Winn Writes & Wrants

Generically, we call our desktops or lap-tops ‘boxes’. And every 2 years or so, many folks decide it is time to upgrade to newer, more powerful ‘boxes’ to handle the latest software that we want to run.

Video and other interactive multi-media applications require more powerful CPUs (processors) and more and more RAM (memory). These days, anything less than 4GB of memory slows things down, except for the smaller and limited capabilities of Net Books.

The question becomes then, “what do I do with my old computer?”

Many people choose to use it for appli-ance applications. Perhaps you would like to add Netflix, Hulu or other legal on-line movie streaming to one of your TVs. An older computer is just fine for that. Even ‘G’ level wireless will work for all but the highest High Definition streaming. The best way to do this is to completely start from scratch. Reinstall your operating sys-tem with the original discs, update the ser-vice packs (Mac, PC, Linux) and add anti-virus, anti-malware and the other basic security software you need to protect your computer.

But what if it’s so old it’s not even worth keeping…

Here are some options:

• Sell it on eBay or craigslist and get a few dollars.
• Give it to a school or charity organization.
• Put it at the curb and let someone pick it up.

And then just forget about it.

Until… perhaps…SURPRISE! You find your bank account has been accessed or your credit cards maxed out, or other personal or business data has been compromised; all without your knowledge.

What went wrong?

You may have forgotten that while the box is no longer of any value to you, the real val-ue is the information on the hard drive.

But you deleted everything from the hard drive. Right?

Sorry. Delete is not the same as erase.

Data recovery programs and experts know exactly how to get that deleted data because it is actually still there on the drive.

Some operating systems, such as Mac OS X and Vista will perform a secure erasure, but the security aware person will take an extra step… just to be sure.

Just as it’s recommended to completely cleanse and reformat an older machine be-fore putting it to use elsewhere, as discussed above, it’s a modern-day necessity to reformat the drive and perform a complete data wipe or erasure - if you want to sell or give it away. If you are just throwing it away, you should physically destroy the drive.

The U.S. Department of Justice (to name only one of thousands of victims) discovered this problem the hard way. They disposed of older machines only to find that confiden-tial information from the Witness Protection Program was discovered by an honest (fortu-nately) buyer at a flea market. Countless law enforcement agencies, corporations and indi-viduals from around the world have all been victimized by their own carelessness or lack of awareness.

Simple Lesson: If you’re going to donate it, use a free secure erasure program from a safe site like www.download.com. Otherwise destroy the hard drive. It’s actually an interest-ing project to take a hard drive apart and see what makes it tick. Very few bad guys have the time, money, skill or desire to put a drive back together.

Just do a search on Google for destroying a hard drive. You will find many creative, effec-tive and surprising methods. Or, you could just use a sledge hammer. It’s quite effective!

For more information on Simple Security Awareness, check out my company site or one of my books.

Simply Security: Once Is Never Enough from The Security Awareness Company on Vimeo.

Too many online scammers get away with what amounts to a wrist slap but a case if Las Vegas this week seems to be heading the right direction at least.

Internet scammer, Richard Neiswonger, sold “business opportunities” to unsuspecting victims through massive telemarketing efforts. Through extended court proceedings, the judge has had enough. His order: “Give us your $3.2 Million house…now… or go to jail.”

It’s about time.

But… let’s reconsider jail as the knee jerk reaction to cyber criminals.

“Send the punk to the slammer!” about a 15 year old kid who hacked the wrong company.

“She deserves 5 years in prison…” for being part of a bot net.

I have severe problems with the auto-American answer of jail for every miscreant act – especially of the cyber kind.

I firmly believe in alternative sentencing and think that the perpetrators should suffer in some way. But send them to the Group W bench with father rapers and murderers? I think not. The cost to society is like $50K+ per year to lock up the non-violent offender where he/she will fine-tune his criminal skills and contacts. Education courtesy of our Justice system.

We have the technology. Let’s use it.

GPS ankle-bracelets. Let’s use them.

Education: smart guys know their technology but got misdirected. Let’s put them back on track and utilize their expertise and truly behave like we believe in rehabilitation. How many cyber-acts are truly terrorist oriented? We fail to make much distinction from the ADD teen and Al Qaeda.

Can’t use a computer from home? Put the sensors in the ankle bracelet. If he/she really needs the Internet (who doesn’t?) let’s create a unique mandated path that all of their traffic must go through and monitor the hell out of it. How many thousands of cyber-criminals can be ‘controlled’ through one heavily restricted server farm? (Think China.)

The costs are a small percentage of what we experience now… and think of many more plea bargains will come about with reasonable sentences instead of the horrors of jail.

We have the technology. We know how to do it. But do we have the will? We can also send them back to jail if all else fails.