Is Your Data Gone? Comparing Perceived Effectiveness of Thumb Drive Deletion Methods to Actual Effectiveness

Previous studies have shown that many users do not use effective data deletion techniques upon sale or surrender of storage devices. A logical assumption is that many users are still confused concerning proper sanitization techniques of devices upon surrender. This paper strives to measure this assumption through a buyback study with a survey component. We recorded participants' thoughts and beliefs concerning deletion, as well as general demographic information, in relation to actual deletion effectiveness on USB thumb drives. Thumb drives were chosen for this study due to their relative low cost, ease of use, and ubiquity. In addition, we also bought used thumb drives from eBay and Amazon Marketplace to use as a comparison to the wider world. We found that there is no statistically significant difference between buyback and market drives in terms of deletion methods nor presence of sensitive data, and thus our study may be predictive of the perceptions of the market sellers. In our combined data sets, we found over 60% of the drives tested still had recoverable sensitive data, and in the buyback group, we found no correlation between users' perceived versus actual effectiveness of deletion methods. Our results suggest the security community may need to take a different approach to increase the usability, availability, and/or necessity of strong deletion methods.

[1]  Craig Valli,et al.  Oops they did it again: The 2007 Australian study of remnant data contained on 2nd hand hard disks , 2007 .

[2]  Craig Valli,et al.  The 2009 analysis of information remaining on USB storage devices offered for sale on the second hand market , 2009 .

[3]  Sarah M. Diesburg,et al.  A survey of confidential data storage and deletion methods , 2010, CSUR.

[4]  Erez Zadok,et al.  Type-safe disks , 2006, OSDI '06.

[5]  Hubert Ritzdorf,et al.  Secure data deletion from persistent media , 2013, CCS.

[6]  Emmanuel Aroms NIST Special Publication 800-88 Guidelines for Media Sanitization , 2012 .

[7]  Lawrence E. Bassham,et al.  Randomness Testing of the Advanced Encryption Standard Finalist Candidates , 2000 .

[8]  Mark Roeloffs,et al.  Forensic Data Recovery from Flash Memory , 2007 .

[9]  Steven Swanson,et al.  Reliably Erasing Data from Flash-Based Solid State Drives , 2011, FAST.

[10]  Srdjan Capkun,et al.  SoK: Secure Data Deletion , 2013, 2013 IEEE Symposium on Security and Privacy.

[11]  Timothy Vidas,et al.  Empirical analysis of solid state disk data retention when used with contemporary operating systems , 2011, Digit. Investig..

[12]  Peter Gutmann,et al.  Secure deletion of data from magnetic and solid-state memory , 1996 .

[13]  Srdjan Capkun,et al.  Data Node Encrypted File System: Efficient Secure Deletion for Flash Memory , 2012, USENIX Security Symposium.

[14]  Abhi Shelat,et al.  Remembrance of Data Passed: A Study of Disk Sanitization Practices , 2003, IEEE Secur. Priv..

[15]  Peter Gutmann,et al.  Data Remanence in Semiconductor Devices , 2001, USENIX Security Symposium.

[16]  Paul Goldstein,et al.  International Copyright: Principles, Law, and Practice , 2001 .

[17]  Robert G. Picard,et al.  The Internet and the Mass Media , 2008 .

[18]  Andrea C. Arpaci-Dusseau,et al.  Semantically-Smart Disk Systems , 2003, FAST.

[19]  Craig Valli,et al.  The 2009 Analysis of Information Remaining on Disks Offered for Sale on the Second Hand Market , 2010, J. Digit. Forensics Secur. Law.

[20]  A. Meyer The Health Insurance Portability and Accountability Act. , 1997, Tennessee medicine : journal of the Tennessee Medical Association.

[21]  Justin Marshall,et al.  TrueErase: per-file secure deletion for the storage data path , 2012, ACSAC '12.

[22]  Krishnun Sansurooah,et al.  A study of remnant data found on USB storage devices offered for sale on the Australian second hand market in 2011 , 2012 .

[23]  Braden J. Phillips,et al.  Recovering data from USB flash memory sticks that have been damaged or electronically erased , 2008, e-Forensics '08.