme error-protection.

A CD can often survive more than a hard disk platter!

Personally I would avoid backing up to CDR.

;-)

[Chunder]

[Erwin-K]

A few years ago I found a RocHard A500 ram & HD expansion unit, in the original box, at a thrift store.

When I got it home and running I found the first -working- install of WordPerfect 4.1 for the Amiga I'd ever seen. After looking around in the WP directory for a bit I called the original owner on the other side of town.

He definately was surprised to hear from me. He had given it to a co-worker two or three years before. The fellow never told him he'd gotten rid of it. I assured him that I had no interest in his personal data. The phone call ended friendly.

[the_leander]

Heh, now thats a nice story, kinda made my day, cheers  :-D