Information diving
Encyclopedia
Information diving is the practice of recovering technical data, sometimes confidential or secret, from discarded material. In recent times, this has chiefly been from data storage elements in discarded computer
s, most notably recoverable data remaining on hard drives. Those in charge of discarding computers usually neglect to erase the hard drive. It is often in such circumstances for an information diver to copy installed software (e.g., word processor
s, operating systems, computer games, etc.). Other data may also be available, such as credit card information
that was stored on the machine. Companies claim to be especially careful with customer data, but the number of data breaches by any type of entity (e.g., education, health care, insurance, government, ...) suggest problems for them as well.
In earlier times, the available discarded data included printed manuals and design records. In a famous case, a student, Jerry Schneider
, discovered some discarded manuals for a telephone system ordering / shipping system and was able to build a business selling 'surplus' gear ordered from the telephone company as though for an internal company department.
Today, files, letters, memos, photographs, IDs, password
s, credit card
s, and more can be found in dumpsters. Many people do not consider that sensitive information on items they discarded may be recovered. Such information, when recovered, is sometimes usable for fraud
ulent purposes (see also "identity theft
" and physical information security
) Two MIT students purchased a large number of obsolete computers at yard sales and the like and found everything from credit card information to tax return data. They published a paper, Remembrance of Things Past, documenting their discoveries.
Supposedly, information diving was more common in the 1980s due to lax security; when businesses became aware of the need for increased security in the early 1990s, sensitive documents were shredded
before being placed in dumpsters. There is still considerable Internet activity on the subject of dumpster diving
, so it is unlikely to have stopped with the widespread introduction of document shredding. Security mythology has it that curious hackers
or malicious cracker
s commonly use this technique.
Dumpster diving is commonly practiced by "watchdog
" organizations seeking information on groups they are investigating. The Trinity Foundation
successfully used this technique to report on the activities of televangelist Robert Tilton
, and has also obtained information on Benny Hinn
using this practice. It is also sometimes used by attorneys or their agents when seeking to enforce court-ordered money judgments: the judgment debtor
's trash may contain information about assets that can then be more-readily located for levying.
Computer
A computer is a programmable machine designed to sequentially and automatically carry out a sequence of arithmetic or logical operations. The particular sequence of operations can be changed readily, allowing the computer to solve more than one kind of problem...
s, most notably recoverable data remaining on hard drives. Those in charge of discarding computers usually neglect to erase the hard drive. It is often in such circumstances for an information diver to copy installed software (e.g., word processor
Word processor
A word processor is a computer application used for the production of any sort of printable material....
s, operating systems, computer games, etc.). Other data may also be available, such as credit card information
Credit card fraud
Credit card fraud is a wide-ranging term for theft and fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorized funds from an account. Credit card fraud is also...
that was stored on the machine. Companies claim to be especially careful with customer data, but the number of data breaches by any type of entity (e.g., education, health care, insurance, government, ...) suggest problems for them as well.
In earlier times, the available discarded data included printed manuals and design records. In a famous case, a student, Jerry Schneider
Jerry Schneider
Jerry N. Schneider is a social engineer and security consultant. While still in high school in 1968, Schneider started a company called "Creative Systems Enterprises" and began selling his own invented electronic communication devices. Schneider obtained parts by scavenging from Pacific Telephone...
, discovered some discarded manuals for a telephone system ordering / shipping system and was able to build a business selling 'surplus' gear ordered from the telephone company as though for an internal company department.
Today, files, letters, memos, photographs, IDs, password
Password
A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource . The password should be kept secret from those not allowed access....
s, credit card
Credit card
A credit card is a small plastic card issued to users as a system of payment. It allows its holder to buy goods and services based on the holder's promise to pay for these goods and services...
s, and more can be found in dumpsters. Many people do not consider that sensitive information on items they discarded may be recovered. Such information, when recovered, is sometimes usable for fraud
Fraud
In criminal law, a fraud is an intentional deception made for personal gain or to damage another individual; the related adjective is fraudulent. The specific legal definition varies by legal jurisdiction. Fraud is a crime, and also a civil law violation...
ulent purposes (see also "identity theft
Identity theft
Identity theft is a form of stealing another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name...
" and physical information security
Physical Information Security
Physical information security is concerned with physically protecting data and means to access that data . Many individuals and companies place importance in protecting their information from a software and/or network perspective, but fewer devote resources to protecting data physically...
) Two MIT students purchased a large number of obsolete computers at yard sales and the like and found everything from credit card information to tax return data. They published a paper, Remembrance of Things Past, documenting their discoveries.
Supposedly, information diving was more common in the 1980s due to lax security; when businesses became aware of the need for increased security in the early 1990s, sensitive documents were shredded
Paper shredder
A paper shredder is a mechanical device used to cut paper into chad, typically either strips or fine particles. Government organizations, businesses, and private individuals use shredders to destroy private, confidential, or otherwise sensitive documents...
before being placed in dumpsters. There is still considerable Internet activity on the subject of dumpster diving
Dumpster diving
Dumpster diving is the practice of sifting through commercial or residential trash to find items that have been discarded by their owners, but that may be useful to the dumpster diver.-Etymology and alternate names:...
, so it is unlikely to have stopped with the widespread introduction of document shredding. Security mythology has it that curious hackers
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
or malicious cracker
Black hat
A black hat is the villain or bad guy, especially in a western movie in which such a character would stereotypically wear a black hat in contrast to the hero's white hat, especially in black and white movies....
s commonly use this technique.
Dumpster diving is commonly practiced by "watchdog
Consumer protection
Consumer protection laws designed to ensure fair trade competition and the free flow of truthful information in the marketplace. The laws are designed to prevent businesses that engage in fraud or specified unfair practices from gaining an advantage over competitors and may provide additional...
" organizations seeking information on groups they are investigating. The Trinity Foundation
Trinity Foundation (Dallas)
The Trinity Foundation is a watchdog ministry founded by Ole Anthony in 1972 and based in Dallas, Texas .Trinity has primarily investigated televangelists such as Benny Hinn, Kenneth Copeland, Joyce Meyer, Paula White, Robert Tilton, W.V. Grant, pastor Edwin Barry Young, and the Trinity...
successfully used this technique to report on the activities of televangelist Robert Tilton
Robert Tilton
Robert Tilton is an American televangelist who achieved notoriety in the 1980s and early 1990s through his infomercial-styled religious television program Success-N-Life, which at its peak in 1991 aired in all 235 American TV markets , brought in nearly $80 million per year, and was described as...
, and has also obtained information on Benny Hinn
Benny Hinn
Toufik Benedictus "Benny" Hinn הין; born December 3, 1952) is a televangelist, best known for his regular "Miracle Crusades" – revival meeting/faith healing summits that are usually held in large stadiums in major cities, which are later broadcast worldwide on his television program, This Is Your...
using this practice. It is also sometimes used by attorneys or their agents when seeking to enforce court-ordered money judgments: the judgment debtor
Judgment debtor
Judgment Debtor, in English or American law, a person against whom a judgment ordering him to pay a sum of money has been obtained and remains unsatisfied...
's trash may contain information about assets that can then be more-readily located for levying.
See also
- Dumpster divingDumpster divingDumpster diving is the practice of sifting through commercial or residential trash to find items that have been discarded by their owners, but that may be useful to the dumpster diver.-Etymology and alternate names:...
- E-waste
- Credit card fraudCredit card fraudCredit card fraud is a wide-ranging term for theft and fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorized funds from an account. Credit card fraud is also...
- Copyright infringement of softwareCopyright infringement of softwareCopyright infringement of software=The copyright infringement of software refers to several practices which involve the unauthorized copying of computer software. Copyright infringement of this kind varies globally...
- Benjamin PellBenjamin PellBenjamin Pell is a British man who was noted for raking through the dustbins of law firms representing prominent people in search of incriminating or compromising documents that he could sell to the media....