After a conversation with a fellow admin about how to properly wipe data from a hard drive, he decided to run a little experiment with his newly acquired dedi server.

As we suspected, it appears that all data from the previous owner of the hard drive was up for grabs just by browsing through `strings /dev/sda`.

He was able to tell the previous owner ran windows, he was able to fetch registry data, view emails, and even determine some browsing habbits of the previous owner.

Not that big of a surprise, though when you really think about it, the implications of this are rather serious:

Not only can the next owner of hard drive/server read all your data if you don’t properly wipe your hd before leaving the hosting provider, but say you move to a new server, and you don’t wipe your hd, all the old data from the previous owner is still there; if your server ever were the subject of a criminal investigation for whatever reason, any illegal material the previous owner had could easily be blamed on you, seen as deleted files.

Thus it is important to not only properly wipe the hard drive before you leave a host, but also when getting a new server.

He was kind enough to post this on the donationcoder.com forums, so all of this can be discussed here.