Online Revenge

Many people have submitted this story of a broken laptop purchased on e-bay. The buyer gives a little lesson on why you should always clean your hard drive before you sell a computer.

Boot and Nuke

[mahesh_gharat]

If you are selling/sending for repair, either your laptop or storage media, do not forget to take the backup and wipe out the entire content. Simply formatting/deleting the content may not help. The data will be still there, only the index (Allocation table) will be changed.
You can use something like Darik's Boot and Nuke http://dban.sourceforge.net/ [sourceforge.net] for deleting the content permanently.

Why is this on the front page...

[ystar]

This isn't news. Anyone who reads Slashdot would hopefully know to delete the contents of their HDD before shipping it out to a stranger...then again, anyone who reads slashdot isn't likely to be selling a "broken" laptop - not when there's spare parts around and Linux to be installed.

Re:and the seller...

[Neoprofin]

The police are involved because the seller called them, not because the police are doing anything.

It's still purely a civil matter as reported by the register and the defamatory site is still up. Score one for vigilantism on the internet.

Unless of course this is one of those things that falls under libel in Britain because it damages his reputation even if it does end up being 100% true.

Eraser w/Nuke Disk Option

[CodeBuster]

The Eraser [heidi.ie] program is an excellent and free way to securely wipe your hardrives prior to sale of your computer in addition to providing everyday secure wiping services including secure file deletion, free space, and swap file wiping w/multiple overwrite pattern options. I have no financial interest in this company whatsoever, but I have found this program to be a useful addition to my toolbox so you may want to check it out.

just in case anyone is interested...

[AxemRed]

Here's a link to the finished auction [ebay.com].

Re:and the seller...

[igb]

Truth is an absolute defence to libel in England and Wales and I presume Northern Ireland (I don't know about Scotland). The problem is the reversed burden of proof: the defendent has to prove truth, albeit only to civil standards.

Re:Two possibilites..

[AxemRed]

Based on Amir's Ebay record [ebay.com], I'm going to guess that he's a slimy crook.

Re:CFNM

[Abuzar]

I did learn from one of his photos about a fetish I'd never come across: CFNM (Clothed Female, Naked Male).

What? You have never heard of CFNM before? What happened to your sex ed? or does your sex ed come from america?

I am so sorry for you. One should always strive to keep themselves informed and educated, especially when it comes to matters of the sensual persuasion. Here, let me help you out:

Sample pictures of CFNM [english-lady-sonia.com]
Sample videos of CFNM [cfnmidol.net]
CFNM picture galleries on gigagalleries [gigagalleries.com]
CFNM video galleries on gigagalleries [gigagalleries.com]

Hope these pointers help.

Re:How to make sure your data is not readable

[techno-vampire]

There's another 100% secure way to wipe all the data from a hard disk, and it only has one step:

Drop it in an electric furnace and let it melt.

Re:Sector encryption

[davidesh]

try Darik's Boot and Nuke... http://dban.sourceforge.net/ [sourceforge.net]

Note the feedback

[CdBee]

Link to Amir's profile [ebay.com] Amir has done this before.. and how typical that the only positive feedback comes from someone called Nick Tofang.....

Re:Splash damage

[arivanov]

And this is exactly the reason why the guy who posted all this crap is being investigated by the police. Check the register for details: http://www.theregister.co.uk/2006/05/31/ebay_lapto p_site/ [theregister.co.uk]

Unverifiable? Let's give it a go...

[mattmacf]

After an intensive bit of sleuthing (ok, I found these [blogger.com]two [blogger.com] screenshots off the original blog [blogspot.com]) we can dig up just a bit more info than the Register story provided.

For your viewing pleasure:

The original ebay auction [ebay.com] (someone might wanna grab a mirror in case ebay decides to pull that down). Up for auction is a refurbished HP laptop with a 2.8 GHz P4 with two gigs of ram, a 15" screen and a DVD+/-RW. Ironically enough, the HD capacity is not listed.

The seller, amir6626 [ebay.com], who is no longer a registered ebay member with a feedback score of -2 (0 at the time of the auction with only one or two total feedback tops).

The buyer, spikytom [ebay.com], an ebay member since '02 with a score of 79 (70 at the time of the auction) with a total of 1 negative feedback.

The bid history [ebay.com]. Of note here is the fact that the auction was sniped 20 seconds before ending for GBP$350 (roughly US$660), quite a deal on the laptop that was listed.

Personally, I think it's quite a leap to claim extortion. I'll let you guys make your own judgements, but if you ask me, it seems like nothing more than a legitimate ebayer pissed after getting tooled over by a run-of-the-mill ebay scammer. And hey, who wouldn't be? Call me crazy, but I think the blog is great. Not only does spikytom get his own creative revenge, we all get a laugh out of it.

Re:and the seller...

[Pantero Blanco]

Defamation is spreading falsehoods to harm another person's reputation. "Libel" is the term used when the defamation takes the form of print; "slander" is the term used when the defamation is oral.

Re:More trouble for the buyer

[s7uar7]

...he's made himself vulnerable to a libel suit. Being in Britain, even if everything he says is true, that's not a defense. He held the seller up to public ridicule, and that's all that matters there.

No, truth is an absolute defence in defamation or libel cases in the UK. However, the defendant has to prove it's the truth, it's not up to the claimant to prove it's not.

Re:Not so funny when/if the seller commits suicide

[fm6]

If Amir kills himself, the guy who posted the photos might feel bad about it. But face trial? What law has he broken?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Use the security erase feature of the ATA spec

[Anonymous Coward]

...which is made for this purpose.
 
You could use MHDD [addict3d.org] to do this. Just password protect your drive using an ATA-command, then hack into it 3 times (MHDD does this automatically) to activate the security erase of the harddrive.
Wait a little while (2-6 hours, depending on the harddrive), and you're done.

I can also recommend this article [ucsd.edu], which details info on the very subject of erase protocols for harddrive, including DOD-protocols.

Linky

[anethema]

For those who dont read the articles, link to the page containing pics and excerpts from the hdd is here:

http://www.amirtofangsazan.blogspot.com/ [blogspot.com]

Wisdom foolows, pay attention!

[Anonymous Coward]

> Yes, it would suck if the buyer had to go on trial.

He will. The personal data protection laws in the European union (of which Britain is a member state) are extremely serious. The guy used the data without authorization and by making it public, he has become a criminal. He is very lucky if he aviods spending actual time in prison. I am sure the civil penalties will make him bankrupt anyhow.

Just yesterday, the EU supreme court crushed the EU-USA airline passanger data exchange agreement because it does not adequately protect EU citizens' privacy rights. If Sheik Osama is not enough excuse for rights treampling, that 375UKP certainly cannot be enough as well.

Also, the british mentality values privacy of the individual over anything else. The guy who posted someone else's details in public made himself anathema from the community of gentlemen and may have difficulty finding a job or gaining university admission by showing such moral definiencies in handling details of others' personal lifes. Also, the guy who posted the photos on the web is obviously homophobic based on his comments, which is a big no-no in liberal Europe and gayness is well established in britain since Oscar Wilde.

Not to mention the gross violation against the other people seen in those images. That is not "collateral damage", that is pure wickedness. I hope some of those people will also sue the avenger guy and make him feel the pain of having to pay half of his wage for penalties for a hundred months to come.

Finaly the guy who posted the photos online violated the most basic rule of civilization as we know it: presumption of innocence. Where is the proof the laptop was indeed sent in already faulty condition? What proof is there the damage did not happen while being rudely transported by the postal service, etc.?

Re:Not so funny when/if the seller commits suicide

[servognome]

If Amir kills himself, the guy who posted the photos might feel bad about it. But face trial? What law has he broken?
 
A wrongful death civil suit from the guy's family. There is a chance if they show what the buyer did was extraordinarily malicious, a jury could find him at fault for provoking the death.
Not saying that it is right, just that it could happen.

'nother ebay story

[thephydes]

My daughter "bought" an ipod on Ebay, and it never arrived. A couple of weeks later she was contacted by another "buyer" who had noticed that the "seller" had a business email address. So, he looked up the business on the internet and contacted the owner. Lo and behold, the business was a security firm, and the"seller" had been using company time, and the company system to market the ipods that she didnt have. So, Mim contacted the owner, and he told her that she would have her money in her bank account by the end of the week, which it was. I wonder if the seller is still a trusted employee at the security firm. ....... I certainly hope not. We subsequently heard that she had ripped off at least another 4 people with the same scam.

Re:How to make sure your data is not readable

[Eivind Eklund]

Unforunately, the writethrough flag often don't work correctly. At least hard disk manufacturers used to ignore it routinely in order to get better benchmarks, and those that made real high-availability systems (think telephone companies and big databases) had to order drives with special firmware.

Eivind.

Re:Revenge Blog Has Enabled Google Ads

[iezhy]

follow-up: here's the actual eBay page: http://cgi.ebay.ie/ws/eBayISAPI.dll?ViewItem&item= 6825578528 [cgi.ebay.ie] note that the actual photos were removed

Re:Revenge Blog Has Enabled Google Ads

[Korvar]

It's optional; it's also incredibly easy to set up. He could have simply set Google Ads up to see what happened when he clicked on that button. Certainly I did. I'm still trying to decide where to spend the 24p I've made so far :)

Now in the hands of the police

[Zog The Undeniable]

According to The Register [theregister.co.uk], the Metropolitan Police have received a complaint about "improper use of communications networks" and are investigating. Whether the complaint was made by the eBay seller, we don't know. There's also an amusing-in-a-schadenfreude-way article in the (right wing scandal rag) Daily Mail [dailymail.co.uk] today, where someone else claims to have been shafted by the seller on eBay.

Re:Has this guy got much legal defence?

[WWWWolf]

Wouldn't that mean the hard drive & its contents are now owned by the guy who bought it, and its up to him what he wants to do to it?

He sold him a physical copy of the data, and didn't actually make a contract that would specifically transfer any rights to it, or allow it to be reused.

The seller's copyright on the data definitely remains, at least.

If you bought a desktop machine from a famous musician and noted "oh wow, the guy's Protools directory is still here, let's make a remix - oh, what the hell, let's just sell the song as it was famously performed and let the world know I'm the new owner of this song", guess what would happen?

LIBEL is FALSE allegations

[MosesJones]

If its true then its NEVER LIBEL. Calling Jeffery Archer a liar and a criminal may damage his reputation but that is okay because its true and has been proven in a court of law.

So if this bloke did sell a broken laptop and did have all this content on there, then the only question would be invasion of privacy, which is a civil not a criminal matter.

Re:How to make sure your data is not readable

[TractorBarry]

Where I work our machines are leased and when it's time to have them replaced then, before returning them, I always wipe the drive by using a Knoppix CD.

To do this simply boot from the Knoppix CD, open a terminal and issue the following command:

shred -vz -n 30 /dev/hda

Then it's just a metter of leaving the machine to it (this can take quite a while depending on the machines power)

Repeat as necessary for the number of drives in the box.

Of course the data may still be recoverable but this method's "good enough" for my purposes. It's also 100% more effort than most of the other people I work with use !

Re:Truth not always a defense

[igb]

When Liberace sued the Daily Mail over Cassandra's column, which implied that Liberace was gay, homosexuality was still illegal in the UK. The Daily Mail didn't run a justification defence: they argued that the words complained of did not accuse Liberace of a crime. They lost, but not for the reasons you suggest. If I could be bothered I'd fish a book I have about the case out and correct the Wikipedia article.

Re:CFNM

[baadger]

And someone would have had the decency to write a FAQ about it. ..and these days people write a Wikipedia article [wikipedia.org] about it.

Re:Sector encryption

[Professor_UNIX]

Wiping with all zeroes is a bad way to scrub a disk. You need to use different patterns each pass through at least, but random data would be much better. As for encryption speed.. I use the FileVault (128-bit AES) built into MacOS X on my Powerbook and I don't notice any performance difference unless that damn Spotlight search engine update is running at the time, but it's slow even if I wasn't running an encrypted filesystem.

Re: For your viewing pleasure...

[Anonymous Coward]

Wikipedia article [wikipedia.org]

Re:Wisdom foolows, pay attention!

[pthisis]

the photos the laptop buyer uploaded allege that the seller is homosexual or at least bisexual. In the Holocaust, same-sex people were the third largest minority group persecuted by the nazi (after jews and gipsy)

Not to denigrate any group, simply to ensure that others are not forgotten:

Jews were the largest group persecuted, followed in order by Catholics, Poles, Serbs, the disabled, Roma/Sinti ("gypsy), Freemasons, Communists, homosexuals, and Jehovah's Witnesses. That's assuming you don't include millions of Slavic and Soviet citizens and POWs killed as persecutions per se.