ReyvCna t1_j6musjz wrote
So I read the article and it says that companies sends the machines to be erased and destroyed but the recycler wants to resell them.
This sounds like activation lock is working as intended and the issue is that companies want to waste stuff by destroying them instead of reselling it.
HaiKarate t1_j6n58d1 wrote
From the large enterprise IT departments I've seen, cleaning up old laptops that aren't being re-used by the enterprise is a very, very low priority. Like, I've seen walls of old laptops, stacked and waiting to be cleaned. The value of the laptops has been depreciated, and reselling them for pennies on the dollar is hardly worth the effort for a company making billions of dollars per year.
MartinSchou t1_j6nz81l wrote
> From the large enterprise IT departments I've seen, cleaning up old laptops that aren't being re-used by the enterprise is a very, very low priority
That's a political choice. If there was a direct cost associated with scrapping electronics rather than reusing it, there would be an immediate cost-benefit analysis done.
For example, if there was a $100 deposit on all electronics sold in US stores that would be refunded when a refurbishing company refurbished the product, a company can immediately see a return on investment of company time. It will immediately be worth it to have an IT person spend the 5 minutes it would take to get the device ready for refurbishment. Hell, if the company is large enough, it would be worth it to have someone employed to do only that.
It would also incentivise private individuals to dispose of their devices responsibly, because who wouldn't want $100 just for handing in eWaste?
pensivebunny t1_j6nljgb wrote
This, at least ours have big restrictions on reselling since they were paid for using government grants- we can’t just resell to the public, so if another department doesn’t need them, they just sit around in drawers for a few years until they get scrapped. Eventually some are listed on auction sites, but at that point they’re worth so little- even $500 isn’t enough to justify the time spent wiping, listing, etc. and potential liability if any financial/HIPPA info is left behind.
Once AppleCare wears off our machines are replaced anyway. We’re allowed to just keep our old ones, especially for international travel (computers can be searched at borders, this way we only load what’s essential and if it’s stolen it’s not a big deal).
ShawnyMcKnight t1_j6mzcwb wrote
Exactly, if I sent it to be destroyed I would want just that.
Red__M_M t1_j6nhnh4 wrote
I work in healthcare and laptops are almost always intentionally destroyed not repurposed. A laptop can contain absurd amounts of personally identifiable data and if it is lost then the fine for violating the Health Insurance Portability and Accountability Act (HIPAA) can quickly exceed $1M. It starts at $100 PER RECORD! Now imagine a nurse that sees 10 patients per day for 5 years. Or how about a person doing claims review on 100 claims per day? Then there is me who processes millions of records all the time.
Since a loss of information could be so costly, it is much easier to just destroy laptops than to try to format them. One of my former employers would take old hard drives and run a government format on them. Next they would erase them (again) with a strong magnet. Then they would shred the devices in house. Then they would give the shreds to a secure documents destruction company who I think would melt things down. Admittedly that was a bit over the top, but my point is that hardware destruction is the norm in healthcare.
pm_me_your_buttbulge t1_j6pfz5b wrote
SSD's don't delete like an HDD. Recovery, without modifying the settings of the SSD, is non-trivial. One dd if=/dev/urandom of=/dev/sd0 and you are not recovering that data. I've yet to find a recovery company capable of getting any useful data even when given the location of a text file and all they had to do was tell me what was in the file and nothing else.
It's become a phobia for quite some time now because of the laws.
It turns out the theory that some with an electron microscope could extra several layers of data was very wrong but people took it as gospel. Turns out it's an order of magnitude more difficult.
Most recovery is done from a 'they deleted the file and turned the machine off' type situation. Meaning no actual wiping occurred more than pointers to the file.
Specifically, for SSD's, it depends on the trim setting on your drive.
But even for HDD's, one solid dd wipe to full and there is not going to be any data recovery.
Now if you're talking hard drive made before the late 90's then some things can get weird and a few other factors may come into play but most of those hard drives are long dead now but even then it's still extremely difficult to recover data that's been zero'ed.
> but my point is that hardware destruction is the norm in healthcare.
It's also the norm in the federal government for similar reasons.
frosty_pickle t1_j6p42sn wrote
Having benefited from some data recovery companies in the past, sometimes data that’s erased is still there. That being said a there are some thorough formatting procedures which do a damn good job of cleaning everything out. But if your it department is overwhelmed with other things and information security is vital then a shredder does a pretty good job.
Viewing a single comment thread. View all comments