An Empirical Analysis of Security and Privacy Issues Associated with Selling and Purchasing of Secondhand Storage Devices

Document Type

Conference Proceeding

Source of Publication

Isdfs 2025 13th International Symposium on Digital Forensics and Security

Publication Date

6-2-2025

Abstract

The increase in use of secondhand storage devices, such as USB drives has created a progressive market that is affordable and offers several environmental benefits. However, these devices often contain residual sensitive data due to improper sanitization and pose significant privacy and security risks. Legal frameworks like GDPR aim to enforce secure data handling, but gaps in enforcement and awareness further increase the problem. This study systematically evaluated the effectiveness of low-level formatting and shredding as data sanitization techniques. A 16 GB USB flash drive was formatted using BureauSoft's low-level formatting tool, and shredding has also been performed using File Shredder (DOD S220.22-M standard. USB drive was analyzed for residual data using forensic recovery tools such as PhotoRec and Scalpel. Despite the sanitization efforts, 431 files were recovered post-formatting and 391 files post-shredding using PhotoRec. Furthermore, scalpel was used as secondary tool for enforced data recovery and recovered 1946 files. This analysis revealed that neither method fully prevented data recovery. There is a need for advanced methods like cryptographic erasure and stricter regulatory enforcement. Future work will explore improved tools and methods to enhance data security in secondhand storage devices.

ISBN

[9798331509934]

Publisher

IEEE

Disciplines

Computer Sciences

Keywords

Data Security, Digital Forensic, Recovery, Secondhand Storage Devices, Security

Scopus ID

105008490977

Indexed in Scopus

yes

Open Access

no

Link to Full Text

Share

COinS