Making use of warranty vs. privacy

[Helicobacter]

When SSD/HDD failures occur, aren't people afraid of making use of their warranty when their personal and financial information could be stored on the NAND-chips/sectors and still retrieved form the manufacturer (or enterprise server SSD's with confidential information)?

 

[Zap]

All depends on your level of paranoia. However, take this into consideration. All those stories you hear about personal information being stolen... how many of those are from RMA-ing a drive to a manufacturer?

 

[bryanW1995]

Don't put any personal financial info on your computer in the first place and you won't have anything to worry about.

 

[Concillian]

Don't put any personal financial info on your computer in the first place and you won't have anything to worry about.

Indeed, you should do your taxes completely by hand... in stone and chisel.

lol, not putting any personal financial info on a computer is not really a good option. Even if you have someone else do your taxes, your personal financial information ends up on THEIR computer.

Your only option for not having any financial information on a computer is to have your company mail you your check, then go to a check cashing place and put it all under your mattress, and pay all your bills in cash. That's not very practical. Especially since many employers require direct deposit nowadays.

You may be able to reasonably keep it off of your computer, but if you use a bank or credit card, your financial information is on someone's hard drive somewhere.

 

[dryfly]

When SSD/HDD failures occur, aren't people afraid of making use of their warranty when their personal and financial information could be stored on the NAND-chips/sectors and still retrieved form the manufacturer (or enterprise server SSD's with confidential information)?

Only economical solution would be to keep data on flash drive and forget warranty.

 

[hal2kilo]

Don't put any personal financial info on your computer in the first place and you won't have anything to worry about.

Yea man, and live off the grid.

 

[Blain]

When SSD/HDD failures occur, aren't people afraid of making use of their warranty when their personal and financial information could be stored on the NAND-chips/sectors and still retrieved form the manufacturer (or enterprise server SSD's with confidential information)?

Yes
If their data is considered too sensitive to be stolen, they destroy the drive rather than bother with any warranty service.
If they value their data they would already have a good backup plan in place.

 

[corkyg]

Sensitive data can be encrypted. And, a system with OS and programs on a SSD can be linked to a separate data drive or RAID array. Data exposure is something that can be managed. As Blain says, if it is really big time sensitive, then a failed drive would be destroyed and the failed drive simply expensed.

 

[mcturkey]

For businesses, if they worry about sensitive data on their drives, they usually have a contract with the OEM that allows them to keep failed drives (and still get the replacement) rather than send them back for RMA. Even so, the major OEMs and drive manufacturers aren't going to do anything with your drive besides fix it, thoroughly wipe it, and send it out to someone as a refurb. Small-time shops that deal with maybe a couple hundred drives a year might have time to investigate drives and look for goodies, but the big companies deal with tens or hundreds of thousands of failed drives over a year. The time it would take to recover data from a failed drive, without knowing if there is even anything sensitive on it, much less where on the drive it would be, is pretty much going to make it pointless to bother. Single drives from Joe Schmo consumer aren't a worthwhile target. Big Wall Street firm with a dozen failed drives? Hell yes, that's worth it--but they would already have a contract in place that allowed them to destroy the drive.

Sure, it's possible that an RMA'd drive will have sensitive data stolen from it. But in terms of that actually happening, you have better odds of winning the lottery.

 

[taltamir]

There is a very very simple solution.
Encryption

Also, when you RMA a defective drive you are getting a different working drive. The defective drive is defective, they cannot read it without repairing it first.
Who is going to repair a drive (an expensive process) only to steal your user data? nobody thats who.
Anyone who has such equipment is getting much more money getting paid to restore people's data for them.

 

[TheKub]

For businesses, if they worry about sensitive data on their drives, they usually have a contract with the OEM that allows them to keep failed drives (and still get the replacement) rather than send them back for RMA.

I bought a Latitude D610 back in the day and "Keep your hard drive" was like a $5 option. Thats cheaper than what it would cost to ship the drive to them anyway.

 

[randomrogue]

Don't put any personal financial info on your computer in the first place and you won't have anything to worry about.

When you say you're from the Alamo I take it you mean THE 1836 BATTLE OF THE ALAMO right?

 

[VirtualLarry]

The solution is simple. Something like TrueCrypt (free!) FDE. It encrypts all the sectors on the drive, so that nothing is written to the drive unencrypted. So should the drive fail, your data is safe.

IMHO, EVERYONE should be doing this. It's simple, and effective. (At least, so the docs say. I have no idea if the NSA has rainbow tables for 128-bit AES yet. They probably do.)