Every now and again, two of my favourite subjects come together (No, not blackmail and hard discs) - Technology and Motorsports.

Formula 1 star of the McLaren-Mercedes team, Lewis Hamilton, has been the focus of a blackmail attempt by a man in Germany, named simply “Dieter.” Dieter somehow obtained a hard drive, that had supposedly been disposed of some months before, that contained documents and other personal information. For those who are unfamiliar with the McLaren-Mercedes scandal of last year, the team were found guilty of using secrets from another team to improve their own car - and this hard drive could possibly had more such evidence on it. Trying to sell the hard drive to the German motorsport magazine, “Bild”, Dieter was arrested by police after the magazine tipped off the authorities, as reported by the Daily Telegraph today.

So how do you properly and permanently remove sensitive information from your hard disc?

Remember - when you delete things in Windows the data is usually still there - just because you can’t access the information doesn’t mean somebody else won’t be able to. The very nature of deleting a file just means renaming the first character of the filename, to let the system know the space it takes up can be used for new files - and the data is still there until new files are written in the same place. And even if the space the file used to occupy is overwritten with different files, there are techniques that can be employed to find out what used to be on the surface of the disc. Once you know this, you need something a little better than the recycle bin in windows to remove your sensitive data, and there are three methods you can use to do it:

The first way is with a program that allows you to securely delete files - rather than by using the recycle bin in Windows, download Eraser. It has a drag and drop interface that allows you to do a multiple-pass wipe so that the bytes the file occupies get overwritten properly, making it practically impossible to retrieve the data that used to be your file. Amongst others, by default, it uses the “Gutmann” method of wiping that employees 35 separate passes of specially selected data to make sure nobody can retrieve the information, chemically, from the drive. This should be enough if you just need to remove the odd file that’s a bit sensitive. It is geared towards doing things in batches, so you could drag files you want to remove into the program and before you log out, process them all in one go. This takes care of single file deletes.

The second way is a little more abstract, and Eraser is up to the task of removing this type of data too. Remember when your files are removed, they aren’t actually erased, the space is allocated back to the system to write files into? Baring this in mind, all the files you’ve deleted previously, will have data scattered all over the drive, in places ready to be overwritten, but for whatever reason the system hasn’t got around to using yet. So the second method is to wipe your free space on the drive. Every byte that isn’t allocated to a file will be subjected to the same rigorous treatment, using the same methods.

When you’ve come to the point when you’re ready to throw the hard drive away and want to be sure there’s nothing left on it, the last method to remove data is to wipe the whole drive. And the best way to do this is to melt it down! Failing that, if you don’t have a kiln in your house, try DBAN (Darik’s Boot And Nuke). Download DBAN, burn it to a CD, boot from that CD and you will be able to wipe any drive in the system with multiple passes of random data. Eraser, above, also supports wiping whole drives and can create a “Nuke Disc” to boot from. DBAN, however is a personal favourite, and I’ve never had problems with using it. This should securely remove the data - although of course, nothing is as secure or cool as melting it - plus you get the added advantage of doing something cool to video and put on youtube!

Those of you who use the McAfee SiteAdvisor plugin for Firefox, will be aware of how McAfee are helping to protect users from malicious sites. The plugin notifies users with a simple colour coding that allows users to visually work out if a website has been reported for malware or spyware attacks. The plugin works with community support - reports being fed to McAfee from users with comments posted on the site’s page detailing the problems they faced.

Well now, McAfee have teamed up with Yahoo, to do a very similar thing on their search results. When you search for a term using Yahoo’s engine, there will be an indication next to the site that identifies it as malware/spyware, if it’s been reported that the website has been up to no good. This should hopefully prevent people from clicking on the link, or at least, make them find out why the site has gained such a reputation. If you already have McAfee’s SiteAdvisor plugin installed, all search engine results are automatically checked anyway, so you won’t gain much. And you have the added advantage of being notified of a malicious site when you’re browsing it. At least the Yahoo deal is a step in the right direction. Read the Yahoo! press release.

Thruvision, based in Oxfordshire, are to show off a new product, the T5000, that can see if people are illegally concealing items. The system can pick up on various materials that have a different “signature” to the human body. Items made from substances such as metals, plastics, gels or even explosives will be picked up by the T5000. You can have a look at some of the features of it’s predecessor, the T4000 [here].

Of course if you happen to be carrying personal things legitimately I guess it will pick up on those too. And the best thing about this new system? It’s non-invasive or “passive.” That’s secret agency speak for “you don’t know you’re being scanned.” The initial idea is a great one, but as with all of these things, it shouldn’t invade on citizen’s normal rights to walk around. We want to feel safe, but scanning everyone by invading their privacy in the hope of catching that one possible terrorist seems like stretching the imagination a little too far. [SHOW ME]

Young Adam Dabrowski has been arrested after a schoolboy prank caused 12 passengers injuries when he rearranged the points for the local tram network in Lodz, Poland. Initially it looked as though he was being malicious, but I’m not so sure. It’s just another hacker story that seems to skirt around the real problem, by focusing on a kid that’s obviously bored and needs proper stimulation. The real story here is the pathetic security of the transport department in Lodz.

Adam was described by his teachers as an “electronics genius” or so this article says, although that may just be a smoke screen to hide the inadequacies of the local authorities. If anyone can gain that sort of access to public transport (with a modified TV remote control!) things are very wrong. What if it had been a terrorist? I’m sure it would be “dead” not “injured” in the headlines.

Hopefully the proper authorities will investigate what went wrong and put measures in place to make sure it doesn’t happen again. I remember, about 8 years ago, one local authority in the UK had their inner-city traffic light system running from a gigantic excel spreadsheet - stuffed full of macros. This system is also equally behind the times if an infra-red remote can cause so much havoc. [SHOW ME]

Yeap, you heard correct. Literally hot off the press, the release candidate is available as a 336Mb download (which I’m downloading as I write this) and includes potential speed increases, bugfixes & enhancements to current features - much earlier than expected. The Windows Vista SP1 RC can be downloaded now, but is not widely available to the public. The full list of the changes and enhancements in XP SP3 can be found [here]. One of those, NAP or Network Access Protection, is a feature linked to the new Windows Server 2008 OS. NAP makes sure a computer is protected properly before giving access to valuable network resources. There also less corporate-based updates, such as to the wireless protocols, adding the much more secure WPA2. Changes to existing parts of the OS, explaining security a little more, for instance are also present. You now also have the ability to install Windows XP, with SP3 without a product key - allowing you to enter it at a later date when it’s more convenient.

Please remember though that this is a Release Candidate which means, although this version of the service pack will most likely be exactly the same as the released version, there are no guarantees that your system won’t be screwed over by the install. Backup important data first, and if possible, take an image of your hard drive just to be safe. I’m also sure that if you don’t have, how shall we say, a “valid” copy of Windows this update will probably break your installation. Look for follow-ups to this article (just in case things go horribly wrong for me in a minute!!) [SHOW ME]

Update: If you have previously used UX Theme Multi-patcher to skin windows XP, you would have noticed you will lose the ability to use custom skins. This can easily be fixed by checking the ‘Update’ section at the end of the original post.

Yeap, it’s apparent from this article that the GPU inside a Geforce 8 card is better equipped at the billions of math calculations required to crack passwords than the standard CPU. According to the report in this article, the Graphics processor is better by up to 25 times! I guess if you get loads of ATI cards hooked up over PCI-Express with Crossfire, you could have the ultimate home password cracking machine. [SHOW ME]

Yeah, this is pretty geeky. If you’ve ever been interested in Cryptography (the study of crytograms - or code making / breaking) then this will be really useful to you. But then as children I think we were all interested in spies and spying - and even more so if you were a boy - so I think anyone can benefit. I still have the PGP manual written by Simson Garfinkel and published by O’Reilly which I must have read it 5 or 6 times, just because the history and the technology is so interesting. Have a look - I may also, over the next day or so download the book and offer it on my website, along with the copyright notices. [SHOW ME]

40 people have been arrested from Cisco today, in Brazil, when the authorities alleged Cisco had imported $500 Million worth of equipment illegally into the country. The amount owed includes the costs of fines, unpaid duty and interest. Somebody needs to be fired for this massive mistake (which you can only assume that’s what it is) if only for the tumble the stock is going to take because of the news. It will be interesting to see if Cisco appeal and what happens at the courtroom. [SHOW ME]

Three men are fined a third of a million dollars (collectively) for inflicting spyware and malware for the company "Media Motor." According to sources, their efforts generated approximately $3.6 million worth of revenue.

Is this a joke? Why are these people still walking the streets? Surely what they did amounts to fraud? Apparently the FTC in the US don’t see it as that big of a deal that millions of people are ripped off of hard earned cash, and subjected to privacy invasions with internet usage statistics obtained without their permission and software obtrusively installed on their systems. Maybe somebody should take the ruling members of the Federal Trade Commission’s PCs and stick this spyware on it, without them knowing - like the rest of us. Perhaps when they write up a report to justify this ridiculous ruling they’ll be inundated with porn pop-ups. Or maybe the malware will initiate it’s attack when their children are trying to surf the internet. Maybe then they’ll understand the misery these people inflict on innocent people. [SHOW ME]

Robert Moore tells the press in the US how easy it was to hack into VoIP services and routers with usually little more than the default passwords that come shipped with the devices.

Not surprisingly, a lot of people still don’t get the importance of security within their devices - and this case plainly shows what can happen if you leave it to chance. Robert Moore worked as the technical lead in a scheme to rip off VoIP providers in an effort to get largely discounted rates and services. While he did the hacking, Edwin Pena did the selling. Mr Pena is reported to have made off with a million dollars of sold discounted services - illegally obtained - and has fled the US as a fugitive. It makes you wonder when people are going to wake up to the really basic security threat that everyone is under on the internet. All it takes is a well thought password and most of this stuff would never happen. [SHOW ME]