02 January 2008


Magnetic kerfuffle

Recently, pioneering web developer Dave Winer became upset with Apple because he took in his laptop for warranty service, the Apple Store replaced his hard drive, and then the store wouldn't return his old drive to him, even when he offered to pay for it. After complaining enough to Apple and on his blog, he eventually got the drive back.

The reason he was upset was that his old drive contained a lot of his property, including source code, personal information, and so on. He was worried that Apple's keeping the drive risked that data, because they planned to refurbish it. There could be a security problem from that, including the possibility of identity theft if anyone ends up getting at the information on the disk:

What if the data on the drive can be recovered? What if there are credit card numbers and other personal information on the drive? Source code? Trade secrets?

Now, as I've noted before, Mr. Winer can be a cranky sort, so when he complains, it's wise to look at the problem carefully before deciding whether you agree with him. Some, including Matt Deatheredge (via John Gruber), initially argued that:

If the computer that needs to be repaired has sensitive information on it, I back it up and wipe the hard drive, restoring the default system on it.

Many people, including me, emailed Matt with variations of this point: If you take your drive to Apple (or anyone else) because it's died from hardware failure (which is presumably what would be covered under warranty), you might not be able to erase it. And if you take superhuman security efforts as some recommend on a dead drive (big magnets, drilling holes in the platters), Apple is going to say, "We won't cover this—you destroyed the disk."

Now, the risk of people poking around on your dead hard disk is mostly theoretical, although it is possible and has happened. And no one is yet sure whether Winer's disk was actually dead, or could have been resurrected enough for him to erase it before he sent it for repair. As Deatheredge notes in a big update to his post:

What happens if the drive is so damaged that you can't erase it at all? This case [...] seems genuinely problematic.

The real solution, other than for Apple to offer to give you your drive back (even for a fee), would be to encrypt anything important on your disk, or the whole thing, but few people do that. I have done it for some of my information, but not all, and when my MacBook drive died last year and I sent it back to Seagate, I was unable to erase it first. I'm not worried, but if I were paranoid, I might have eschewed a warranty repair, bought a new disk, and destroyed the old one myself.

But I didn't. Ooh, living on the edge.

Labels: , , , ,