White House Says Hard Drives Were Destroyed

wanderindiana brings us an update on the White House missing emails mess, which we have discussed before. It seems the hard drives of many White House computers are gone beyond the possibility of recovery. Is it unusual in your experience for, say, a corporate IT department to destroy hard drives by policy? "Older White House computer hard drives have been destroyed, the White House disclosed to a federal court Friday in a controversy over millions of possibly missing e-mails from 2003 to 2005. The White House revealed new information about how it handles its computers in an effort to persuade a federal magistrate it would be fruitless to undertake an e-mail recovery plan that the court proposed."

Awesome!

[WilyCoder]

Awesome! Now arrest them for obstruction of Justice.

Heads MUST roll!

[Tastecicles]

Destruction of GOVERNMENT PROPERTY, including OFFICIAL DOCUMENTS, which these emails clearly are, is a criminal offence in the UK and a Federal offence in the US. Someone pressed that button. That someone must be prosecuted to the fullest extent of the Law and made an EXAMPLE OF. So must whoever told him to press that button.

On a related note, I've heard absolutely nothing back from my written enquiry to the HMRC office here in Notitngham as to what of MY personal data is on the missing laptops and the missing CDROMs, with an else for prosecution for professional neglect.

Re:No it is not usual

[samurphy21]

Is it unusual in your experience for, say, a corporate IT department to destroy hard drives by policy?

During my employ as a contractor with the Canadian Department of National Defence, it was standard for decomissioned (read: hellishly outdated) systems to be stripped of RAM and HD, by policy, before being sold off as a lot as surplus/scrap. The RAM and HD would then be sent to an industrial grade metal shredder at a larger nearby base for destruction.

Granted, this was for workstation systems where no personal or private data was to be stored. Again, by policy. I'm unsure what the policy would be for servers where email was stored. Probably still destroy the physical hard drive, but the final backup tapes are more than likely to be kept under lock and key for eternity.

We don't destroy hard drives...

[Stormin]

But we don't throw them out, either. Where I work, all of the old equipment is sent to a company owned warehouse, because someone figured out the cost of just storing all of this equipment is lower than the cost of paying someone to recycle it (and then taking the risk that they pull confidential information off the machines.) And we have the desktops locked down, so there isn't even much interesting content on the drives.

I suppose it's possible that the white house destroys them because they have a way to do so. But if they were really archiving emails on the individual desktops, that's a huge problem in and of itself.

SNL Pathological Liar

[bmo]

Hey! where have we seen this excuse before?

Smashing hard disks pisses off judges, and they write things like this:

http://www.groklaw.net/articlebasic.php?story=20041021131512626 [groklaw.net]

113. Late in the evening of April 29, 1997, Merkey returned a laptop computer to Novell. Upon inspection Novell discovered that the hard drive in the computer was smashed. That same computer and hard drive were offered as an exhibit and the court has personally inspected the computer.

114. The hard drive of the laptop is a modular unit, easily removable from the computer.

115. At trial the hard drive was removed and inspected by the court. It had the appearance of having been smashed with several blows from a hard object like a hammer.

116. Merkey has offered no less than four different explanations of how the hard drive came to be smashed, pointing most of the blame to his children.

117. One of his explanations is that he was so angry at the replevin that he threw the computer at Novell's door when he returned it. This explanation does not fly (like the computer allegedly did) for neither the computer carrying case nor the laptop bear any evidence of physical abuse or damage, though the hard drive, which ordinarily is mounted within the plastic shell of the computer, clearly has been smashed.

The dog ate it! No, my KIDS smashed it...no...IT IS WHITE HOUSE POLICY! (Jon Lovitz Voice) Yeah, That's the ticket!

--
BMO

Wikileaks reward

[mcelrath]

I think it's time for some leaks, and some incentives for leakers. Someone on the IT stuff must know what happened, how, and why, and I'd bet they have the documentation to prove it, if not the emails themselves.

It's time such people did their patriotic duty, and come forward with what they know. Wikileaks.org exists now and is a great place to post such information anonymously. Will someone set up a reward fund for information leading to the conviction of the persons responsible for destroying records?

Please, I beg you, save us from these criminals, and the criminals that will be encouraged to follow if they are allowed to get away with this. If ever your country needed you, it is now.

Re: Back in the BBS days.

[myspace-cn]

I don't know about Banking, but just plain old back from the bbs days, back in the DOS days, I have every single piece of mail still to this very day.

That goes way past anything this treasonous administration apparently has. We used to talk about things like grinding harddrives down into sand and storing the sand for 50 years in a vault. I never lost data once over all these years. Not once. Accidentally pop a partition, start recovering. Boom everything back. The only thing that ever got lost was the CURRENT document that was running before the power was shut off. Backup supply's wasn't as common as you can get them now.

The problem with saying the IT staff at the whitehouse was either a, or b, is the same problem we have in wondering if states that buy electronic voting machines were either a.) incompetent or b.) Corrupt. It way past time to be wondering.

In the case of electronic voting machines is is CORRUPTION. we don't even say a or b anymore. They have long since had a chance to wise up. If they still are purchasing these rigged boxes, then we know they are corrupt. It's that simple.

With all the crimes and lies coming out of this administration, it's corruption. That's what it is. They can say it's incompetence all day until the cows come home, then have their fascist media air it as truth on the fascist news, until the American people believe the lie. But it's just another lie, and some poor fuckin IT guy will loose his job, and get blamed, instead of some high level corrupt piece of shit official being stripped of his security clearance, and being tossed in Levenworth.

The other thing is usually when the Whitehouse says something the opposite is true. We need to physically look at those machines, they're probably bluffing, and the more they use those machines, the less chance (if they were formatted) that we get information back.

TAKE THE MACHINES AWAY FROM THE CRIMINALS, LOOK AT THEM, FIND OUT.

Not really the point

[Gription]

The IT staff either is malicious or highly incompetent.

Or following orders.

They were almost certainly following policy. The complaint here is that the data is missing/destroyed. The data is supposed to be retained by a backup solution. The hard drives are only a 'working area'. Sure the data is stored there while someone is actively using the computer but as soon as it leaves the person's desk it is now a security risk.

The drives should be thoroughly wiped and then recycled or destroyed. That is good IT policy. I run the IT hardware division for my company that supplies and supports customer's computers. When any computer is repaired or replaced the old drive is dated, put into secure storage for a minimum of 30 days, and then DOD wiped, and then recycled or physically destroyed. (The magnets are really good for hanging things on cubical walls.)

The reason our drives are 'aged' for 30 days is because we can't trust our customers to have a good backup. (or ANY backup...) The White House shouldn't have any issues with their backups so they have no reason to retain the drives. This brings us back to the backup question. The rule for a really secure backup methodology is, "Multiple methods of backup, and multiple media". About 10 years ago I saw an article in a trade journal (InfoWorld?) that quoted the statistic that after a catastrophic data loss, 15% of the time the backup method itself is found to be flawed. Having 2 methods of backup would reduce the chance of an unrecoverable flaw to 2.25% which is much more acceptable.

The solution to the White House problem is the judicious use of pink slips. Fire any one who bowed to pressure and allowed this to happen. (or was incompetent enough to allow a flawed backup scheme...)

Re:No it is not usual

[KiloByte]

After the president admitting to a felony against the FISA? After the administration ordering evidence to be falsified to have a casus belli against enemies of their Saudi friends?

The last few US administrations, both Democleptopopulist and Repunepotiauthoritarian, criminal? Who wuda thunk it?

My take....

[Anonymous Coward]

1. Yes it is our policy to destroy hard drives before disposal. 2. Why is it possible, in the white house of all places, for emails to only be present on client computers, be it laptops or desktop? Ridiculous

Re:Been there done that

[Esperi]

Thanks for that paragraph DnemoniX. Lots of people seem to be mistaking destruction of data with descruction of mechanical drive. I can understand the need to destroy, rather than keep data if that data is unimportant. Government emails can hardly be classified as unimportant however. Keeping them for 10* years after an Administration has left office can't be that big a deal can it?

*Random number but you get my point. In the UK our data retention laws are much stricter. UK telecom companies keep data from mobile and telephone lines for 12 months on all customers (this is the same in most EU countries, compliance with the EU directive is between 6mnths-2years). The UK's Financial Services Authority requires all financial records to be kept for at least 3 years, emails for 6 years, and records of pensions transfers indefinitely. I'm sure the US government has the means to keep a few emails from being destroyed.

Re:Privacy? On Government networks?

[penix1]

Why wouldn't these people do their planning outside of the government network, using email with encryption (PGP)? All of them could easily create Yahoo or Google accounts, or they could even create their own little domain name with their own server and run it all with encryption. Then we wouldn't even be having this conversation.

That's exactly why we are having this conversation because Cheney et. al. did exactly that. They used outside email servers against the law and got caught. They were using the RNC servers and when handed a subpoena for their email claimed it was all lost. It turns out they weren't all lost much to the chagrin of the administration.

http://www.washingtonpost.com/wp-dyn/content/article/2007/04/04/AR2007040402404.html [washingtonpost.com]

http://oversight.house.gov/story.asp?ID=1362 [house.gov]

Of course, nobody will be punished in the least for violating The Presidential Records Act.

Re:Not really the point

[Zooperman]

In a corporate environment that may be good IT policy... but in a government body, communications between individuals or departments are by definition the property of the people of the United States. Those communications should NOT be destroyed, now or ever. Once the current administration leaves office they should be transferred to the National Archives (unless deemed classified); just as the documents, tapes and videos of previous administrations were handled. There may have been incompetence involved, but at the very least this raises questions about accountability and suggests a cover-up; and the tinfoil hat-wearers out there already have enough conspiracy theory ammunition to last for the next 100 years as it is.

Re:Uh...it was 18-and-a half minutes

[Comen]

Sure accidents happen, even in the White House, I am sure.
But its a matter of coincidences here, the emails that were needed in this investigation are missing, that could happen, but the percentage of the exact data that was needed has gone missing would be very low, unless you just happened to mess up all the time, lets just says its maybe 2%, MAYBE, I would hope that in the White House it would be on the low side.
Now given this Presidents reputation so far, and the events that seem to just happen right when they need them to happen for his aministration to not get in to trouble, if you still belive this is not a simple criminal act, you sir would be the perfect example of the gullible people here in the US that scare me to death.
In fact, I find it funny here on /. that we discuss how some policy's in some companies etc, do destroy their hard drives, I am sure they do, but this is what happens when nerds discuss these things, we tend to over state 100 times about how hard drives do get destroyed by policy, and not talk about the fact that no one in thier right mind would believe it was really a accident, period.
So either you are just gullible as Gomer Pile, or you might just not want to believe this is true, maybe cause you were 1 of the people I used to laugh at with W04 sticker on their car, that seemed to have totally disapeared in the last 4 years (every once in awhile I still see one and through a egg at them), and that would mean that maybe you are somehow to blame for some of this mess we have gotten in to?

Canadian government policy

[KanadaKid19]

I once worked as a technician at a local electronics retail and service centre, in a town I'm sure is hundreds of kilometres away from any sort of industrial metal shredders. We had contracts to provide service for government-linked organizations, and it was policy then to physically drill holes clear through any decommissioned hard drives (often at the expense of voiding what would have been a warranty replacement), and sending photographs of the drive back to a supervisor to confirm the incident occurred.

Re:A way to check...

[SL Baur]

Name the last independent President.

William Howard Taft http://www.whitehouse.gov/history/presidents/wt27.html [whitehouse.gov]

Dumped by his handlers when he refused to be a typical President and was replaced by Woody Wilson who blessed us with the Federal Income Tax, the Federal Reserve and after running as "The President who kept us out of war", gave us World War I.

It's very sad that we have to go back a hundred years to find an honest President and I guess that proves your point.

Re:No it is not usual

[tomhudson]

Why the hell would you destroy RAM? Hard drives I can understand but any data in RAM is going to be gone after a few seconds of power being off.

This is the *Canadian* Department of National Defense. You can consider the pine cones and pebbles used as RAM in their "older computers" to be the equivalent of today's static ram.

Okay - the real reason? The contractor who was supposed to destroy the ram probably just "recycled" it. Remember - this is back when a 16 meg chip would cost hundreds of dollars - stripping off the labels and selling it at a discount would be VERY profitable - I know one guy who was an employee of Nortel who was doing the same thing with boards that were supposed to be sent to the crusher. He stripped the ram off first, then crushed the boards.

Re:Not really the point

[mikael]

According to the LA Times, the Republican party in Washington had two separate E-mail systems - one for party communications, and another for government communications. This setup was implemented to avoid charges of using government money for political campaigns, except now they are being accused of using the private network to avoid federal record and disclosure rules.

GOP-issued laptops now a White House headache [latimes.com]

Privacy Act

[Anonymous Coward]

There is a very good reason for destroying the hard drives of old government computers before disposing of them, and it is similar to the reason I destroy the hard drives of my own old computers before disposing of them. I destroy my old hard drives because they are loaded with personal information: addresses, bank & credit card statements, etc.

The Privacy Act lays out very strict guidelines for preventing the accidental disclosure of personal information, especially social security numbers. It does not specify particular methods (such as destroying hard drives), but it is clear that even the slightest risk of exposure must be avoided. I once was working at an organisation where an external USB hard drive used for file transfers between separate networks and for short-term backups went missing. Nobody knew for sure which files were on it at the time that it went missing, so we had to assume that it contained information protected under the Privacy Act. The nightmare of Privacy Act-mandated paperwork that followed lasted for months and probably ruined at least one career. We basically had to tell a bunch of people, "Your personal information may or may not have been compromised, but we really don't know for sure." Destroying the hard drives is pretty much the only way to achieve the 100% certainty required that no personal information could possibly be exposed.

emails will rise again

[Philla Buster]

In 1996, President Clinton enacted a computer reutilization act for all government property. If any item is deemed 'Educationally Useful' it is required to be made available to public schools and not-for-profits as a donation. Any items not picked up by schools or the like, are then made available by the pallet in a open auction. Whatever is left over is considered scrap and sent off for demanufacturing. Now before any of this equipment can be passed on to non-federal hands, it must be cleansed using the Dept. of Defense approved sanitization method dictated by NIST. Basically meaning it has to be wiped using the DoD algorithm, or if the equipment is non-functional it has to be degaussed, pulverized, shredded or the like depending on the type of item. Of course each Department and branch of government determine their own upgrade time frames based on budgets, projects, etc...like any other IT shop. And 3-4 years is about the average time frame in my experience most hardware is upgraded (and probably assumed given a 4 year Presidency, although the dates overlap his re-election). However, there is no chance that this data has magically disappeared because of this process unless it was setup to do so. And even then, you'd have to intentionally get rid of all email recipients local machines, their archives, PST files, etc...and then do the same to the entire server array AND the backup solution. And then you're also telling us the White House has no disaster recovery solution? No COOP plan, site, bank of servers that are cloned?

Re:2000 version of the Nixon tapes

[TheGavster]

What do military codes have to do with the acts of our elected officials? Consider the following example correspondence:

"Send the troops into Laos, authorization code XKSD230923"

The bit the people have the right to know is "Send the troops into Laos"; the whole transaction shouldn't be secret just because there happens to be some sort of secret authentication token in the same sentence.

Re:Not really the point

[macdaddy]

Dinging the white house IT department for this isn't good. Heck, dinging Bush isn't necessarily a good idea. I've met some of the higher ups - and computer knowledge isn't their high point.

Horseshit. Criminal charges should be filed against all involved and that includes the IT Department. All higher-ups used RNC computers for day to day business. It wasn't a simple matter of a few people doing it. All of them did it. That's not an accident. That was a directive. All the higher-ups should be held accountable. IT had to have known that their were non-governmental computers on the premises and were used for day to day functions. IT knows everything; they always have and always will (which is why they have very high security clearances due to the nature of the information on the computers they have to service and people they have to support). They, and all other Americans, are required to report illegal activity they have direct knowledge of. To not do so is a willful act and runs contrary to the law. In my dreams I want to see every single member of the administration that participated or knew about this abuse of power and the support staff that did not report it charged. It's a pipe dream I know. Still I'd like to see it.

Not just 4,000 american soldiers!

[Anonymous Coward]

What about hundreds of thousands of civilians, in the country you guys invaded and completely fucked up?

Its like Americans don't remember a fucking thing from Vietnam. The minute I heard they planned to put troops on the ground in Iraq, I predicted it would be a royal clusterfuck that would last years. And there you are, years later, everything fucked up, trillions of dollars spent, hundreds of thousands killed or maimed, and no exit strategy.

Impeaching the politicians who led you into this mess would be a good start, but what you should really do is line them up in front of the White House wall and shoot them, for treason against the United States.

Re:How they are destroyed

[Gription]

So does a simple low-level format. Unless you can cite any actual cases of data being recovered from a low-level-formatted drive that involve modern (IE *not* MFM) drives.

Had lunch last Wednesday with a guy who has a full time job recovering data from drives that are anything short of a full DOD wipe. He is a forensic computer examiner and has degrees in mathematics and in cryptography. He had a number of fascinating stories about nailing people who thought a couple complete overwrites of the drive would cover their tracks. A repeated low level format is a cake walk for him because there is no alternation of the bit pattern. The regular repeating pattern makes it easy to analyze the magnetic boundaries and recover a drive.