Vindicated

The largest PC manufacture, Dell, has hundreds of little Dell Direct Stores (actually their Kiosk) located in malls across the country. They been really successful and a few friends of mine are former employees. When they would get off work we'd all gather and drink and of course share stories. Since there was about 4 of them who worked for Dell in the malls, the conversations were usually work related. I'd always here them talk about how they ripped someone off or how their lead (manager) ripped of an old lady and was boosting to her district manager. At least once a day someone would sell a $3,000 gaming system to an elderly or dim-witted customer who wanted to lightly surf the internet. It was a big laugh between my friends. Someone comes to the kiosk and says they want a cheap basic system, but the sales people would get them to finance the system (often with a credit limit of over $5,000) and would lie and basically trick the person by talking about "low monthly payments of $80" or a "basic to midrange PC." Some of the PCs would get canceled, but many wouldn't. And customers only had 21 days to cancel and would have to pay high shipping charges & 15% restocking fees if the pc was just to much for them or if they simply had a change of heart. Its not just the salespeople either. Their pressured to do it. Those who don't "Sell Like Dell" very quickly find themselves out of a job. And that's exactly what happened to one of my friends. My friend make the highest sales in his areas, but management didn't like his selling style. He was to use only key marketing phrases and push particular products, called bundled. Basically anything you see in the back of a magazine or dell ad was considered to low of a profit they you would get in trouble for selling them. You were required to turn the sale and get people to buy the pre-approved over priced bundles. So when my friend got fired for not selling like dell he got pissed and ranted about it on his myspace. He even went to go so far as to post a screen shot of the weekly conference call call details. Giving anyone who views his myspace blog the time, phone number, and security code to login to the nation dell sales call. I've been on one conference, most of the people put the phones on mute and the call in from cell phones or mall phones so Dell can't possible manage or detect who is who. And the dell stores have an insanely high turn over rate (actually it's a high rate of employee terminations because no one manages to quite.. they get terminated the second their performance drops or word gets out their looking for a new job) so basically no way for you to get detected on the call. My question for you guys is... should this information be kept a secret or should it get posted on digg? Check it out and you tell me... no where in the email does it actually state the call is confidential or its for dell employees only. In fact it was sent to the employee 4 months after he was terminated. Link to Photo:

Well thats just it. The first thing that came to mind was, Oh I bet IE stores that stuff somewhere, but like you I didn't know where. And regardless of what you think of MS or windows, I doubt their that dumb to archive passwords in any kind of plain text file. So I googled around and found this: Any other ideas? Yes I can get email documents, and those can have sensitive information. But as for credit card info and SS on banks, I'm thinking the data is not getting saved on your PC and stricktly being sent to the sever's hard drive (128-encypted of course).

One of my buddies called me up and said a virus wiped his system clean and if I could recover his files. I got a hold of his drive, mounted it, and used EasyRecovery Pro to do the data recovery one it. I got gobs of files on it. 90% of his music collection, tons of word documents, and other misc files. I used a filter so I'd only get the file extentions of what I wanted. Some stuff was currupted and unrecoverable as expected, but I got most of what I was looking for. Then it got me thinking... where are all those social security numbers and passwords everyone keeps talking about that is so easy to get once a hacker has your hard drive. I looked and looked but couldn't find anything. Not that I care to have his social, but from all the security talk I keep hearing, I'd like to be able to find some dirt. If only to show my buddy and say hey look this is whats on your PC. This is what can be recovered if you don't zero-fill your drive. And as a demonstration to myself so I know how vunerable I really am. If I can't find any dirt, if all the passwords are encrypted and gone like I imagain, and would only be recoverable if a user was dumb enough to have all the personal information saved on a text document... then I have to ask... is this just one of those Hacker Mythes? Just another over blown scare tactic? Assuming I just formated my system and reinstalled XP then sold the computer... what really, honestly, could a someone get from my drive -- aside from my college homework essays and porn collection?

Hey guys. You'll probably notice this is my first post on this board. I just started watching Hak.5. What a kickass show. Makes me miss TechTV. Well getting on with the poster's question... As you mentioned you already know a fair amount of computers. If you want to get serious I recomend picking up the book Upgrading and Repairing PCs by Scott Mueller. It's in its 16th edition and will teach you amazing things about hardware. Then get your hands on an A+ training manual. Even A+ Certification for Dummies is a good enough book. Once you know hardware and networking start focusing on the Security+ certification. Mike Meyers' Security+ Certification Passport is a good book to read on the subject. Then when you got those under your belt and want to become a true "hacker" prepare yourself for the Ethical Hacker Certification. You will have a lot of text books and maybe even take a few online classes. Things you'll have to master include: information gathering, objections & types of scanning, the different methods to crack passwords, tools & uses of steganography, and of course the law pertaining to this field so you know what you can and can't do. While you can probably skip ahead and start taking a bunch of Ethical Hacker Cert prep courses and learn a few things that way. It's a lot smarter to go through the different stages and learn right.