The Hunter Biden Disk Scam

Hunter Biden image

There’s a reason no legitimate news source is covering this Hunter Biden disk scam. For the non-geeks let me point out the phrase from the article

from a copy of Hunter Biden’s abandoned laptop

From linked article

Files and data can be “lost” but nothing is truly deleted for years. Even the DOD no longer does that “secure erase” software thing anymore. With write leveling and head drift of spinning disks along with write balancing of SSD and Hybrid drives, you can never be sure of erasing anything. This is why DOD and other “secure” situations either use great big magnets, or they do what commercial companies do, drill a big hole in the drive. The more the merrier.

Drilled hard drive

Don’t be thinking something like this will do the trick either.

Big magnet

The kind of magnets for actual secure erase take a lot of power. Because you can never really be certain with the magnets some places both drill and magnetize. Others use the only proven method of erasing a drive.

Hard drive shredder

Yep! Just like a paper shredder but for hard drives.

I’ve written about security in this blog before. I also have a geek blog because I make my living being a geek.

The Copy Begats the Myth

Let me spell it out for those who haven’t connected the dots yet.

If you can never really erase a disk, you can never really copy Disk A onto Disk B and perform any meaningful forensics. Any kind of deep dive is going to pick up bits and pieces of whatever was previously on the drive. Even if the drive is supposedly “new” you can’t be certain.

Production line testing can leave stuff out there because when you “format” a drive in this day and age it defaults to “quick format” that only creates whatever is needed for the File Allocation Table information used by that format type. This isn’t the MFM drive days where you had to low level format via DOS DEBUG. Almost nobody has the patience to sit through a “full format” of a 1TB drive. Even with that, you can’t be certain stuff got erased.

So, if you want to “stage” a “forensic find” and you know they were using Windows 10 and you know the size of the drive because you have “the abandoned laptop,”

  • Purchase drive of matching size
  • Install into computer then install Windows 10
  • Copy an awful lot of nonsense files, probably old Windows 10 update files so you consume more than half of the drive
  • Now copy in the files you want found
  • Quick format the drive
  • Put back in box and have someone shrink wrap it if you want to “look” legit
  • Hand to “forensic investigator” and say, “Here, use this target, it’s brand new and clean.”
  • Have them work from a copy that was laid down on said drive.
  • Gee! Your files get found!

Why I’m Stunned

What stuns me is they admitted they were working from a copy. I don’t know of any forensics person that would agree to use a copy.

My being stunned is why no legit news sources are picking this story up. Their geeks are stunned too.

