Your Shopping Cart


Cart empty

Share, Like or Comment on...  

primi sui motori con

Member Login  


Members Online  

The dangers of buying electronics from ebay and other online stores, or bidding sites. This article explains how infections sustained from previous owners or the malicious can seriously affect your computing and compromise your information.

Some Dangers of Ebay Computers

So a few days ago I was talking to a client, and we had traversed the topic of information security, and technology. She drops the bomb that she wanted to purchase a laptop, or desktop on ebay. A statement to which I've began grunting at. And, at that very moment in time I remembered working for another client approximately two years ago who shall remain nameless regarding the government, the world, and even people living under rocks on the moon were after her data. Although the risks are there within information security some of them may seem outlandish at best, and others may seem out of reach for most of the general population. Whereas for many security professionals we begin to wonder.

For the most part there is nothing wrong with purchasing a second-hand laptop, or desktop or other form of electronics. If it can help you save money, why not, right? If you have to dump money into the investment then that is something you should consider. In today's internet and electronic age where we can sell just about anything on the internet it becomes a hassle to gauge the physical, and overall health of an electronic system on the internet. We normally buy and a few months later, or a few years later if you're lucky we begin to have problems and issues with the system. However, there are unforeseen things that many people do not consider when they purchase systems second-hand. Many times, the sellers themselves looking to make a quick buck will inevitably format a hard drive, and re-install windows or Linux and post the device online. The main goal of this article is to help both sellers and users avoid potential issues which may arise. Although I will not be discussing the grounds of the physical conditions of these devices, some of the information contained herein may help you avoid a headache later on.

Message to Sellers

As many of us already know that when you press the "delete" key, rm, del or other type of delete function in the system, what you're really doing is labeling that file as "deleted," it's not being removed from the disk. It's being marked as free space so that you can use that segment where data once stood as "free space." However, the remains of where a file once stood, still stand. To the untrained eye (and one with the right tools) you can recover most of those files. Considering I've used tools such as ProDiscover and of course the popular Encase software you can recover a lot of files that were once deemed as "deleted." Some of you may say "so what's the big deal?" It's a very big deal!

Some of us may write down passwords, credit card numbers, addresses, or other sensitive information into text, word, or other types of documents. We may have pictures or other media files that we just don't want others to see (and why you'd take them in the first place is another issue in it's own that I will not discuss). What happens if the information gets into the wrong hands? Or, in the hands of a prospective buyer looking to search for information leakage in order to obtain information for the sole purpose to attack the seller? The threats and issues do exist. So how can you protect yourself? The first and easiest route is that of replace the hard drive that was once in the computer. And, this can have a few advantages to it. 1) The information you know you once had is no longer at risk of being divulged if you don't know how to securely delete your files (or what we call objects). 2) The likelihood of a user becoming irate due to a disk failure is then alleviated because you don't know how or when a disk will fail. You will only come across some warning signs, outside of that good luck.

So what can you do? You can use tools for windows, Linux or OS X to securely delete files, or wipe the hard disks clean. We normally refer to this as DoD6, or DoD3 disk wiping. The term originated from 3, or 6 wipes of the hard disk, or file to make it "unrecoverable." Attached to the end of the blog I will be including links to resources and applications which assist with this task. In some computers there is a feature known as "Secure Erase" which you'd need to check with your BIOS manufacturer in order to either utilize, or unlock. Due to the many BIOS systems that are available -- it would be difficult and time consuming to include all of them within this document. In time we may produce a document which covers this topic for you.

Message to Prospective Buyers

Most of your worries will be surrounding the issues with hardware working properly. However, I am not trying or attempting to make you paranoid when I say this. The threats of hardware rootkits are real! Again, the threats of hardware level rootkits are real. What this means is that if in the event the system is compromised a malicious application can hide in a few locations and become persistent. BIOS, or other type of chip that allows for EEPROM (Electrically Erasable Programmable Read Only Memory), FPROM (Flashable Programmable Read Only Memory) and other types of programmable methods for chips. Rootkits have been found in the wild that get into these locations and become persistent, meaning even after a hard drive, or disk format they are still there.

The worst part of this is that not even anti-virus software can find and or detect these malware applications because they become transparent to the operating system. Research into the matter was conducted on a specific level of rootkits and you can find that here What is worse is that the attacks have been going on since 2011 (Kaplan, D. SC Magazine). And, it's harder to detect and remove. Protections mechanics behind these techniques (which may be subverted) are Password Protecting the BIOS or even, enabling a DIP-Switch (which are rare to come across on modern computers).

Protection is normally difficult in order to discover such attacks, this requires an investigative eye. With new systems ACPI would need to be scrutinized, and examined in order to discover how and what is floating around in your BIOS. If you'd like references please check out the black hat talks here:

Share, Like or Comment on...  

primi sui motori con