Hey everyone, welcome back to My Weird Prompts. I am Corn, and I am sitting here in our living room in Jerusalem with my brother, the man who probably has more encrypted hard drives than he has socks.
Herman Poppleberry at your service, Corn. And you are not wrong. I actually did a count last week and the drives are winning by a margin of about three to one.
That is slightly concerning, Herman, but it makes you the perfect person to talk about what we are diving into today. Our housemate Daniel was actually going through a box of his old gear this morning, and it sparked a really interesting question. He was looking at this stack of old laptops and phones from, oh, probably ten or fifteen years ago, and he was wondering what the real risk is if he just hands them off to a recycling center or sells them for parts.
It is a classic dilemma. Daniel was asking me if a factory reset is actually enough to keep his old photos and bank statements from falling into the wrong hands. And the answer, as with most things in the world of data security, is that it depends entirely on what kind of hardware you are talking about. It is one of those things where the common wisdom has changed so much in the last decade that if you are following advice from two thousand ten, you are probably doing it wrong.
That is what I want to dig into. Because I think most people have this mental model of data being like a physical document. You know, you throw it in the trash, and it is gone. Or maybe you shred it, and then it is really gone. But digital data is a bit more ghost-like, right? It leaves these echoes.
That is a great way to put it. The library analogy is the one I always go back to. Imagine a massive library with millions of books. When you delete a file on an old school hard disk drive, you are not actually burning the book. You are just going to the card catalog and ripping out the index card. The book is still sitting on the shelf. The librarian just does not know where it is anymore, so the next time a new book comes in, they might just shove it right on top of the old one.
Right, so until that space is overwritten by something else, that original data is just sitting there, waiting for someone with the right tools to come along and read it.
Exactly. And back in the day, with those mechanical drives that had spinning magnetic platters, you could actually use specialized software to look for those magnetic traces. There was this famous researcher named Peter Gutmann who wrote a paper back in nineteen ninety-six about how you supposedly needed to overwrite a drive thirty-five times to truly erase the data because of how the magnetic heads worked.
Thirty-five times? That sounds like it would take a week.
It took forever. And the funny thing is, even back then, it was probably overkill. But it created this mythos around data destruction. People thought if they did not do a seven-pass or a thirty-five-pass wipe, the government could still read their old emails. But the world has moved on. We are not really using those spinning platters as much for our personal devices anymore. Almost everything Daniel was looking at in his box—his old phones, his newer laptops—they all use flash memory, or Solid State Drives. And that changes the game completely.
So, let us talk about that. If I have a phone from five years ago and I hit factory reset, what is actually happening under the hood? Is that index card just being ripped out, or is something more substantial going on?
This is where it gets really interesting, and honestly, a bit more reassuring. On a modern smartphone, whether it is an iPhone or an Android device, the data is encrypted by default. This is something called file based encryption or full disk encryption. When you set up the phone, it generates a unique encryption key that is stored in a special, secure part of the hardware called the Secure Enclave on Apple devices or the Trusted Execution Environment on Android.
Okay, so every bit of data on there is scrambled into gibberish unless that key is present.
Precisely. So when you perform a factory reset on a modern phone, the device does not actually go through and overwrite every single zero and one on the storage chip. That would take a long time and put a lot of wear and tear on the flash memory. Instead, it does something called a cryptographic erase. It simply destroys the encryption key.
Oh, I see. So the scrambled data is still technically there on the chip, but without that key, it is mathematically impossible to turn it back into anything useful?
Exactly. It is like having a safe that is built into a mountain, and the only way to open it is with a specific key. If you melt the key in a furnace, it does not matter if the safe is still there. No one is getting in. For most people, and for Daniel's old phones, a factory reset is actually incredibly secure because of this. Once that key is gone, the data is essentially noise.
That is a relief for the phone side of things. But what about laptops? I know a lot of people who still have old Windows laptops or Macbooks from the mid-twenty-teens. Are they using the same kind of encryption?
Not always by default, and that is the catch. On a Mac, Apple has been pretty good about this. If you have a Mac with a T-two security chip or one of the newer Apple Silicon chips like the M-one through M-four, they handle encryption much like an iPhone does. When you go into the system settings and choose Erase All Content and Settings, it is doing that same cryptographic erase. It is fast, and it is very secure.
But what if I have an older PC? Say, a Windows ten or Windows eleven laptop that I bought in twenty-sixteen or twenty-eighteen?
That is where you have to be more careful. If you did not manually turn on BitLocker, which is the Windows encryption tool, then your data is likely sitting there unencrypted. Even on Windows eleven, if you have a Home edition and the hardware didn't support automatic Device Encryption, your files are just plain text on that drive. If you just do a standard Windows reset, there is a chance that a lot of that data could be recovered using basic off the shelf software.
So if Daniel has one of those older Windows machines, he shouldn't just hit reset and put it on a resale site?
I would not recommend it. For those older drives, you want to use a tool that actually performs a full wipe. Windows has a built in option during the reset process where it asks if you want to just remove your files or fully clean the drive. You always want to choose fully clean the drive if you are giving it away. It takes longer—maybe an hour or two depending on the size—but it actually writes zeroes over the entire drive.
I remember Daniel mentioning a tool called Clonezilla, and there is another one called D-B-A-N, or Darik's Boot and Nuke. Are those still relevant, or are they relics of the spinning drive era?
D-B-A-N is a classic. It is great for those old mechanical hard drives. You boot from a U-S-B stick, and it just hammers the drive with random data. But here is a huge warning: do not use D-B-A-N on a Solid State Drive.
Why not? Is it because of the wear and tear you mentioned earlier?
That is part of it, but it is also because of how Solid State Drives manage data. They have this thing called wear leveling. Because each little cell in a flash chip can only be written to a certain number of times before it dies, the controller inside the drive constantly moves data around to make sure the cells wear out evenly.
So if I tell the software to write a zero to sector five hundred, the drive might actually write it to sector nine thousand to save the life of the chip?
Exactly. And it keeps a map of where everything is. This means that a software tool like D-B-A-N might think it has overwritten the whole drive, but the drive's controller could be hiding some old data in what it calls over-provisioned space or bad blocks that are no longer being used for active storage but still contain information.
That sounds like a bit of a nightmare for security. If the drive is lying to the operating system about where the data is, how can you ever be sure it is gone?
It is a challenge. That is why for Solid State Drives, you really want to use the manufacturer's own utility. Most companies like Samsung or Western Digital have their own software that can send a Secure Erase or a Sanitize command directly to the drive's controller. That command tells the controller to apply a higher voltage to all the cells at once, essentially flushing them out in one go. It is much more effective than trying to overwrite it from the outside.
This brings up an interesting point about the unintended consequences Daniel mentioned. We are talking about selling or recycling, but what about just throwing things away? You see people sometimes just tossing an old tower P-C into a dumpster. That seems like a goldmine for someone who knows what they are looking for.
Oh, it absolutely is. Identity theft is often a game of pieces. There was a famous case back in twenty-twenty where Morgan Stanley was fined sixty million dollars because they didn't properly decommission old servers, and some of those ended up being sold with customer data still on them. For an individual, maybe they do not get your whole life from one drive, but they get an old tax return, a few saved passwords from a browser you forgot to clear, and maybe some scans of your I-D. You put those together, and suddenly someone can open a credit card in your name.
I think people underestimate how much of their life is cached in places they do not look. It is not just the documents folder. It is the thumbnail cache, the temporary internet files, the hibernation files.
Exactly. Even if you deleted a photo, a tiny thumbnail of it might still exist in a system folder somewhere. This is why I always tell people: if you are not going to sell the device, if it is truly junk, do not just throw it away. Physical destruction is the only way to be one hundred percent sure if you are dealing with unencrypted drives.
When you say physical destruction, are we talking about the classic drill through the hard drive?
That is the gold standard for home users. If you have an old mechanical drive, taking a power drill and putting three or four holes through the platters makes it essentially impossible for anyone but a high level state laboratory to recover anything. For a Solid State Drive, you have to be a bit more thorough because the data is stored on these tiny little chips. You need to make sure you actually crack or crush the individual memory chips on the circuit board.
I can just imagine you in the backyard with a hammer and a pair of safety goggles, Herman.
Hey, it is therapeutic! But honestly, most people do not need to go that far. If you are a regular person with a laptop from the last five or six years, turning on encryption today is the best thing you can do for your future self. If you use FileVault on a Mac or BitLocker on Windows, then when the day comes to get rid of that computer, you can just wipe the key and sleep easy.
That is a great proactive tip. But what about the stuff that is already in the box? Daniel's old phones and laptops are already there. Let's say he finds an old laptop that does not even turn on anymore. He can't run a secure erase if the motherboard is dead. What then?
In that case, you have to go physical. You can't trust that the data is gone just because the screen won't light up. The storage chip itself is probably still perfectly fine. If you can't boot it up to wipe it, you should pull the drive out. Most old laptops make it pretty easy to remove the hard drive with just a screwdriver. Once it is out, you can either put it in a cheap external enclosure to wipe it on another computer, or you can go the drill route if the drive itself is dead.
It is funny how we have moved from this era where we were worried about magnetic traces and thirty-five passes to an era where it is all about encryption keys. It feels like the battleground has shifted from the physical medium to the mathematics.
It really has. And that brings us to an even deeper level of data permanence. We have been talking about the hardware we own, but Daniel also brought up an interesting point about where our data goes after we think we have deleted it from the cloud. That is a whole different ballgame.
Right, because you can't exactly go to a data center and drill a hole through a server that belongs to a giant tech company.
Exactly. When you delete a file from a cloud storage service, you are essentially just sending a request for them to delete it. You have to trust their internal processes. Most of them have very strict policies where they mark the data as deleted, and then it is eventually overwritten as part of their normal operations. But you don't have that same level of absolute certainty that you do with a device you are holding in your hand.
It makes me think about the secondary market for these devices. You see these stories about people buying used phones on auction sites and finding that they can recover the previous owner's entire life. Is that still happening as much now that encryption is standard?
It is happening less with phones, but it still happens a lot with things like smart home devices, or even some printers. People forget that their office printer might have a hard drive in it that stores a copy of every document that was ever scanned or printed.
Wait, really? A printer?
Oh, absolutely. High end office copiers and printers often have internal storage. There have been cases where companies sold off their old office equipment and accidentally gave away thousands of sensitive medical records or legal documents because no one thought to wipe the printer's hard drive.
That is a terrifying thought. It is like our digital footprint is being leaked by the most mundane objects in our lives.
It really is. And it is not just printers. Think about your car. If you sync your phone to a rental car or a car you are about to sell, it might be downloading your entire contact list and your recent call history into the car's infotainment system.
I have definitely seen that. You get into a rental car and you see the previous five people's phones listed in the Bluetooth menu.
And if you are not careful, the car might still have their home address saved in the navigation system. So the lesson there is, whenever you are parting with anything that has a chip in it—a car, a printer, a smart fridge, whatever—you need to look for that factory reset option.
This is making me want to go through every room in our house and just start wiping things. But let's bring it back to the practical for a second. If someone is listening to this and they have a weekend project to clear out their old tech, what is the step by step?
Okay, here is the Herman Poppleberry certified protocol for secure disposal. Step one: identify the storage. Is it a phone, a modern laptop, or an old desktop?
Step two: check for encryption.
Right. If it is a phone or a newer Mac, just use the built in erase function. It is fast and secure. If it is a Windows machine, check if BitLocker or Device Encryption is on. If it is, a standard reset with the data erasure option is probably fine. If it is not, you want to do the long version of the reset that overwrites the drive.
And step three: if it is an old mechanical drive?
If you want to be extra sure, use a tool like D-B-A-N if the computer still works. If it doesn't work, take the drive out and use a drill. It is the only way to be sure.
And step four: don't forget the weird stuff. The printers, the old gaming consoles, the G-P-S units.
Exactly. Check the settings menu for a factory reset. And for heaven's sake, if you are selling a camera, take the memory card out! People forget their S-D cards in their cameras all the time.
That is a big one. You sell the camera and give away your entire vacation history for free.
It happens more than you would think. And honestly, the risk isn't just that someone will find your embarrassing photos. It is the metadata. Every photo you take has the location, the time, and the camera serial number embedded in it. If someone gets a thousand of your photos, they can basically map out your entire routine.
This really goes back to what Daniel was saying about unintended consequences. We think we are just getting rid of a piece of plastic and glass, but we are actually handing over a map of our lives if we aren't careful.
It is a responsibility. We spend so much time thinking about how to secure our data while we are using it—passwords, two-factor authentication, firewalls—but we often forget about the end of the life cycle. Secure data destruction is just the final chapter of good digital hygiene.
You know, it is interesting to think about the why behind all of this. Why is it so hard to truly delete something? In a way, it is a testament to how good we have become at making storage reliable. We have built these systems to be so resilient against accidental loss that they have become resilient against intentional deletion, too.
That is a profound point. We spent decades trying to make sure that a stray magnetic field or a power flicker wouldn't erase our precious data. We built error correction, we built redundant sectors, we built wear leveling. We made data incredibly sticky. And now we are finding that the stickiness is a double edged sword.
It makes me wonder what the future holds. As we move toward more exotic forms of storage, like D-N-A storage or glass based storage that is designed to last for thousands of years, how are we going to delete that?
Oh, that is going to be a fascinating challenge. If you have data etched into a piece of quartz glass that is designed to survive a fire, you might literally need a sledgehammer to delete your files. We are moving away from the era of soft storage and back into an era of hard storage, where the physical medium is almost indestructible.
It is like we are moving back to stone tablets, just much, much smaller ones.
Exactly. And the privacy implications of that are huge. Imagine if your medical records are stored on something that lasts ten thousand years. Who is going to be reading that in the year twelve thousand twenty-six?
Hopefully, by then, they will have better things to do than look at my old cholesterol levels. But it really highlights the importance of encryption. If the medium is permanent, the only way to have privacy is to make the data unreadable without a key that is temporary.
That is the ultimate takeaway. Encryption is the only way to truly delete something in a world of permanent storage. If the key is gone, the time scale of the storage doesn't matter.
I think that is a really empowering way to look at it. Instead of being afraid of our old tech, we can just be smart about how we manage the keys.
Precisely. And speaking of being smart, I should probably mention that if anyone is getting value out of these deep dives, we would really appreciate it if you could leave us a review on your podcast app or on Spotify. It genuinely helps other curious people find the show.
Yeah, it really does make a difference. We love seeing the community grow around these weird prompts that Daniel sends us.
And if you want to get in touch or see our back catalog, you can always head over to myweirdprompts dot com. We have all five hundred and fifty-four episodes there, and there is a contact form if you have a topic you want us to tackle.
Five hundred and fifty-four. Man, we have talked about a lot of stuff, Herman.
And we are just getting started, Corn. There is always more to dig into.
Well, I think I am going to go help Daniel with that box of gear. I suspect there is an old laptop in there that might need a quality session with your power drill.
I will go get my goggles.
Thanks for listening to My Weird Prompts. We will be back soon with another deep dive into the strange and wonderful world of technology and beyond.
Stay curious, and stay secure.
See you next time.
Goodbye!
