Data Recovery, recovering Hard Drive data, RAID data recovery

After-Hours Emergency Service (647) 448-5302

How Encryption Can Make Data Recovery Harder

glowing lock symbol on circuit board

These days, everyone seems to be concerned with protecting sensitive information from prying eyes. For that reason, encryption software has grown in popularity. However, not everything needs to be that secure. In addition, encryption can make it harder to recover lost data when your hard drive crashes or your laptop takes a fall.

 

What Encryption Does to Your Files

Encryption is a process that transforms and disguises data so that it can only be read by those with the right code or password. In theory, this seems like a good idea. However, when you use encryption, it actually alters the data rather than just hiding it. When you need data recovered from a hard drive, USB, or other device that has been encrypted, the data can be recovered but you will not be able to read the recovered data without the password or the key file that was created with the encryption software.

 

Self-Encrypting Devices

Many hard drives and solid state drives (SSD) are self-encrypting devices (SED), which means that they have a controller chip that automatically encrypts and decrypts all of the device’s data. The problem with SEDs is that there are no decryption methods. If the drive experiences physical damage, the data is lost.

 

If you work in an industry that handles sensitive financial data or has other information that needs to be protected, encryption may be a necessity. If that is the case, be sure to:

  • Back up your data regularly
  • Create a key file and store it in a secure location
  • Record all usernames and passwords in a secure location
  • Use encryption software rather than a SED

Taking the above precautions can help you avoid losing your data.

 

Even if you’re dealing with encrypted data, data recovery can be achieved! At Memofix Data Recovery Services, we have regularly recovered data that was encrypted with Bitlocker, PPG, Safeboot, SafeGuard, SecureDoc, EFS, and other software encryption programs. Contact us today to see how we can help you.

How to Protect Your Hard Drive from Damage

someone holding a hard drive in hand

If you’ve ever experienced a hard drive crashing before, you know how devastating it can be to not know whether your data is lost or can be recovered. In order to help you avoid this traumatizing experience, we’ve outlined a few things you can do that will help prevent damage to your hard drive.

 

Purchasing Considerations

When purchasing a new hard drive, there are a few choices you can make that can help increase the life of your hard drive. Before buying, make sure that you:

  • Choose a solid state drive (SSD): SSDs are more likely to save your data in the event of a crash because they distribute data across multiple memory chips. However, it can be harder—and more expensive—to recover the data with these types of drives.
  • Do not buy used: Most used hard drives are typically older. When you use an older hard drive, they are much more likely to fail sooner.
  • Research the history of a model: If a model is brand new, steer clear. Bad models will generally be discontinued after a few years. In addition, models that have been around for a few years will most likely have addressed any bugs or issues. A model that has been around for a while and has been tested is your best bet.

If you take care to do the above before purchasing, you’ll be less likely to experience problems.

 

Preventive Measures

If you already own a hard drive and are looking to prolong its life, there are a few things you can do to help keep it in working condition as long as possible. Keep it protected by taking the following actions:

  • Separate user data from OS installation: Before you begin using a computer or laptop, make sure to put the OS installation onto a different drive than the user’s home directories. Your device will be less likely to crash because the drive that has the OS installed on it will experience less reading/writing.
  • Protect it from surges: Prevent damage from electrical surges by using a UPS (uninterruptible power supply) or surge suppressor. If the power source is left vulnerable to interruption, you could risk damage to your hard drive, any open files, or the file system. While you may think this is common sense, you would be surprised at the number of people that don’t take this precaution.
  • Make sure it’s well ventilated: Without the proper ventilation, your system is prone to overheat. For this reason, you should keep your devices out of tight spaces and make sure the fans are functional. For extra protection, consider adding an additional fan, if possible.
  • Use an antivirus program: Not only should you install an antivirus program on your computer, but make sure to regularly run scans and keep it updated.
  • Be careful when moving your device: You should always be careful whenever you decide to move your device. Make sure to turn it off and wait until the hard drive has had a chance to stop spinning before you pick it up. If you are using an external hard drive, take extra care not to knock it over while in use.
  • Defrag the drive: If you defrag your device on a weekly basis, you can ensure that your machine doesn’t have to work harder than it has to for optimal operation.
  • Monitor the device: You can use the Windows chkdsk program to check for any errors that the hard drive may have. In addition, you can download an application that can monitor the condition of your hard drive and send you alerts when there is a problem.

By taking the proper precautions, you can ensure that your hard drive has a much longer life.

 

Experiencing issues with your hard drive? Memofix Data Recovery Services can help! We can recover data when other companies choose to throw in the towel. Create a case today to obtain a free diagnostic evaluation. We’ll provide you with a no-obligation quote based on the severity of your situation.

Recovering Unrecognized SD and microSD cards

SD cards and microSD cards are flash-based storage devices used extensively in cameras and phones. You can see the size difference between a microSD card and a full size SD card in the two pictures below.

SD card data recovery micro SD card data recovery

 

 

 

 

 

 

 

 

 

Both SD and microSD cards are functionally the same as USB flash drives. Both share similar components including a memory chip(s) and a controller chip to manage the memory device(s). Below is an example of a typical SD card showing both sides of the device with the plastic casing removed. On the left hand side picture you can see two larger memory chips and a smaller black controller chip.

SD card memory chips
Non-monolithic SD Card

SD card circuit side

 

 

 

 

 

 

 

 

 

SD cards can be manufactured as a device comprised of the individual components (memory and controller) like the example above OR they can be manufactured as a monolithic device like the picture below. ALL microSD cards are monolithic devices.

A monolithic device has the controller, memory chips and any other discrete components, combined and built into a single chip or device. It is one piece so you cannot break a monolithic device down into discrete components. To the eye, a monolithic device appears as just a piece of black plastic like the examples below.

microSD card data recovery
Monolithic MicroSD Card

microSD card monolithic

 

 

 

 

 

 

 

 

 

When monolithic or non-monolithic  devices become dead, inaccessible or unrecognized, they require different methods to recover the data.

With non-monolithic devices we can remove the individual memory chips and read the raw data using a standalone chip reader. However, the raw data is “very raw” and still requires extensive analysis to determine the layout of the data and customized software to put the pieces back together into a useable format. Even a flash device with one memory chip requires this rebuilding of the raw data. Some of this complexity is a result of a technique used by flash called “wear leveling” where the device tries to use all the memory cells equally so that no particular memory cell becomes worn out sooner than its neighbours. As a result, many of the storage cells will appear to have copies of the same data, but a closer inspection reveals the contents are older versions of the data waiting to be re-used with new data. Consequently, we must use the raw contents of the device to determine how it all fits together. It is somewhat like a giant jigsaw puzzle.

With a monolithic device, we cannot remove the memory chip(s) as they are all part of the same package. In these situations, we need to remove the plastic coating from the device so that we can visually see and map out the circuitry (see the photo to the right).

monolithic circuit board
coating removed

Then we need to determine how we can connect to this existing circuitry in order to gain access to the memory contents. Some connections for previously discovered microSD cards are shared and available to professional data recovery companies using a web-based database.

However, if the database does not contain details on the “to be recovered” device, the entire mapping out process can be quite tedious and can take anywhere from a 5 days to 5 weeks. Once the circuitry layout has been determined, we can use that information for future data recoveries from the exact same device. The bad news is that very few SD or microSD cards will share the exact same layout.

reading a monolith IC
Monolithic Adapter PCB

 

Having determined where we need to connect to the device, we now must tediously solder wires from the adapter board to the device. Then we are able to use a chip reader to connect to the adapter and read off the memory contents. Finally, we need to figure out the data layout as we do with the non-monolithic devices and ultimately recover the data. To the left is a picture showing our connections to access the memory devices on a monolithic SD card.

 

 

 

Our typical fees for recovering data from unrecognized SD cards that are non-monolithic range from $400-$800.

Unfortunately due to the massive amount of work required, our fees for recovering data from an unrecognized monolithic SD card or microSD card are even higher. Expect fees in the range of $700-$2500.  depending on whether we have existing layout information for your particular device.

As always, our evaluations are free and our work is guaranteed to make you happy or you don’t have to pay a nickel. To send us a new case now, please click here.

 

 

 

 

FREE Pickup Service for the Toronto GTA

 

Do you live in the Toronto GTA and don’t have the time to package, ship or deliver your hard drive or other storage device to Memofix?  We can help!

Starting September 1st, 2016 Memofix will begin offering a free pickup service for data recovery cases originating in the Toronto GTA. Initially this service will cover, Brampton, Mississauga, Oakville, Richmond Hill, Markham, Vaughan, Scarborough, North York, Etobicoke and the rest of Toronto. 

Memofix_Delivery

Our professional driver can arrive at your home or place of business within a predetermined 4 hour window between 9am-4pm Monday through Friday. Our driver can also provide free packaging to ensure no further damage is done to your device as it travels to our data recovery lab.

Requesting this new pickup service is very easy. When creating a new data recovery case you can simply choose to have your hard drive or other storage device picked up. You will need to confirm the pickup address, contact phone number and a 4 hour window when you will be available to meet our driver. You can even add special instructions, ie. meet me in the lobby of my office building.

Are you outside the Toronto GTA?  … Memofix has plans in the coming months to roll out our unique pickup service to other major and not so major city centres across Canada, so stay tuned for updates.

 

 

 

Looking for a Hero?

Memofix Data Recovery Services, a division of Memofix Hitech Services Inc. is looking for a talented data recovery specialist to fill a permanent position at our data recovery lab in Concord, Ontario. If you have a passion for problem solving, an unquenchable lust for knowledge and really enjoy helping people and businesses recover their irreplaceable data, we may have a home for you.

As a data recovery technician, you will join our team of proven data recovery professionals in our quest to become the most technically capable data recovery service company in the world. To become the greatest, we are looking for experts in many areas. We need skilled hard drive surgeons experienced in resuscitating damaged and crashed hard drives. We need PC3000 masters with in-depth knowledge of hard drive system areas (secret OS of the hard drive). And we need file system specialists with an intricate understanding of the various operating systems as well as a thorough understanding of RAID variations and rebuilding techniques.

If you have post secondary education in computers and 2 or more years of experience in the areas listed below, we want to talk to you;

  • Diagnosing and identifying hard drive problems.
  • Diagnosing and repairing of defective hard drive PCBs including NVRAM transfers.
  • Identifying defective heads and replacement techniques in a cleanroom environment.
  • Dealing with seized spindle motors.
  • Transplanting of disks into a new body and motor.
  • Using the PC3000, Data Extractor and other specialized hard drive tools.
  • Specialized techniques such as individual head imaging.
  • Performing hard drive hot swaps with a system area compatible donor drive and PCB.
  • Identifying, repairing and rebuilding file system structure damage in FAT, NTFS, MAC and Linux type operating systems.
  • Identifying striping schemes and pertinent parameters in various flavors of RAID.
  • Repairing and Rebuilding RAID arrays physically and virtually using various software tools.

Memofix offers competitive salaries, equal opportunities, a full benefits package, and a wonderful work environment for all of our employees.

If you have the skills, aptitude, and desire to join a team dedicated to becoming the best at recovering the world’s data, please send your resume to me at davidf@memofix.com.  Please reference “Hero Ad” in your email subject  line.

 

 

Canada’s Astronaut Chooses Memofix!

canadian data recoveryLast month we received a crashed 2.5″ 2TB Western Digital hard drive for recovery. We see a lot of these drives but this one was special as it came from one of Canada’s most famous explorers of space .. Chris Hadfield … Canada’s Astronaut!

Chris has a team of support people who help him make decisions and complete his various obligations. When Chris’ hard drive died, his team began reviewing and researching where to send it for data recovery. They contacted a number of their top choices but ultimately chose Memofix Data Recovery Services.

We think they made a wise decision and considering the great 5 star review he gave us, he must have too.

 

Thanks Chris, your praise and recommendation are very much appreciated.

MELTED DATA

Almost every month someone in Canada sends a hard drive that has been involved in a house fire. They often resemble burnt bricks like the picture below of a drive we recently received from a client in London, Ontario.  None of our techs were in a hurry to get their hands dirty, but as terrible as these situations look, there is often an easy recovery lurking just under the mess!

data recovery

Plastic melts easily and this external hard drive is in-cased in plastic like a pair of jeans on a teenager in the 80’s.
data recovery

 

But with a little invasive surgery we are able to free the hard drive from its prison.

But will the prisoner be able to talk?

As we have discussed various times in this blog, it is the condition of the disks that will ultimately decide if we can make this hard drive talk again. So let’s open the bonnet and have a peak under the hood …

 

 

WOW! It looks pristine. Notice the lack of any contamination due to the fire or the liquids used to douse it. We proceeded to perform a full recovery on this case by replacing only the PCB

 

 

 

 

Below is another fire victim from a client in Montreal, Quebec which was not in such great shape when we opened the lid.  In fact, it may not be recoverable  … but we’ll never know for sure as the client declined our quote.

As a general rule for data recovery purposes, fire damaged drives are not typically unrecoverable due to the heat and smoke of the fire, BUT more often, it is the excessive use of firefighting liquids that do the damage, especially if they are allowed to dry out. The drying out leaves mineral and other debris deposits on the disks which are tough to overcome.

 

 

 

And here is a look of what happens when someone applies power to a fire damaged hard drive that has had the sealed assembly breached. You can see the deep ring on the inside of the disk where the heads are. This disk drive will NOT be recoverable.

 

 

 

So if you have a sad looking case of melted data don’t give up hope, data recovery may be as easy as a PCB replacement.

 

Join us at the Canadian Imaging Conference and Trade Show

 

Memofix Data Recovery Services will be an exhibitor at the upcoming 2015 Canadian Imaging Conference and Trade Show in Niagara Falls, Ontario on April 26th and 27th. Please feel free to be our guest at this event by printing and presenting the Trade Show Pass shown below.

 

This trade show is put on by the PPOC or Professional Photographers of Canada and is part of a 4 day conference aimed at the professional photographer and imaging professional. The conference offers various educational seminars hosted by 19 well respected industry experts and is aimed at improving your artistic and technical imaging skills.

Memofix Data Recovery Services has extensive experience recovering data for professional photographers and videographers. We routinely recover data from all types of camera memory cards, as well as external hard drives, NAS devices, LTO tape and RAID storage devices. If you’ve lost your valuable photos or video, we can help.