My gf works at a hospital and there are many panties in a twist about this right now. She contacted one of their major photocopier providers and asked about what happened to the ones they had on lease that were returned in the last few years. "Oh, they were sold, or scrapped, or given away... couldn't really tell you for certain though." So the obvious question: "Did you wipe the drives first?" "A: No, that wasn't included in our contract with you." - because nobody knew about this 'feature' when the contracts were written!
Massive fail both security wise and from the sales side on missing easy upselling. Very likely any hospital or police dept would gladly have paid for these services had they know it was necessary.
Does anyone remember this warning? I certainly heard nothing about this; and while I knew there had to be a hard drive in there to temporarily store the image, there was no reason to expect that it would store images permanently. Of course Americans "don't know" that copiers store images like that; how would we? Who had ever, EVER told us?
Who the heck needs the copier to remember their copying jobs long-term?
I'd guess that it's more like 99.999%.
Do you know that photocopiers store image on a hard drive?
would get very different response rates than
Do you know that photocopiers store image on a hard drive permanently until manually wiped?
Do you know that photocopiers store image on a hard drive?
When you photocopy an image, the photocopier...
1) saves the image to a hard disk permanently.
2) temporarily stores the image until the copy is finished.
The first question leads people to lie in order to not be seen as ignorant.
Is still pretty leading. People would say yes because they don't want to appear naive.
"Do photocopiers keep any records of copies made?"
Like if you wanted to find out if people know that bacon flavour crisps are vegetarian you'd ask something like "do any crisps contain meat or animal products?" and be prepared with follow on questions. So if the response is "no" you go back with "not even BBQ beef or bacon flavour?". If they answer "yes" you ask "out of these, which are suitable for vegetarians: ..." or somesuch.
So, if you copied something personal during your lunch break (considered a de facto perk, as long as exercised in restraint, e.g. that tax form before dropping same in the mail), would it remain on the copier hard drive? Worse, would it be deliberately archived in a company datastore?
This place was big enough and sophisticated enough to have some technologists dedicated to managing the machines (in conjunction with a service contract). Yet I ended up having to help them with some configuration difficulties. Which led and leads me to consider the implications also raised by this story. Any organization with a halfway decent security policy should understand and address these problems when first deciding the bring the machines in. Yet they apparently don't. And manufacturers should have addressed them up front in the feature set and use/management guidelines (e.g. a setting to wipe images on job completion, whether user controlled or in overall systems settings; a clear machine management feature to securely wipe (e.g. to a clearly defined and understood DoD standard) all drive data storage). Yet they apparently haven't. Or they don't clearly steer customers to knowledge and use of those features.
The reasons for the technological features are obvious. Their mis-management, unfortunately, seems all too familiar. I'm sure there were people arguing for better, but that would have been hard.
It's just like "deleting" a file off of your desktop PC; it's unlinked, but the data is still physically present on the drive platters until it happens to be overwritten, unless you make a special effort to overwrite it -- and most applications don't do that.
I'm not sure that it's really a flaw in the copier design, because they're not intentionally retaining the images any more than your PC is intentionally designed to retain Word documents that you "delete" without overwriting.
The problem is that many users are unaware that a modern photocopier even contains a hard drive ... they are probably oblivious of the fact that modern copiers have little in common with the traditional photostatic machines they grew up with, except that they're faster and don't smell as much. Manufacturers need to better educate buyers (or lessees) about the machines they're using, and perhaps make hard drives more accessible so that when they're sold, they can have the drives removed and destroyed first.
Once you get the HDD out it's easily treated like any other drive. Most of the documents will be deleted (there is often a buffer of non-deleted documents) but recovering them is pretty trivial. Some of the newer ones do actually scrub data at intervals now.
"using a forensic software program available for free on the Internet, he ran a scan - downloading tens of thousands of documents in less than 12 hours."
Since he had to use special software to extract the files, it looks like the software deletes the files, but not securely. Basically, it uses 'rm' instead of 'scrub'.
As explained below, storing scanned pages temporarily is good when photocopying (or faxing) multiple pages.
Also, the creator of the software mentioned (securely wipes photocopier harddrives) is a very smart marketer. The article is basically an advertisement for his software, "INFOSWEEP," and he's the one who showed the journalist this vulnerability in the first place.
They also have fairly small drives - the companies are out to make money - so at somewhere like kinkos your job would be overwritten multiple times by the end of the day.
It's only an issue if the system fails and the drive needs to be replaced - but anywhere operating under any sort of security regs would destroy the drive before it went off site.
We used to destroy them along with any waste explosive/munitions. Then health and safety stopped us and we had to buy a super monster shredder - which is a lot scarier than explosives but it can shred drives/entire files/interns etc.
I mean, OK, hard drives are cheap, so maybe copier manufacturers just said "eh, even if they run huge jobs, they can come back and repeat them later. Only costs us a couple more bucks." But dang - they gotta address this.
Hmmmm. I guess I just forgot how freaking big hard drives ARE these days. Discussion below about how a "small" 20GB drive could store so many documents at such-and-such size... oh yeah. It's startling to remember how gigantic 20GB sounded 10 years ago.
Maybe it needs a drive anyway for some other reason (like the software that runs it lives there instead of on a CF card or something), so it ends up being cheaper and easier that way?
Or you buy a $40 ATA drive and connect it to your embedded processor's built-in interface.
the answer is also necessary to figure out how many images are probably being stored. if the copier is just keeping them for debugging reasons (which would explain why nobody knows they're there), then they could very well be highly compressed 72dpi images.
This should not cost extra. It should be included in every single hard-drive-based copier.
And Sharp's add-on module might not be required if the copiers were treated like the computers that they are; it would be perfectly fine to just remove the hard drives when the units are being sold at their EOL, as I suspect most healthcare and government facilities do with their old PCs.
This is why I'd recommend all businesses use some kind of secure disposal service to get rid of old equipment. Hopefully the businesses that specialize in this field will add copiers to the list of items they scrub.
And there you'd just be dealing with PS and PCL, probably, rather than some weird proprietary image format that you might get on a copier's drive.
That's just outrageous. I can't think of a reason why copiers need to store images to begin with. It's a huge fail from the producers, and they shouldn't charge for cleaning up the mess.
Instead this should evoke a scandal like the Toyota braking thing and make producers have to recall their copiers, with millions or billions of losses.
Once out and connected to a computer you can recover data using any manner of tools.
I think FTK 1.8 still has a free trial you can use (http://accessdata.com/downloads.html). It's a bit of overkill for such a simple job but it will recover files fine. Otherwise just Google for programs to use on your OS of choice.
"Government Uses Color Laser Printer Technology to Track Documents"
In re: the article - Do you think arc90 is logging every document that is passed through Readability? Is this body of information worthwhile? I suppose it is good ammo for them to use to approach large media properties about the possibility of a paid site redesign project.
Seriously, how expensive are hard drives these days?!
But I think that's mostly just overkill. I'm fairly sure that it is completely infeasible to recover data even for the mighty government. :P
I suspect the theory is that wiping a drive is prone to accidental failure/mistakes. Destruction is pretty unequivocally permanent :)
After all, simply destroying a drive would allow you to magnetically scan the bits and pieces of the platters left over.
That would be an interesting challenge, now to find someone to pay for it.
I don't think it would be easy, but if the information is still on the platters you should be able to recover at least some of it.
Especially if it is email or other textual information it would not take a very large fragment to contain a large chunk of text.
On a single platter drive you'd have a better chance than on a multi-platter one, the synchronization tracks would help in figuring out what went were. It's a bit like puzzling together shredded documents.
The other problem with this is that the NSA is paranoid, and paranoia doesn't necessarily move with the times. This relates back to the first thing: If it's cheap and safe to destroy drives, and you are storing secrets, why not? That does not mean you need to destroy drives, which is what this conversation is about.
Wearing a belt and suspenders does not mean belts are prone to failure.
Few people would care to try to recover these things, but if you really are working with nuclear secrets...
Effectively infinite, when considering the copier lifetime. Certainly falls within most people's definition of Every.
Maybe we're talking monochrome? That reduces image size, but I'm not sure how to calculate that.
It's "every" by any normal definition, particularly in this context.
"Noisy" images, including poor-quality scans or scans of halftones, don't compress well, but a crisp scan of high-contrast text or line art will be a fraction of that 1MB even with a trivial compression scheme like RLE. If you store as a TIFF with LZW, or something proprietary but similar to that, you're probably talking about an average of 200kB or less for a high-resolution scan. And this is assuming a fairly generous size/speed tradeoff, since you have a local hard drive to burn. I've seen huge document archives that go the other way (scan at lower resolutions, compress hard) that average 30-50kB/page.
(boy, I'd hate to have to type that name to log in...)