One third of adults can't delete device data The UK's Information Commissioner's Office (ICO) has warned that many adults don't know how to wipe their old devices, and a worrying number of young people just don't care. Clearing personal data off an old device is an important step before ditching it or handing it on to another user. However, almost three in ten (29 …
there is reason why there are shredders which can easily digest old 5 1/4 inch full height harddrives, or V6 motor blocks. For smartphones one step smaller is required, else a flash chip might make it through alive. Activated device encryption is not yet an enforced standard for every mobile...
let the turtle jokes roll in...
I'm surprised that people wanting to wipe their own device, but don't know how to, don't just take the device out on the back porch and have at it with a sledgehammer. Results:
1. Data wiped, device unusable.
2. User feels psychologically-better.
Icon for, "Wear appropriate PPE when sledgehammering electronic devices, as sharp bits could fly up and injure you."
umm no, it's not just the sharp bits.
Or at least not without taking out the Li-ion battery first
(and good luck if that is not user-removable).
Speaking from experience: someone I know did this when I was visiting, and they had to hurriedly move the whole thing out into a more "open area" when it started smoking. The stink was horrible, and I'm willing to bet it was quite hazardous.
I can't recall if it burst into flame before or after the smoke though.
There is an unfortunate relation between "smart" devices and how technically "smart" most people are nowadays.
From a recent article in the website "Buzzfeed"...
"BuzzFeed
"Older People Are Sharing What Scares Them Most About Younger Generations", by Hannah Loewentheil, Updated Sat, November 30, 2024, 7:18 AM CST·7 min read
...
2."They CANNOT use a computer. They can surf the web but cannot do anything useful. Many of my students are worse than my parents at doing simple things like attaching documents to emails or understanding the file path."
----------------------------------------------------------------
It seems that as people become more dependent on 'smart' devices, the more dumb they become...and this should be of very great concern to any and all regarding the use of 'smart' technology in cars to--ostensibly--make people "better" drivers.
"I usually use a hammer for hard drives. Be careful not to smash your paving"
If they still work, I generally use dd to zero them out then donate them to one of the local recycling operations. If not, I drill a hole through the case and platter then tie the platter off with a zip tie to keep it from rotating. Probably not as effective as a really thorough bludgeoning, but strangely satisfying.
I found some of those platters actually surprisingly hard to drill through.
That said, I have these blue painted Bosch drills that drill both metal and concrete, and they do the job just fine if I set the drill to percussion.
As always, percussive treatment gets the job done :).
@Orv: While what you wrote is true for the general populace, TLAs have custom drive firmware they can load onto the drives which improves their ability to recover data from a physically-intact drive.
Sadly, in terms of drive re-use and repair, dedicated servo tracks were eliminated decades ago. Integrated Drive Electronics (IDE) hard drives, and later models, use what are called "embedded servo sectors", instead. For models with this feature, "low-level formatting" of drives was no longer possible by a computer tech. Some modern drives have a feature called low-level formatting, but it actually just zeroes the customer-accessible portion of the drive.
The advantage of ESS is that it frees nearly a half-platter's worth of data-space, which the customer gets to use for their data.
I once was given an older, failing drive which had the old-style half-platter dedicated to servo tracks. The drive refused to correctly write/read the first 60 or so cylinders. I re-low-level formatted the drive, starting at cylinder 64, so that "track 0" was accessed via head 0 on true-track 64.
I lost about a third of the drive's potential capacity by doing this, but gained a reliable scratch drive.
We have a special sledgehammer which has its purpose written on the handle, along with noting that it's the property of the IT department.
As regards glass platters, from my experience, it's only 2.5" ones which often have glass platters - the 3.5" ones are pretty much always metal.
With the glass platters, easiest way to deal with them is to carefully remove the platter, put it in a strong, transparent bag then give it a sharp tap with the handle of a screwdriver - that should shatter it. 3.5" ones are where the sledgehammer comes in.
Does depend how many you have to do - if it's a lot then it can be worthwhile getting one of them shredder vans to come and visit, and watch the hard drives go into the hopper and emerge as a pile of mangled bits!
What do people do with SSDs? Prise of the flash chips and cut them up with a strong pair of pliers?
I "wipe" my dead devices, whether they be phones, disk drives, or tablets, with the pointy end of a welder's "pick hammer."
Now that's what I call satisfaction.
I wonder, now that I'm thinking of it, how many people take the time to wipe the computers in their cars when they trade them in or even have an idea how to do it? In the last couple cars I've owned the setting to clear the system was buried about ten levels deep in menus.
@Philo T Farnsworth "I wonder, now that I'm thinking of it, how many people take the time to wipe the computers in their cars when they trade them in or even have an idea how to do it?"
Having had a hire car* for the last week, I'd say not a lot. After pairing my phone to play music I then had to scroll through a list of 15 other phones to find mine. 15 previous drivers had left their phone data in the car's computer.
Before handing the car back I deleted my phone from the list though I have no idea if that was enough to clear the data collected from my phone off the system. Thankfully my phone runs /e/OS, the Renault was not able to access the phones content. Something it tried to do every time the phone connected, it would try to access Contacts and then the phone displayed an access failed message
*24 plate Renault Capture
"On my iPhone it asks me if I want to let the car access my Contacts, and when i tell it no it just moves on."
If the majority is always sane, you may need help.
Cars are the current big issue too since people will pair their phones with a hire car so they can use hands-free and car apps. Good luck figuring out how to delete all of that out of the car before you turn it back in. A dealer isn't going to be very keen to help you since it isn't your car and some brands (cough, Tesla, cough) don't have dealers.
It might be a good side-hustle to sort out how to delete data from cars and sell your services for all the market will bear. On the dark side, there might be some people taking jobs at upscale car hire places harvesting data when cars come back from VIPS. What would Beyonce's contact list be worth and a record of where she's been? Some texts? The job might pay minimum wage, but the side hustle could be worth a fortune.
Agree with Bluetooth connections to the car's own infotainment system, but there is always Apple CarPlay and, I imagine, Google's Android Auto, which doesn't store any data in the car's system beyond what is needed for the handshake between phone and car. All data, including GPS locations and recents remains on the phone - the screen is simply mirrored from the phone onto the car's display. This seems like a better option than uploading your contact list to a basic Bluetooth setup.
I suppose some cars on the market today don't have Apple's or Android's systems but when I was last in the market for a new one two years ago they were few and far between - I didn't see any other than Teslas and some pretend 4wd thing from Toyota.
"https://www.criminallegalnews.org/news/2022/apr/2/car-snitch-loophole-can-police-use-bluetooth-view-personal-data-without-warrant/"
There isn't a lot of difference between somebody's phone and their car if they've paired the devices and allowed them to cross share data. It's far different than there being probable cause during prohibition if a police officer smell liquor or today if an officer smells marijuana in places where it hasn't been legalized (or, in the US, it's a Federal LEO since pot is still illegal on a Federal level). One can't smell "Warez", naughty photos or texts between criminals. There's the freedom of travel in the US and I wouldn't be surprised if that Right has been extended to a right to keep your travels private so a search of your SatNav to see where you've been should be right out too. There's always the 5th amendment to the US Constitution that give the right to remain silent and not rat yourself out. I'm not sure that extends to all of one's records so I periodically clear the history on my SatNav. It also frees up space.I travel a lot for work (field service), so there can be a 100% chance I've been someplace where a crime has been committed during the relevant time period. I swear it wasn't me, it was the one-armed man. Kidding aside, other than a SatNav record there might be a slim chance police could prove I was there by independent means. In the UK there can be so much CCTV that my SatNav isn't needed at all, but no point in being my own enemy.
This became my favored approach when I (many years ago now) bought a small NAS device which failed but I managed to get running long enough to do a wipe. Its replacement also failed and I retired it with a lump hammer. Very satisfying. My most recent activity was two old 3G mobile phones - its most satisfying to see the screens go and the components bend.
My preference is on the side of a hill at 100 yards as I sight in a new rifle. Although as an American I don't NEED an excuse for another rifle, I will take whatever excuse I can muster ;-) The hard drives just get the 3/8" drill bit in the drill press. Quick and easy.
Considering when the 2nd Amendment was written, the private ownership of warships was legal, yes - it's an illegal restriction. The Founding Fathers were also cutting edge inventors of the time and knew there would be weapons advancements. And, there were already fully automatic weapons in use when the US Constitution was written so it's not just muskets allowed. When the 2nd Amendment was drafted, the standard was "whatever you could afford was allowed." It was also considered everyone's civic duty to ensure that those who could not afford arms were provided arms.
All that being said, I'm more than happy with restrictions in place to limit private ownership to personal firearms. I would not want to see a nuclear armed Bezos, or a Musk with a fleet of F-16s. The current limits are it though, and should be loosened up to allow fully automatic weapons.
"I would not want to see a nuclear armed Bezos, or a Musk with a fleet of F-16s."
A big question raised about Russian nukes is if they've been maintained or not. Their shelf life isn't all that great. The US spends gobs of money to keep their arsenal functional where there seems to be a dearth of evidence the Russians have been allocating funds to keep theirs up to scratch. Would Jeff want to sell quantities of his Amazon stock to maintain a personal nuclear arsenal. The massively negative PR value might get Amazon, Blue Origin and any of his other business ventures banned around the world.
Elon (as opposed to Kimball Musk) has Gulfstream jets. If he wants fighters, there are plenty around although I don't think there's private ownership of F-16's. The L-39 is a lot more sexy anyway and if you want to attack somebody, send the biggest rock you can up on a Falcon 9 and drop it on them. Sub-orbital would be all you need so that could be a really hefty block of granite. "It was only a rock. It's not like it was a bomb". Physicists in the room will identify that statement as silly, but not the average fanboi.
You potentially can legally own fully-automatic weapons in the U.S. The process involves an in-depth background investigation of you, by the F B.I., your fingerprints being taken, etc. If the government approves your application, you have to pay a US$300.00 "transfer tax" for each fully-automatic weapon you buy.
Also note: no convicted felon may legally own any firearm in the U.S. Mentally-ill people and drug abusers likewise are prohibited*
*Yes, you can lie on the purchase form. If the government finds out about it (and yes, they do check their records) you are looking at 10 years in federal prison/max US$250,000.00 fine. Add a bonus 5 years to your prison term if you illegally use narcotics or marijuana.
"The hard drives just get the 3/8" drill bit in the drill press. Quick and easy."
Other than retiring most of my HDD's before they are dead and using them as archive devices, I'll take dead ones apart and toss the aluminum bits in my Al box as I chill out listening to an audiobook. The rest of the bits go in the bin. Good luck resurrecting that.
I think the main reason it isn't liked is too often, it's used as "if you can't dispute the message, attack the grammar." This misuse of pedantry has turned pedantry into an attack, and people instinctively respond.
Plus people don't like having their inaccuracies pointed out.
The OS developers can add an app for idiots to help with wiping data?
Obviously it would have to be an app, because most users can't operate at system level either because they're not as interested, or as learned as the El Reg readers.
Hardly the most mind blowing of items from the ICO.
Which begs the next question:
Are the ICO going to do anything about it?
I'll get my coat as I'm not going to wait for the ICO to do anything, as usual! :)
I think people don't understand how low the risk is, even if they dispose of a working phone. If I took my iPhone, turned it off (or it had broken and was "off") and gave it to you you're not going to be able to get any data off it unless you're willing to invest significant resources and even then you may not. On first unlock after boot phones require the password, biometrics don't work. Even the companies like Cellebrite that make a living off selling tools for police etc. to unlock phones have a much harder time dealing with phones that are in "first unlock" state. That's why Apple's change with iOS 18.1 to automatically reboot if a phone hasn't been unlocked with Face ID for 48 hours has frustrated police so much, police have a much shorter window to get approval to spend the money necessary for that (and the process must be complete before the time expires or the phone will reboot in the middle of the attempt)
I'm not saying it is impossible to unlock such phones and read the data, even though Cellebrite documents showed it has no way of accessing recent iPhone models in first unlock state today. Because that doesn't mean they couldn't discover a way tomorrow, or that someone else already has. But if you're selling a phone on eBay or giving it away to charity or sending it to recycling no one is going to invest the resources to unlock your phone unless you are "somebody". i.e. if they know they've got Taylor Swift's iPhone they might spend a lot of money trying to unlock it because there are potential gains (selling info to tabloids, blackmailing her, the possibility of finding financial information on it to steal from her) but if it is just some random phone and they have no idea who's it is? Nope, there is 0% chance of them getting in because even if ways of getting in exist they aren't going to pay for far more than the phone is worth to unlock it.
I'm talking mostly about iPhones here since that's what I have knowledge of, but my understanding is that the situation is pretty much the same with Pixel and high end Samsungs (except that I don't think they do the automatic reboot thing yet) Cheaper models may have fewer protections so extra paranoia might be justified that end user attacks might be known. Though even then someone has to care enough to bother.
The biggest risk is that people might pick up some unerased devices in the hopes that some of them have a pin of 123456 or unlock without a pin at all. Then they have a low-cost way to steal things. It's not hard to press the erase button, and for most people, there is little reason for concern that there will be recoverable data left after doing that. The flash may not be entirely erased, but most phones encrypt by default and the part of the flash where the key is has been erased. For most opportunistic attackers, getting low-level access to read the flash is more work than they're going to do either.
There are exceptions for phones or drives that don't work where physical destruction is advisable. Otherwise, most people have no need to do that.
Yes, it would be very similar with all Android OS mobile phones - which as you say, Pixels and high-end Samsungs use, but also low-end Samsungs, middle-of-the-road Samsungs, Motorolas (high, low, and mid), Xiaomis and most other Android OS mobiles made in the last few years.
Bottom line is, if you don't have the specific Google account details to log in (ie previously registered to the device), you would find it very difficult or very costly to access any of the info belonging to the user who hadn't wiped it.
" if they know they've got Taylor Swift's iPhone they might spend a lot of money trying to unlock it because there are potential gains"
In that case, absolutely. The same would go for a senior politician. Figuring out how to squeeze the information out the first time is the big job. Once that's sorted, it's much easier to create hardware/software to do it much more automatically. The parts shops in Shenzhen that break down phones to resell parts on a wholesale level could create a 'bed of nails" that downloads data, scans it for prominent names and then does a wipe and reset so the board can be resold and used in a repair. Or, it might be that the memory is removed and scanned with a new chip applied as the means to having a fresh replacement main board they can sell if it can't be fiddled with in-situ.
I'll agree that if it isn't dead easy, the effort expended can have no return, but the capability might still be worth really good money.
That's not how you spell 'Shirley'.
I actually had this problem this weekend with an elderly M-Net Power 1 phone. An early Chi phone with the usual rough edges, but a decent battery and price. Luckily, no hammer required. If you have an apparently dead smartphone that you want to factory reset before recycling it, plug it in and leave it for anything from 5 to 45 mins. Obviously keep an eye on it to make sure it doesn't get hot, if it is old. These things take a while to get going again, like me on a cold, grey morning. Most of them will burst back into life eventually. Then you can reset them. Some netbooks also have a factory reset living under Windows - Google your model.
Well if you are in the EU or UK the GDPR is you friend, make a subject access request and ask for full deletion.
Well, maybe. That might deal with information about you (are you happy that a similar request could find and delete any information you have which mentions someone else?) but it wouldn't cover any information you have about other people or organisations. "My data" and "data about me" are two different things.
Don’t know about Android, but if you have an old iPhone to sell, you _must_ erase it so the purchaser can use it with their own appleid and data. If I buy your iPhone and you didn’t reset it, either we send it forth and back so you can reset it, or you have to give me your appleid and password so I can reset it. Or even just use it. Which is not something you want to do.
Same with Macbooks now, if they have been signed into an iCloud account - hence a lot of corporate cast-offs and insurance write-offs seem to be broken up for parts by recyclerrs now, even if quite new and otherwise would be repairable by the recycler. See ebay - the locked motherboards are also often offered for sale at low prices, but rarely seem to sell as they are useless unless doing board-level repairs and wanting a specific non-locked component.
"It's an age thing, but perhaps not in the way Reg readers might expect. After all, the young tend to be a bit more tech-savvy, right?"
I know this was tounge in cheek but I am surprised that a lot of people still think this. I believe that tech-savviness peaked with Gen X because we're the one's who had to learn to program VCRs for our elders. These days everything is done via app or user friendly interfaces so younger people don't have to develop the skills of wrestling with an interface designed by what appeared to be a sociopath!
Precisely. The young are tech aware in that they know there are lots of new shiny devices coming along. And they share lots of simplified techniques for doing otherwise difficult stuff without any real knowledge or skills. But few of then know what makes the shiny tick. What makes it happen or why they've been given these tools, or who has their data.
While I agree on the "whole young population in Germany and probably US" level, I disagree on the personal experience level. Most young I am in contact with are tech savvy, and they do dig into the details. I consider myself lucky that I, who got 50 last February, have such a selection around me which keeps my brain young too. 'Cause from time to time I cannot avoid seeing the other side: Those you mention are there in masses, but somehow I miss them throughout my normal life, and I don't miss that experience. (Disclaimer: I am from Germany, as > 99% of you might have guessed, but there is always that one....)
I have to disagree on the personal experience level with your disagreement on the personal experience level.
I find a lot of kids are doing the "cargo cult" thing. As far as they're concerned, it's tiny little elves. They have a set of behaviors/actions they use, and if they don't work, they're stuck. They have no idea what else to try.
The joke about a teenager unable to use a magazine because nothing happens when he taps the paper is real.
I'm surprised it's only one third, and not one half.
I agree. Not all members - or even many members - of age groups share the stereotyped qualities of these groups.
So while some boomers may well be smug bastards who retired at 50 on gold-plated pensions and sit in their multi-million pound terraced houses sneering at the poor while exhibiting every prejudice under the sun, most are nice, sensible people, and while some Gen-Z are indeed - in my experience - lazy, selfish idiots obsessed with pronouns, piercings and psychological excuses for avoiding work ("It's my trauma") most of that age group are nice, sensible people too.
It isn't difficult to erase a device. A few clicks in the settings menu, if you don't know where and don't want to poke around randomly then a simple web search for "how do I erase my iPhone/Android" will tell you exactly how.
There isn't any benefit in making it easier than that. Erasing a phone is something people rarely do, usually only once during the entire time they own it, and something you do NOT want to make so easy people will do it by accident.
There's no excuse for any smartphone owner to be unable to erase their phone, so long as they know how to perform a google search.
> There's no excuse for any smartphone owner to be unable to erase their phone, so long as they know how to perform a google search.
On the one hand you are totally right.
On the older hand: Sorry, there are some who don't know how to google. Luckily all older than me in my family (except for grand* which died before 1989/1996) are/were computer literate enough.
On the younger hand: Smack their head since they are just tooooo lazy. Those who can't even use a search engine deserve that. Luckily² I don't have to deal with that type since I don't get in contact with that type. I only see or hear them nearby, and then avoid them :D.
What's the Venn diagram look like between "people who don't know how to google" and "people who own smartphones and actually use them for stuff that needs to be erased"?
I bet the overlap is tiny. My mom has a smartphone, but uses it only to make calls when she's away from home or to call long distance (she has a landline but doesn't have long distance on it since the cell phone is "free") She'd never be able to figure out how to erase it, she probably couldn't follow the instructions even if she knew how to google (which she doesn't) because all my brother taught her how to do is to make and answer calls. She wouldn't know what to do if she was told to "go to the settings menu".
She has no apps installed, so if someone got hold of her "data" it would consist of the numbers that have called her or she has called. Maybe some spam text messages she got but never looked at because she doesn't know how to text. So there would be no reason for her to erase her phone. I'm sure it isn't using biometrics and I don't know if it even has a passcode - I'll bet not.
My tactic has been to use the phone for voice calls, shopping lists and a few different sorts of calculators and that's it. Once in a blue moon I'll look up an address if it isn't in my SatNav. No banking, no connection to my investment account, no NSFW missives, no password list. As a bonus, I can leave my bargain basement phone unlocked so if I happen to need emergency help and somebody willing to help doesn't have a working phone, they can use mine. Emergency responders can look for "ICE" (In Case of Emergency) contacts in my list to notify family and friends.
The first thing in avoiding a trap is knowing of its existence.
The first thing in securing data/money is not storing it on a small easily lost portable device.
That's how I use mine. It is used for 2fa authorization on a couple of accounts, but I delete those immediately after using them and have a backup phone that can be used. Just by having my phone, you'd have no way of knowing anything about me other than who I cann, and that I read BOFH.
"There's no excuse for any smartphone owner to be unable to erase their phone, so long as they know how to perform a google search."
With Google you'd get 10 pages of "where to buy 'how to delete my phone data'". Useful information isn't always returned in search results if nobody has paid for them to be included.
I've also run across information that was never updated from rev 0.9 so nothing matches up except the vendor and device part number. Menus are different, functions in the manual aren't found on the device. The menu choice is in the phone, if you set the language to Azerbaijani or Urdu.
This post has been deleted by its author
> some might not worry about it and stick it in that special drawer
Ahhh, yes. The standby. The phone that still works, but has got too slow, too full or too cracked to use in polite company. Yet could be recalled in an emergency. For instance if an ostrich was to swallow your new pride and joy.
Provided of course you can find the old charger for your backup device.
(And if you then find your previous backup phone is surplus to requirements, you can always repurpose it as a surveillance device)
I tend to use my old phones as mini tablets, things to watch Netflix on (I'm short sighted, it's okay...) and so on. Guess what I'm using to write this.
Having multiples is useful as I don't need to remember to keep them all charged up. I can just pick up another old phone and when I run out, charge the lot. Rinse and repeat.
I have two now, one polluted with company things (read: Microsoft crud) and one clean which is used for everything else (and properly backed up, just in case).
The only challenge is that the company one is a bit older so still has a lightning connector, whereas the newer one has a proper USB-C socket. Maybe next year I'll update the company one and swap them around. Also, Microsoft demands I make a personal Microsoft account to back up my company Authenticator settings, but I think I'll be sending them a formal privacy complaint next year so I can follow it up legally if they don't address that. I just have to wait until I'm sufficiently bored first, I do that more for entertainment.
Trying to deal with Microsoft will cause you more frustration than them! They are world-leading experts at going round in circles.
I have a support case open with them which is coming up to its first anniversary. During that time, many updates have definitely been going to fix the problem but none of them so far have - just installed another one. I'll find out in due course whether this works, but I'm not exactly full of confidence.
Only one year yet? Wait another 12 Month.
Read my endless rant about shadowcopy being broken, previous version inaccessible / broken from from Windows 11 "insider 22621.105" (aka pre-22h2), May 2021, and it took until the April 2024 update for 23h2 to get it fixed. 23 Month, just under two years. Bug survived TWO WINDOWS 11 RELEASES...
And I was *LUCKY* - why lucky? Lucky cause someone from Microsoft, who I am in good contact with now, saw my constant rambling about that bug in German forums, reproduced it, filed it as an official bug (with links to my countless feedbacks), and then pushed FOR ABOUT A YEAR to get the fix through! You read right, even someone from inside Microsoft has to push to get such fixes through.
If you google for "Windows 11 shadowcopy broken" you will see that I was not the only one, though you will only see complains until they fixed it.
Even quite some backup software was confused. Microsoft's first stance was, which made my Microsoft contact face-palm, "It is already fixed in Insiders for 24h2, why bother fixing 22h2"?
I LOOVE shadowcopy, I even made my custom scripts to give a useful handling within Windows Client, and more options for Windows Server, so I was stuck with 21h2 until the April 2024 update for Windows 11 23h2...
Ohh, and while are at it: Deduplication and Nested-V with Server 2022 and Server 2025, with Dedup on the level 1 guest, still gives data corruption. Which requires a reasonable fast machine (i.e. six year old CPU with 4+ cores and SATA SSD, Intel or AMD does not matter, 32 GB RAM), which Microsoft testers don't seem to have access to, only much older machines which are on the borderline to reproduce... The bug is filed, but like I wrote: They cannot reproduce reliably 'cause they only have too old-slow machines to test this, and cannot even be configured in Azure side Nested-V is not possible there. I even a script to make it easier to reproduce. And countless "Complete VM-package, unpack and follow instructions to reproduce" to make it easy, just read through that thread to download and test yourself...
But hey, Notepad AI is more important, isn't it?
"I tend to use my old phones as mini tablets, "
I use them for data acquisition. A small computer with a touch screen, wi-fi, BT and storage. I core out the battery (if it's replaceable) and use it to make connections unless I solder to internal connections and run wires for an external power source. The nice thing about Android is one can get and load apps without a Google account and it's not impossible to write your own and load those.
I have to wonder that *who* is the one being surveilled here?
See: https://play.google.com/store/apps/datasafety?id=com.ivuu
"Data this app may collect
Personal info
Name, Email address, and User IDs
Photos and videos
Photos and Videos
Audio
Voice or sound recordings and Other audio files
App info and performance
Diagnostics and Other app performance data
Financial info
Purchase history
Device or other IDs
Device or other IDs
App activity
App interactions and Other user-generated content
"
All that combined is a surveillance by itself.
You mean the ones who slow down as they reach the camera, in the same way they would for a single camera.
The trouble is that they should learn the hard way what it means.But I see little sign that these things are enforced, simply judging by the number doing well over the 50mph limit adjacent to my home near London's A406 North Circular Rd. If they were Transport for London would be able to afford gold plated buses.
(£100 every 10 seconds = £600/minute, or £36000/hr -. Based on the 18 most busy hours in a day to get a rough number that'd be over half a million quid per day in just one section.) Even if my estimates are out by a factor, that'd still be vast amount of income. But I'm pretty sure my figures aren't too far off the mark - because I've stood there while my dog was, err relaxing , and watched the stream of cars zooming past. Also driven along there many times, at not less than the limit, and watched cars zoom past me at significantly higher speeds.
> But I see little sign that these things are enforced, simply judging by the number doing well over the 50mph limit adjacent to my home near London's A406 North Circular Rd. If they were Transport for London would be able to afford gold plated buses.
A council nearby put in average speed cameras on a dual carriageway quite a few years ago. After a couple of years council were complaining that they were losing money as the cameras brought in less income than expected, in fact they brought in less income than the annual cost of the multi-year contract the council had signed with a company to operate & maintain the cameras. The council wanted to get out of that contract but couldn't.
Basically the cameras were achieving their alleged goal of reducing speeding on that road but from the council's perspective that was a bad thing as the council needed a minimum number of speeders in order to cover the cameras' running costs.
I also seem to remember that initially those cameras were specifically not allowed to "clock" any cars that changed lanes between cameras (I think it was due to some legislation approval not being in place) - obviously pairs of cameras were a fixed and measured distance apart but the distance would slightly vary between adjacent lanes due to corners/turns in the road. I believe later they were then approved to measure speed for vehicles that had changed lanes.
Lorries tend to ignore it completely and sit on their 56mph limiter, relying on the fact there's no traffic officers.
The cameras do nothing because the 'usual' 10%+2mph tolerance is 57mph.
It's dangerous driving as it causes all other traffic to make a choice between a rear-end collision, squeezing into the right-hand lane, or also breaking the limit.
If they'd set the cameras up for a 55mph trigger they'd fine every single lorry, and the project would have paid for itself within a month.
Be wary, those limits may not apply any more.
As for Germany: Since the measurement devices got better we are at 5% tolerance (GPS measured, not what you car says). So your 50 mp/h (80 km/h in DE) would, all tolerances included, only allows 54 mph and not 57. At 55 mp/h you may already see the light - or you won't since the newer infrared flashes are barley visible, less bright than a brake light. And polarizing filter is getting the standard too so they can see better through your sky-reflecting front glass.
Old cameras won't be upgraded unless they break, so if you test the limit: Check beforehand how old the device is they use :D,
"Be wary, those limits may not apply any more.
As for Germany: Since the measurement devices got better we are at 5% tolerance"
AFAIK the previous commenter was not referring to speed camera accuracy but rather to the NPCC (previously the ACPO) *policy* to only take speeding action when the speed is "10%+2mph" above the speed limit. I assume the various speed cameras the UK police use are far more accurate than "10%+2mph" over the limit.
Here's an old version of the UK police policy, on page 8 section 9.6 of this document: https://library.college.police.uk/docs/appref/ACPO-Speed-Enforcement-Guidance.pdf
Basically NPCC have decided it is not "worth" taking action below that margin, I guess they want to avoid their handheld/in-car speed detectors going off continuously for small infractions as if they booked everyone slightly exceeding the limit then this would no doubt trigger large scale public complaints/protests.
Also note that vehicle manufacturers are required to ensure that speedometers must never UNDERREPORT the true speed. Changes to wheels and tyres (including under-/over-inflation) can however affect the reported speed.
I got a EUR10 charge - and no Punkte in Flensburg - for exceeding a German speed limit by 4kph. It's their version of a warning.
If you exceed the speed limit by enough there, and a cop catches you, your driving licence gets revoked on the spot. How you then get away from the hard shoulder is your problem, but don't even think about driving. One exception: if you're a foreigner then you can drive, but only to leave Germany by the shortest possible route. So if they catch you neat Nürnberg, say, you end up in the Czech Republic and the problem of driving home from there without passing through Germany.
Or not. The tachograph fitted in a lorry is much more accurate than your car (+/- 0.1% Vs not showing more than 110%+6MPH). Also, the lorry Speedo is calibrated every two years to ensure it's accurate, and has a more full inspection every 6. When was your car Speedo last checked out?
I used to drive coaches, which were fitted with the same tachograph, subject to the same inspection, and my satnav would indicate the same speed as the tacho - ie if the tacho says 50, the satnav did. Put it in the car, and it was way out - car says 50, satnav says 45, car says 70, satnav says 62... Those numbers haven't got any closer together since then either, so possibly that wagon is sat at 50 in the roadworks and your Speedo is over indicating, and believe me, it's no fun getting something like that back up to speed when someone in front is going that little bit slower!
It does not matter whether it is calibrated if there is a change in tire pressure, for example due to weather or being >700m above sea level instead of 100. There are quite some areas in US and Europe where such height and weather differences meet on a relatively small distance. And not many lorries can adjust tire pressure while driving, and for normal cars uncommon.
Average speed camera's can also tag speeding cars, but I suspect that functionality comes at an extra charge, and given that cars slow down when they see a camera I don't think they'd make much money there.
However, they're the reason I still have a TomTom app running despite my company car trying to force Google Maps down my throat: TomTom picks up the average speed trajectory and keeps track of my speed vs the 'traject total', where as Google Maps at best occasionally shows a speed camera. Now I tend to stay within the speed limit, but sometimes you have to overtake and with the app you can keep an eye on how much margin you have for that.
You do realize that average speed goes down *fast* when you slow down a bit?
Average camera doesn't care at all if you drive 100mph for a while and then get stuck in the traffic jam moving only 40mph: Average is still within legal limit.
Observation of momentary speed is therefore meaningless.
"average speed camera" is only a legal way to store and keep the register plates of everyone who drove past them, i.e. tracking everyone.
Tracking people would be illegal (at least in EU) but 'average speed' can't be calculated without saving register plates. And then 'forget' to delete them. Nice.
Some devices just reload a clean OS but don't wipe ALL of the flash memory...
A determined hacker could still access personal data by reading the contents of the flash-chips directly.
Some cars won't even let you delete your personal data once you were stupid enough to connect your phone to it's systems !
"To ITS systems" FFS. "It's" = "it is", I learned that in primary school.
I have always found this mug a valuable reference with (6)&(7) being particularly relevant here but (16) is also pretty much universally applicable.
typically, in true Victor Meldrew tradition, my own piece of grammatical porcelain has a howling typo
It's even more fun if you install an account via am iOS profile because you then have a container in a container, with the mega-long key stored in the dedicated security chip which your password gives it access to. Zap the profile and the key is lost, rendering the container and the associated data into pretty much random noise in under 10 seconds.
Super handy if you need to cross borders which do not respect personal privacy such as China or the US (yes, the land of the f(r)ee) as a fully reset phone will draw suspicion, whereas there's no evidence a profile was ever set up after you've removed it.
> Runs off to Google
Wasn't that knowledge supplied by broadcast telly programs, "Brainiac" or the like? Along with burning diamonds in liquid oxygen? I've seen plenty of footage of thermite versus giant block of ice etc, and all before the days of YouTube.
(Anon in case I'm not supposed to know what to do with rust and grated - no, better stop there)
"FFS, it's not exactly a secret... https://en.wikipedia.org/wiki/Thermite"
A person I knew had a web site <copperthermite.com> but since he's passed away, it appears the web site is gone as well. One can look up how rail track is welded together. Actually, one should, it's 'ing cool (or rather, hot).
"(4) Thermite. "
Thermite doesn't actually work that well for this application. To make is work, you need a thermally insulating casing around the phone to direct the heat primarily into the phone. I can't remember if it is Thunderf00t or Big Clive that has a video on YT where they try to melt a hard drive with thermite.
Why 3 holes? Any particular location on the drive? Would the average user know to ensure all the platters are broken?
Surely it's better to encrypt the drive from the start, then I don't have to worry about how to wipe or irrevocably damage a non-functioning drive. It also protects my data in the event of theft of said drive.
After you roll out Microsoft Enterprise Grade Encryption across the whole company you find out that the OS was just using the built in HW encryption of the cheap SSD, and that was just xor-ing the data with a fixed key that can be read from the drive firmware.
"Surely it's better to encrypt the drive from the start, then I don't have to worry about how to wipe or irrevocably damage a non-functioning drive. It also protects my data in the event of theft of said drive."
Encrypting all storage devices also covers the scenario where a disk/SSD/USB stick dies and you need to return it under warranty in order to get a replacement - obviously in that situation you cannot delete data from the device before returning it.
I know of a place with a hard drive that lost data which was 1. Extremely important and needed recovering and 2. Extremely sensitive so the data couldn’t be read by anyone.
They solved the conundrum by sending the hard drive to a data recovery specialist- after drilling holes into the drive.
Interesting to search the internet and find out the (significant) differences between different interpretations of similar words:
(1) delete - which usually does not mean "delete"!
(2) erase - which might mean "delete"
(3) over-write - which has multiple interpretations (from over-write once to overwrite seven times!)
(4) destroy - which seems to be the only (almost) guaranteed way to "delete"
Isn't technology wonderful?
(3) worked well for long. When the data density got higher, somewhere around the 500 MB 3.5" HDD region, "overwrite once with random is enough" worked too. And them came flash with its reserve and inner logic to extend life.
So only (4) is left, combination with (3) recommended.
Most don't even realise that the data is on the phone.
As an example recently a non-tech friend was having issues reading pdfs on their phone.
After sorting the pdf reader I showed them how to find the pdfs stored on the phone.
They were shocked to see pdfs going back a couple of years still on there.
They had received them via email, read them and then deleted the email. not appreciating that the pdf have been downloaded and stored on the phone.
How were they to know?
"How were they to know?"
That one phrase encapsulates the danger with all sorts of modern tech.
My approach is to not access email from my phone. I'll deal with it when I get back to the home office so just call me (voice) if it's time sensitive. I find text to be a massive time waster. I can handle an inquiry in less than 5 minutes via a voice call and by text it's 20 minutes where I can't be doing much of anything else.
The real key is that people need to be much more careful about what they put on a phone in the first place, even with modern encryption.
I said some time ago, "nobody in their right mind does anything security sensitive on a phone" and I still believe that. The damn things are too easily snatched if nothing else and yet people are now putting tap and go card details on it. Absolute madness.
"The damn things are too easily snatched if nothing else"
and if it's snatched while unlocked, it's not that hard to plug in a black box that keeps tickling it so it doesn't go to sleep and lock. It's so nice that laws are being passed so all modern portable devices have the same connections.
Right, the laws are the problem. It's not like, without those laws, there were a total of two connections, so all they needed was a Lightning-to-USB adapter to stick on the end of their cable. It's not like you could use a Bluetooth keyboard to do that if you had an unlocked device, which would also be compatible with everything. A standard of USB-C is the villain in this case. Physical possession of a device with the locks undone gives you a lot of power, although, like computers, there are things you can't do without authenticating again and you can add more things to that. Both Android and IOS support locking apps behind a passcode, either the normal phone one or a custom one.
"Right, the laws are the problem. It's not like, without those laws, there were a total of two connections"
It takes so long for technofeeb attorneys to catch up that at the time they started whinging about all the different connectors, there were loads. I've got a box of power supplies with all sorts of ends. It got down to Apple using their Lightning connector and everybody else using USB of some flavor to now having USB-C as a universal standard. I'm not saying laws are/were a problem, but forcing every manufacturer into using just one connector makes life really easy for the Filth and criminals. I can recall a phone compromising kit sold to law enforcement that was mainly a case full of adapters. Today, I can have a small black box with a lead sticking out that rules them all. If I make it look like a vape, who's to question it? It would be far less obvious than having a Blue Box in your pocket some ages ago.
"I'm not saying laws are/were a problem, but forcing every manufacturer into using just one connector makes life really easy for the Filth and criminals."
I'm not sure how you intend those two parts not to be contradictory or how you expect the second part not to be wrong. The box full of adapters was evidently available, so connector multitude wasn't doing it. Of course what was helping at the time is that you probably needed lots of different software to sync call history and contacts from each model. Nowadays, when there are many fewer operating systems in use, you just need exploits for those that are. The number of cables is not the problem. Nor is device covertness, because there's a really simple solution to that. Not a vape, but a small phone charger battery. It's got a USB port and plenty of spacing. Just connect a USB-C or Lightning cable to it and press the button and it can use the exploit. There's your covertness sorted. The problem has nothing to do with cables or laws about cables.
"Right, the laws are the problem."
I was never trying to make a case that the laws were the problem. It's somewhat easier in the amount of gear you need to have to connect to a phone, but with the mentioned adapter kit, it could be done. Those kits (as kits) were only sold to law enforcement agencies along with some sort of black box that could siphon data from phones (this was before encryption and better security).
In many parts of the world, having a device in your keeping to compromise a security feature is illegal, which is why disguising one you have is important. If they can't get you on phone theft, they might be able to charge you with possession of burglary tools. It's like convicting Al Capone for tax evasion. That was what they could get to stick. If your data compromising tool looks like a vape, a common cop is likely to not even want to touch it, much less make sure it's what it looks like and not something else. If you are stopped by the FBI/MI5 and thought to be a spy, anything electronic will be suspect so something such as a vape pen will be examined carefully.
Easily snatched: I read one manufacturer connects to the accelerometer and on sudden acceleration the phone is locked. So if you are using your phone and I grab it from my moped I should have a locked phone in my hand.
Can’t remember who does this and what the success rate is. And hope it is not patentable because I’d want everyone to copy it. And needs to be done carefully so your phone can still call for help after a car crash.
... Big tech has most people's data anyway and the majority don't give a damn.
I have no idea what the stats would be between these two outcomes :
Big tech customer data leak
Or
You don't wipe your phone before sale and a buyer steals your data
On the latter, most devices from the last decade ask for a simple verification, passcode or fingerprint, so its far more likely the buyer complains that they can't reset the device.
The chances of a buyer being able to hack the device then depends on luck and skill. If the data is encrypted, that seller would have to be a very important person to make it worthwhile.
The bigger data risk is old PCs, often trivial to get into, including changing user creds.
I've seen people dumping them outside their houses, or at the recycling centre, hard drives still in place.
Even this isn't that risky when it comes down to it. There's far easier ways for bad actors to get data. Let's face it, trawling in skips for old computers from Joe public in the hope of a lucky data score is a fools errand. Businesses less so, obviously.
The more I think about it, the less of a big deal this is for your average Joe, who is already giving away troves of data.
"The bigger data risk is old PCs, often trivial to get into, including changing user creds."
I work with a company that helps people, usually older, move/downsize/estate liquidation. Behind me I have the latest pile of computers. They don't get sold with hard drives and often won't get sold just because removing the drives costs too much compared to the value of the computer. Most of them still have XP or are Mac barely new enough to still have a working browser. In exchange for piles of electronics, I make sure that data is flushed. I recondition some and load up W7, Libre Office and some other freeware for the church to give to needy families with kids that need a computer for school. It's a bonus they aren't good for games (other than old text adventures). Anything too old gets turned into a plastic pile, a metal pile and a "not really metal or plastic" pile. If more kids were into electronics, I could provide them with pretty good bench power supplies. One of these days I'll finish with a small spot welder design I've been working on that uses an old PC power supply. 5v at a gazillion amps only needs a buffer to not bridge straight across the output to make a pretty good welder for battery packs. With the cost of power tool battery packs, rebuilding them can sometimes be a good sideline. The trick is sourcing cells rated for high discharge at a reasonable price in lower quantities.
Oh yeah, I'm sometimes asked to go through data to see if there are any financial details a family might need to settle an estate and things such as photos, contact lists and that sort of thing. Just a simple task such as hooking up a drive externally to bypass needing a password is beyond most people. It's simple enough for me to do and put everything into neatly labeled folders 'cause, OMG, those people had zero organizational skills and files were everywhere. The last job I did, I got a fat cash tip. The person that passed away had a load of old family photos/slides scanned professionally and nobody else in the family had copies.
old user here remove data? i have recovered data (IBGs) from old drives for ages now.
SOME win 11 laptops have unremoveable windows 11 installed on the drives. replacing them the only option.
yes, i spend two days inserting the dvd correctly once.
I also have a bucket of USB sticks.
It isn't that I don't feel competent to delete data from a device, I just don't trust that it has been destroyed.
With removable media, that's fine - I can (and do) remove the drive and physically destroy it, before passing the rest of the PC or device on for 2nd use or recycling.
On a mobile phone however - honestly I am not sure I *can* ensure that data is irrecoverably removed. I have resulted to using an old microwave oven to render old phones beyond recovery, I just wish there way I could be certain that data was irretrievable, whilst being able to re-use the device
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
