Damn, that's a crazy security loophole. Who thought this was a good idea?
http://www.cbsnews.com/stories/2010/04/19/eveningnews/main6412439.shtml
Quote
NEW YORK, April 15, 2010
Digital Photocopiers Loaded With Secrets
Your Office Copy Machine Might Digitally Store Thousands of Documents That Get Passed on at Resale
By Armen Keteyian
(CBS) At a warehouse in New Jersey, 6,000 used copy machines sit ready to be sold. CBS News chief investigative correspondent Armen Keteyian reports almost every one of them holds a secret.
Nearly every digital copier built since 2002 contains a hard drive - like the one on your personal computer - storing an image of every document copied, scanned, or emailed by the machine.
In the process, it's turned an office staple into a digital time-bomb packed with highly-personal or sensitive data.
If you're in the identity theft business it seems this would be a pot of gold.
"The type of information we see on these machines with the social security numbers, birth certificates, bank records, income tax forms," John Juntunen said, "that information would be very valuable."
Buffalo Reacts to CBS News Investigation
Juntunen's Sacramento-based company Digital Copier Security developed software called "INFOSWEEP" that can scrub all the data on hard drives. He's been trying to warn people about the potential risk - with no luck.
"Nobody wants to step up and say, 'we see the problem, and we need to solve it,'" Juntunen said.
This past February, CBS News went with Juntunen to a warehouse in New Jersey, one of 25 across the country, to see how hard it would be to buy a used copier loaded with documents. It turns out ... it's pretty easy.
Juntunen picked four machines based on price and the number of pages printed. In less than two hours his selections were packed and loaded onto a truck. The cost? About $300 each.
Until we unpacked and plugged them in, we had no idea where the copiers came from or what we'd find.
We didn't even have to wait for the first one to warm up. One of the copiers had documents still on the copier glass, from the Buffalo, N.Y., Police Sex Crimes Division.
It took Juntunen just 30 minutes to pull the hard drives out of the copiers. Then, using a forensic software program available for free on the Internet, he ran a scan - downloading tens of thousands of documents in less than 12 hours.
The results were stunning: from the sex crimes unit there were detailed domestic violence complaints and a list of wanted sex offenders. On a second machine from the Buffalo Police Narcotics Unit we found a list of targets in a major drug raid.
The third machine, from a New York construction company, spit out design plans for a building near Ground Zero in Manhattan; 95 pages of pay stubs with names, addresses and social security numbers; and $40,000 in copied checks.
But it wasn't until hitting "print" on the fourth machine - from Affinity Health Plan, a New York insurance company, that we obtained the most disturbing documents: 300 pages of individual medical records. They included everything from drug prescriptions, to blood test results, to a cancer diagnosis. A potentially serious breach of federal privacy law.
"You're talking about potentially ruining someone's life," said Ira Winkler. "Where they could suffer serious social repercussions."
Winkler is a former analyst for the National Security Agency and a leading expert on digital security.
"You have to take some basic responsibility and know that these copiers are actually computers that need to be cleaned up," Winkler said.
The Buffalo Police Department and the New York construction company declined comment on our story. As for Affinity Health Plan, they issued a statement that said, in part, "we are taking the necessary steps to ensure that none of our customers' personal information remains on other previously leased copiers, and that no personal information will be released inadvertently in the future."
Ed McLaughlin is President of Sharp Imaging, the digital copier company.
"Has the industry failed, in your mind, to inform the general public of the potential risks involved with a copier?" Keteyian asked.
"Yes, in general, the industry has failed," McLaughlin said.
In 2008, Sharp commissioned a survey on copier security that found 60 percent of Americans "don't know" that copiers store images on a hard drive. Sharp tried to warn consumers about the simple act of copying.
"It's falling on deaf ears," McLaughlin said. "Or people don't feel it's important, or 'we'll take care of it later.'"
All the major manufacturers told us they offer security or encryption packages on their products. One product from Sharp automatically erases an image from the hard drive. It costs $500.
But evidence keeps piling up in warehouses that many businesses are unwilling to pay for such protection, and that the average American is completely unaware of the dangers posed by digital copiers.
The day we visited the New Jersey warehouse, two shipping containers packed with used copiers were headed overseas - loaded with secrets on their way to unknown buyers in Argentina and Singapore.
©MMX, CBS Interactive Inc.. All Rights Reserved.
That's not a security hole, but users being ignorant or careless. Totally different and not really fixable.
Quote from: Zanza on April 22, 2010, 03:29:03 AM
That's not a security hole, but users being ignorant or careless. Totally different and not really fixable.
Indeed.
Quote from: Zanza on April 22, 2010, 03:29:03 AM
That's not a security hole, but users being ignorant or careless. Totally different and not really fixable.
:huh: How do the users even know about, let alone erase, the scan copy that was in the machine? This is a massive security hole that shouldn't exist, because the default copier mode should be to delete the stored image after it has been processed.
We simply redirect the image to the file server and don't use the drive on the machine at all.
Quote from: grumbler on April 22, 2010, 06:37:33 AM
Quote from: Zanza on April 22, 2010, 03:29:03 AM
That's not a security hole, but users being ignorant or careless. Totally different and not really fixable.
:huh: How do the users even know about, let alone erase, the scan copy that was in the machine? This is a massive security hole that shouldn't exist, because the default copier mode should be to delete the stored image after it has been processed.
We simply redirect the image to the file server and don't use the drive on the machine at all.
Yeah, no shit. how the hell would your average secretary know that the copier machine is storing images? More to the point, how would they know how to get rid of the images if they did?
There's loads of these technological security holes about. There was a recent study into disposed hard-drives from companies, of which they found a large proportion hadn't formatted/wiped the hard-drives, meaning a lot of information (some of it sensitive) was left on there.
Yeah, that is most certainly a rather gaping hole.
I am pretty damn computer savvy, and *I* did not know that copiers saved an image on the drive - and if I had known it, I would assume that the image was destroyed as soon as it was no longer needed to produce copies. Why wouldn't it be?
I forwarded this article on to IT Security. I don't think anybody would really have thought abuot this. Like I said, why would anyone?
Quote from: Berkut on April 22, 2010, 08:44:15 AM
Yeah, that is most certainly a rather gaping hole.
I am pretty damn computer savvy, and *I* did not know that copiers saved an image on the drive - and if I had known it, I would assume that the image was destroyed as soon as it was no longer needed to produce copies. Why wouldn't it be?
Because deletion doesn't destroy the data, just the MFT entry. The images are no longer accessible, but they are still there (unless over-written by later images). Special (though readily available) software is needed to retrieve them or over-write them.
Quote from: grumbler on April 22, 2010, 06:37:33 AM
We simply redirect the image to the file server and don't use the drive on the machine at all.
Ours are stored locally, but are deleted and wiped after each job.
Quote from: Berkut on April 22, 2010, 08:44:15 AM
I am pretty damn computer savvy, and *I* did not know that copiers saved an image on the drive - and if I had known it, I would assume that the image was destroyed as soon as it was no longer needed to produce copies. Why wouldn't it be?
It surprised me when my department got a new copier back in 2007 that they even had hard drives.
Quote from: derspiess on April 22, 2010, 09:09:17 AM
Quote from: grumbler on April 22, 2010, 06:37:33 AM
We simply redirect the image to the file server and don't use the drive on the machine at all.
Ours are stored locally, but are deleted and wiped after each job.
Asking around, I have discovered that the tech people that replaced me have stopped my practice of redirecting the images, so my school now stores them on the machine without any further protection for the data. They don't think it is an issue worth worrying about.
Quote from: derspiess on April 22, 2010, 09:11:17 AM
Quote from: Berkut on April 22, 2010, 08:44:15 AM
I am pretty damn computer savvy, and *I* did not know that copiers saved an image on the drive - and if I had known it, I would assume that the image was destroyed as soon as it was no longer needed to produce copies. Why wouldn't it be?
It surprised me when my department got a new copier back in 2007 that they even had hard drives.
It is a means of saving money - cheaper to make images and store than than to scan for each copy (like they used to). The scanner moving parts can now be made less robust/expensive.
Quote from: grumbler on April 22, 2010, 09:02:51 AM
Quote from: Berkut on April 22, 2010, 08:44:15 AM
Yeah, that is most certainly a rather gaping hole.
I am pretty damn computer savvy, and *I* did not know that copiers saved an image on the drive - and if I had known it, I would assume that the image was destroyed as soon as it was no longer needed to produce copies. Why wouldn't it be?
Because deletion doesn't destroy the data, just the MFT entry. The images are no longer accessible, but they are still there (unless over-written by later images). Special (though readily available) software is needed to retrieve them or over-write them.
Well of course - that is standard HDD file storage - but its not like overwriting the data is hard, or even takes any appreciable amount of time. Still surprised the file manager OS on the drives isn't doing that automatically. Hell, I think my W7 OS will do that if I tell it to...
Quote from: grumbler on April 22, 2010, 06:37:33 AM
Quote from: Zanza on April 22, 2010, 03:29:03 AM
That's not a security hole, but users being ignorant or careless. Totally different and not really fixable.
:huh: How do the users even know about, let alone erase, the scan copy that was in the machine? This is a massive security hole that shouldn't exist, because the default copier mode should be to delete the stored image after it has been processed.
The manufacturers offer extra equipment that encrypts or erases such data. If you don't buy that extra equipment, you should at least ask yourself why they offer such equipment and if your expectation of default behaviour is correct.
Alarming.
Quote from: Darth Wagtaros on April 22, 2010, 06:48:46 AM
Quote from: grumbler on April 22, 2010, 06:37:33 AM
Quote from: Zanza on April 22, 2010, 03:29:03 AM
That's not a security hole, but users being ignorant or careless. Totally different and not really fixable.
:huh: How do the users even know about, let alone erase, the scan copy that was in the machine? This is a massive security hole that shouldn't exist, because the default copier mode should be to delete the stored image after it has been processed.
We simply redirect the image to the file server and don't use the drive on the machine at all.
Yeah, no shit. how the hell would your average secretary know that the copier machine is storing images? More to the point, how would they know how to get rid of the images if they did?
Why the hell would your average secretary be in charge of disposing of the equipment? Surely someone in IT would handle that?
I just pull the disk and run DS on it before disposal.
Quote from: MadImmortalMan on April 22, 2010, 01:33:59 PM
Why the hell would your average secretary be in charge of disposing of the equipment? Surely someone in IT would handle that?
Why the hell would your average office or business have a "someone in IT?" Surely most copiers are bought by business office types in businesses that don't have an "in IT" for someone to be?
I need to check the copiers for asses and taint stored in memory.
Quote from: grumbler on April 22, 2010, 02:05:34 PM
Quote from: MadImmortalMan on April 22, 2010, 01:33:59 PM
Why the hell would your average secretary be in charge of disposing of the equipment? Surely someone in IT would handle that?
Why the hell would your average office or business have a "someone in IT?" Surely most copiers are bought by business office types in businesses that don't have an "in IT" for someone to be?
Then they deserve to let their data go out of custody and risk losing it. :P
Why would IT be in charge of a copier machine in teh first place?
Why would the CSA dino cavalry still not be able to win the war against Great Yugoslavia?
Quote from: The Brain on April 22, 2010, 03:57:01 PM
Why would the CSA dino cavalry still not be able to win the war against Great Yugoslavia?
Sharks, with frickin laser beams.
Quote from: Darth Wagtaros on April 22, 2010, 06:48:46 AM
Yeah, no shit. how the hell would your average secretary know that the copier machine is storing images? More to the point, how would they know how to get rid of the images if they did?
I knew. :smarty:
But then, I only knew by deduction. The copy guy could come in and check the machine to see who the last person to use it was by what was copied. The only way that could happen is with a hard drive on the machine. It never occurred to me that the hard drive should be wiped before being sold, though. I guess - like an idiot - I assumed it wiped when it was unplugged.
Our copiers are rented, so I suppose the school district assumes they will wipe the drives.
Quote from: Palisadoes on April 22, 2010, 07:03:24 AM
There's loads of these technological security holes about. There was a recent study into disposed hard-drives from companies, of which they found a large proportion hadn't formatted/wiped the hard-drives, meaning a lot of information (some of it sensitive) was left on there.
That's why, when I dispose of an old CPU, I remove the hard drives and use a fucking hammer, and drop the pieces in various smokestacks on the roofs of Little Italy.
:showoff:
Quote from: merithyn on April 22, 2010, 06:47:52 PM
Quote from: Darth Wagtaros on April 22, 2010, 06:48:46 AM
Yeah, no shit. how the hell would your average secretary know that the copier machine is storing images? More to the point, how would they know how to get rid of the images if they did?
I knew. :smarty:
But then, I only knew by deduction. The copy guy could come in and check the machine to see who the last person to use it was by what was copied. The only way that could happen is with a hard drive on the machine. It never occurred to me that the hard drive should be wiped before being sold, though. I guess - like an idiot - I assumed it wiped when it was unplugged.
Our copiers are rented, so I suppose the school district assumes they will wipe the drives.
Quote from: derspiess on April 22, 2010, 09:09:17 AM
Ours are stored locally, but are deleted and wiped after each job.
Same.
Quote from: Darth Wagtaros on April 22, 2010, 03:49:56 PM
Why would IT be in charge of a copier machine in teh first place?
In our case because they also act as network printers. You sent your print jobs to a central "mailbox" which you can access from all our "big" photocopiers. Also, you can scan/email documents directly with them. They're fully integrated into our IT network.
Ah yes. I forgot that other places have real infrastructure.
Quote from: Syt on April 23, 2010, 08:03:05 AM
Quote from: Darth Wagtaros on April 22, 2010, 03:49:56 PM
Why would IT be in charge of a copier machine in teh first place?
In our case because they also act as network printers. You sent your print jobs to a central "mailbox" which you can access from all our "big" photocopiers. Also, you can scan/email documents directly with them. They're fully integrated into our IT network.
Quote from: merithyn on April 22, 2010, 06:47:52 PM
Our copiers are rented, so I suppose the school district assumes they will wipe the drives.
Sounds like a solid plan to protect confidential data. :P