Tag Archives: harddrive

The best tool to clone hard drives, is free!

Filed under Linux
Tagged as ,

While not a security related post…I thought I would let everyone know about a really good open source hard drive cloning software that I recently discovered when I needed to clone and image multiple Linux systems. It’s called Clonezilla and works just like Symantec Ghost but faster and free.

From the Clonezilla web site:

“Clonezilla, based on DRBL, Partition Image, ntfsclone, and udpcast, allows you to do bare metal backup and recovery. Two types of Clonezilla are available, Clonezilla live and Clonezilla server edition. Clonezilla live is suitable for single machine backup and restore. While Clonezilla server edition is for massive deployment, it can clone many (40 plus!) computers simultaneously. Clonezilla saves and restores only used blocks in the harddisk. This increases the clone efficiency. At the NCHC’s Classroom C, Clonezilla server edition was used to clone 41 computers simultaneously. It took only about 10 minutes to clone a 5.6 GBytes system image to all 41 computers via multicasting!”

Yeah, it’s fast alright! I have been using the Clonezilla Live to image hard drives and it has been working great. You can also run it off of a USB thumb drive if you are so inclined. So, don’t fork over $$ to that evil empire called “Symantec”…give Clonezilla a try if you want to clone a drive or multiple drives. 🙂

Bad hard drive? Don’t let Apple take your data!

Filed under Apple
Tagged as , ,

A very sad mac for security reasons

So the hard drive on my wife’s one year old MacBook has officially started to kick the bucket. Random crashes, slow performance and lots of errors like this in the system log:

disk0s2: 0xe0030005 (UNDEFINED).

Yup, we have bad blocks..all indicating imminent drive “FAIL”. I have AppleCare on the MacBook so I call them up and explained the situation. Surprisingly, they didn’t give me a hard time. In the past I have had problems with other computer manufacturers (ummm…Dell) in which I would have to argue with the guy/gal on the other end of the phone that the drive was “really bad” and I didn’t need to spend hours on the phone with them troubleshooting. So far so good with Apple right?

So I am finishing up the call and the tech is explaining how Apple will ship me a box to send the MacBook back to them for repair. Apparently, they don’t do self service hard drive swaps anymore. Weird since it’s easy to replace a hard drive on a MacBook. Anyway, the rest of the conversation went something like this…

Apple guy: “Sir, do you have a password set on your MacBook”?
Me: “Yes. Why do you need that?”
Apple guy: “The tech’s need it to replace your hard drive”
Me: “Huh? Why do you need my password to replace a bad hard drive? Just pull the old drive out and put the new one in.”
Apple guy: “Sorry sir. That’s the procedure.”
Me: “What if I don’t give you the password?”
Apple guy: “Then we can’t repair your laptop”
Me: “grrrr…fine…here is my password..ready? a-p-p-l-e-s-e-c-u-r-i-t-y-F-A-I-L”
Apple guy: “Thank you sir. You will have your shipment box in 24 hours.”

So for every bad hard drive that comes into the Apple repair center they log in to verify that the drive is bad? What do they do with all the drives like mine that are still functional but have bad blocks? Can Apple guarantee that there are no shady people working in the repair center wanting to steal my personal information? What happens to the data? The sad mac fact (note the “sad mac” picture above) is that no one knows!

I did some research on this and apparently Apple doesn’t care too much about your personal data. Dave Winer wrote about this extensively and notes the same problem. The Apple repair “terms and conditions” only states that your information is protected in accordance with the “Apple Customer Privacy Policy” and that you agree that Apple can use your data to perform the “service obligations”. Interesting to also note that on the Apple privacy web site under the AppleCare Repair Agreement it also states the following:

“You agree and understand that it is necessary for Apple to collect, process and use your data in order to perform the service and support obligations under the Plan. This may include the necessity to transfer your data to affiliated companies or service providers located in Europe, India, Japan, Canada, People’s Republic of China or the U.S.

Huh? People’s Republic of China? That’s nice. I couldn’t find any reference noting what Apple does with your personal “hard drive” data. They only mention your name, address, things you purchased, etc…

So what am I going to do about this? I’m going to completely wipe the drive (Darik’s Boot And Nuke is my favorite disk destruction utility) before sending it back to Apple just to see what happens. I have my doubts that they will actually log in to the MacBook to see if the drive is bad. Let’s see if I get the drive replaced or not…I’m betting it will be replaced, no problem.

Sure, Apple is not the only company doing this with hard drives. This is a problem that needs to be addressed by all computer vendors. What they do with your data should at least be disclosed in their repair and/or privacy policy (at a minimum). In the meantime, encrypt your sensitive data (TrueCrypt works well) and securely remove any data you don’t want people servicing your computer to see. I’ll keep you updated on the repair status… 🙂