*** Welcome to piglix ***

Information diving


Information diving is the practice of recovering technical data, sometimes confidential or secret, from discarded material. In recent times, this has chiefly been from data storage elements in discarded computers, most notably recoverable data remaining on hard drives. Those in charge of discarding computers usually neglect to erase the hard drive. It is often in such circumstances for an information diver to copy installed software (e.g., word processors, operating systems, computer games, etc.). Other data may also be available, such as credit card information that was stored on the machine. Companies claim to be especially careful with customer data, but the number of data breaches by any type of entity (e.g., education, health care, insurance, government, ...) suggest problems for them as well.

In earlier times, the available discarded data included printed manuals and design records. In a famous case, a student, Jerry Schneider, discovered some discarded manuals for a telephone system ordering / shipping system and was able to build a business selling 'surplus' gear ordered from the telephone company as though for an internal company department.

Today, files, letters, memos, photographs, IDs, passwords, credit cards, and more can be found in dumpsters. Many people do not consider that sensitive information on items they discarded may be recovered. Such information, when recovered, is sometimes usable for fraudulent purposes (see also "identity theft" and physical information security) Two MIT students purchased a large number of obsolete computers at yard sales and the like and found everything from credit card information to tax return data. They published a paper, Remembrance of Things Past, documenting their discoveries.

Supposedly, information diving was more common in the 1980s due to lax security; when businesses became aware of the need for increased security in the early 1990s, sensitive documents were shredded before being placed in dumpsters. There is still considerable Internet activity on the subject of dumpster diving, so it is unlikely to have stopped with the widespread introduction of document shredding. Security mythology has it that curious hackers or malicious crackers commonly use this technique.


...
Wikipedia

...