My friend once worked at a place where the security policy was that every part of the PC including monitors was crushed and shredded. This was a financial services company, but nevertheless totally over the top.
Electronic devices keep state in all sorts of strange ways nowadays. If you have the money, the safest strategy is to shred everything rather than having to do a ton of research figuring out whether a given device needs it.
For example, lots of people don't realise how many printers are vulnerable to recovering previously printed documents. In the past, you might have just opened it up and ripped out the hard disk and memory, but nowadays with NAND and DRAM being soldered onto motherboards, do you really trust that's enough?
I recently had a Dell monitor spaz out. Even powered off and powered back on, it was somehow keeping a (corrupted) image of what it had shown when last plugged in to my laptop. It's unclear how that's possible, but others witnessed it.
Had this been during something sensitive being displayed, it might warrant shredding that particular monitor. I have no idea how long the phantom image would have lasted. An hour, a day, a year?
> I recently had a Dell monitor spaz out. Even powered off and powered back on, it was somehow keeping a (corrupted) image of what it had shown when last plugged in to my laptop. It's unclear how that's possible, but others witnessed it.
Stored in the monitor control board somewhere.
Especially in the VRR era, monitors need to buffer the image in case it needs to be redrawn, or if the transfer rate is faster than the draw rate. Which will be anytime the monitor isn't drawing at max VRR sync speed.
In finance-tech and that's the way it is for us. I once embarked on a hopeless journey to get some old laptops piled up in the IT space, for an elementary school programming club. They would not sell or donate them despite them being perfectly useful laptops, even with the drives removed. I suppose they were worried about RAM? Anyway they got ground up into landfill I guess...
There is a lot of NVRAMs in devices these days that could store potential secrets. Even things like wireless cars and internal USB devices. Another good example of this is laptops, such as Apple laptops with the SSD soldered on board.
You can either make hundreds of policies that discover where all this data is, or you make one policy that destroys everything.
So can a cat.
Is the solution, then, to crush them all, treating an imperceptible risk as a certainty?
Let's also treat all suspects as guilty until proven innocent to address even more risk! /s
For example, lots of people don't realise how many printers are vulnerable to recovering previously printed documents. In the past, you might have just opened it up and ripped out the hard disk and memory, but nowadays with NAND and DRAM being soldered onto motherboards, do you really trust that's enough?