Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Toshiba Drives Wipe Data When Turned Off

CmdrTaco posted more than 3 years ago | from the how's-that-gonna-work dept.

Data Storage 239

CWmike writes "Toshiba on Tuesday introduced a new hard drive feature that can wipe out data after the storage devices are powered down. The Wipe feature in Toshiba's SED (Self-Encrypting Drives) will allow for deletion of secure data prior to disposing or re-purposing hard drives, Toshiba said. The technology invalidates a hard-drive security key when a system's power supply is turned off. The new Wipe capability will go into future versions of the SED drives, for which no timeframe was given. Beyond use in PCs, Toshiba wants to put this feature on storage devices in copiers and printers."

cancel ×

239 comments

Lots of uses for this technology... (5, Insightful)

mlts (1038732) | more than 3 years ago | (#33208974)

I can see this used not just in copiers where temporary files need to be zapped for privacy reasons, but in a number of other places:

1: Photo kiosks.
2: Documents stored on public access computers.
3: Medical terminals used for X-ray viewing.
4: Cash register terminals for storing CC data.
5: CCTV DVRs. If a video time frame needs flagged for long term copying, it is.
6: Proxy/sendmail log servers where logs don't have to be kept for longer than it takes to check if there is an intrusion.
7: Temporary scratch space for a database server, say to pack and unpack normally encrypted BLOB/CLOB data.
8: A special hard disk just for /tmp. If one thinks about it, this type of HDD is absolutely perfect for the /tmp filesystem in the classic sense of it being zeroed out on reboot.
9: Temporary scratch space when unarchiving data and putting it on a secure partition or tape drive. For example, getting data from tape or another site, storing it temporarly to get a machine to restore locally.
10: A machine set up and automatically imaged for guests to browse the Web.
11: A machine set up and autoimaged in a student computer lab. This way, a power cycle ensures that private data is not recoverable from the previous student.
12: Drives set up for swap. This way, a power cycle removes all traces of a virtual machine's paging.
13: Community clouds, where a VM is cloned to the drive, used to give better capacity, then shut down and the drive cycled so the next user on that drive doesn't have access to the previous user's data.
14: A place to decode encryption keys temporarly pulled out of a HSM to be copied to another source.
15: Airport X-day machines so the private pictures of people stay private.

Re:Lots of uses for this technology... (5, Funny)

Anonymous Coward | more than 3 years ago | (#33209014)

I guess it was either that, or telling everyone they were holding it wrong.

Re:Lots of uses for this technology... (2, Funny)

cosm (1072588) | more than 3 years ago | (#33209026)

16. Porn.
17. More Porn.

Lets not be shortsighted.

Re:Lots of uses for this technology... (4, Funny)

MBGMorden (803437) | more than 3 years ago | (#33209096)

16. Porn.
17. More Porn.

Lets not be shortsighted.

Take your own advice. Do you think any self respecting slashdotter is going to put his porn on a drive that erases itself when poweres down? Heck most of us won't trust our collection to anything short of RAID6!

Re:Lots of uses for this technology... (3, Funny)

Ironhandx (1762146) | more than 3 years ago | (#33209134)

Raid 1+0 here. When you gotta have it, you gotta have it. Access delays not allowed.

Re:Lots of uses for this technology... (2, Funny)

AndrewNeo (979708) | more than 3 years ago | (#33209312)

You power down your machines?

Re:Lots of uses for this technology... (1)

Tubal-Cain (1289912) | more than 3 years ago | (#33209564)

When the UPS is down to its last few seconds, yeah.

Re:Lots of uses for this technology... (4, Funny)

Deosyne (92713) | more than 3 years ago | (#33209582)

I haven't calculated the odds of both of the UPS units and the generator attached to the porn cluster failing at the exact same time, but that's just not a chance that I'm willing to take.

I almost facepalmed.. (1)

RulerOf (975607) | more than 3 years ago | (#33209684)

Heck most of us won't trust our collection to anything short of RAID6!

My porn collection, along with all my other documents and media is on a RAID-6 array.

...Along with my massive collection of confiscated geek cards.

Re:Lots of uses for this technology... (2, Insightful)

von_rick (944421) | more than 3 years ago | (#33209046)

Most of the applications you have listed are subsets of no.8 on your list, "A special hard disk just for /tmp".

Re:Lots of uses for this technology... (1)

h4rr4r (612664) | more than 3 years ago | (#33209072)

Most of that stuff would be better off with a tmpfs. You should already be doing that with /tmp in mos cases.

10 and 11 should just be PXE booted machines with no discs.

Re:Lots of uses for this technology... (1)

KiloByte (825081) | more than 3 years ago | (#33209752)

Any normal filesystem will go a long way to ensure the data is securely on the disk, forcing flushes after a short time, making multiple writes first to the journal, then to data sectors, then to metadata to ensure everything is consistent. That's utterly wasteful for /tmp/ -- with tmpfs, there won't be a single disk access in a vast majority of cases.

I don't get why most distributions don't have /tmp/ on tmpfs by default. Just enlarge the default swap size by what is expected for /tmp/, to make sure max virtual memory capacity doesn't suffer.

Re:Lots of uses for this technology... (1)

krzysz00 (1842280) | more than 3 years ago | (#33209086)

This is also good for government workers, police, spies and criminals, who are the four types of people who need to be able to zap data fast.

Re:Lots of uses for this technology... (3, Insightful)

compwizrd (166184) | more than 3 years ago | (#33209116)

You've got some redundancy in your list there!

Re:Lots of uses for this technology... (1)

drewhk (1744562) | more than 3 years ago | (#33209220)

Don't worry, they will pass a law that prohibits this technology... Privacy is obsolete, so they say.

Re:Lots of uses for this technology... (1)

Grishnakh (216268) | more than 3 years ago | (#33209294)

Instead of making a special hard disk just for this application, why not just change the code of these embedded devices to delete this data?

deep freeze is better then reimage on boot faster (1)

Joe The Dragon (967727) | more than 3 years ago | (#33209324)

deep freeze is better then reimage on boot as it is much faster. You need a fast sever + good network + a fast HDD on the pc to make autoimaga on boot not be a big slow down and this also makes it so each windows update that needs reboot a new images. Deep Freeze can be set up to go into a mode there you can install updates and keep them after reboot and then go back to the reset on reboot mode + you can have a user area that does not get wiped out as well.

Re:deep freeze is better then reimage on boot fast (3, Insightful)

Galestar (1473827) | more than 3 years ago | (#33209442)

This isn't "reimage on boot". This is encrypted storage whereby the key is volatile. There is not performance problem here.

and to reply to OP, this tech really doesn't have as many uses are you say. It is really only useful for sensitive data. You can use it for /tmp, but there's really no point. Cleaning /tmp with software can be done pretty quickly - why buy expensive hardware?

Re:deep freeze is better then reimage on boot fast (1)

h4rr4r (612664) | more than 3 years ago | (#33209660)

or PXE boot, then have /home be a tmpfs. That can be nice and fast if you have the rest of the OS on NFS or ISCSI, plus you remove one more part that can fail.

Re:Lots of uses for this technology... (1)

camperslo (704715) | more than 3 years ago | (#33209340)

Of course if it only removes the key, the data is still there. The user may not be able to access it but who says someone else can't?

Maybe they should make flash drives designed to be put in a microwave oven.

Re:Lots of uses for this technology... (1)

pilgrim23 (716938) | more than 3 years ago | (#33209424)

there are many utilities that can read each block-sector then re-create a index/VTOC or FAT table. Looks like a place to make some bucks in the tech support field.

Re:Lots of uses for this technology... (1)

jgrahn (181062) | more than 3 years ago | (#33209570)

8: A special hard disk just for /tmp. If one thinks about it, this type of HDD is absolutely perfect for the /tmp filesystem in the classic sense of it being zeroed out on reboot.

Not really. You expect /tmp to *exist but be empty* after reboot. With such a disk you'd at least have to repartition and mkfs somewhere early in the boot sequence. I see all kinds of problems.

hold on (0, Troll)

Tablizer (95088) | more than 3 years ago | (#33208992)

Isn't this standard Windows behavior?

Re:hold on (0)

Anonymous Coward | more than 3 years ago | (#33209722)

No, but it's standard for Seagate drives.

Congratulations... (5, Funny)

Anonymous Coward | more than 3 years ago | (#33209042)

You invented random-access memory. Good job!

Re:Congratulations... (2, Funny)

Amouth (879122) | more than 3 years ago | (#33209110)

actually they realized that they could make a market for their self encrypting disks where the nvram to store the keys was bad... 

Re:Congratulations... (2, Interesting)

IICV (652597) | more than 3 years ago | (#33209264)

Not necessarily - you can still read the contents of RAM relatively accurately for up to ten minutes [freedom-to-tinker.com] after the power goes out as long as you're quick about extracting the sticks and applying some cryogenics (a spray from an upside-down can of compressed air works pretty well). Presumably, when they sense that the power is cut these hard drives convert the momentum in the spinning disks into enough electricity to zero out the onboard encryption key, which would take moments and render the contents unrecoverable.

what if the head is in sleep mode so no momentum a (1)

Joe The Dragon (967727) | more than 3 years ago | (#33209362)

what if the head is in sleep mode so no momentum and then power is lost?

Re:what if the head is in sleep mode so no momentu (1)

42forty-two42 (532340) | more than 3 years ago | (#33209778)

The key could be stored in static RAM, which does lose data instantly when power is lost (downside is that it's more expensive, but for a single encryption key that's not a problem). Alternately, you could just stick a capacitor on the board with enough power to erase the RAM. Or just bury the RAM cells inside the CPU, so it's impractical to access them (and make the CPU erase them on next power-on).

Re:Congratulations... (2, Interesting)

Kymermosst (33885) | more than 3 years ago | (#33209374)

Presumably, when they sense that the power is cut these hard drives convert the momentum in the spinning disks into enough electricity to zero out the onboard encryption key, which would take moments and render the contents unrecoverable.

The KISS principle suggests that they would use a capacitor.

Re:Congratulations... (1)

Splab (574204) | more than 3 years ago | (#33209462)

No, actually each drive comes with a build in cat, gerbil and a baloon, when the drive is powered down the cages to each animal are opened and the cat chasing the gerbill in the closed area will generate enough static electricity rubbing against the baloon to wipe the key.

Pure and simple, no fancy faulty capacitor to ruin your day.

Re:Congratulations... (1)

bertoelcon (1557907) | more than 3 years ago | (#33209622)

No, actually each drive comes with a build in cat, gerbil and a baloon, when the drive is powered down the cages to each animal are opened and the cat chasing the gerbill in the closed area will generate enough static electricity rubbing against the baloon to wipe the key.

Pure and simple, no fancy faulty capacitor to ruin your day.

Not but a faulty cat will ruin your day, at least capacitors don't have claws.

Re:Congratulations... (1)

IICV (652597) | more than 3 years ago | (#33209470)

You're probably right, especially since this is probably not going to be used in spinning media. I just think the concept of converting disk momentum back into electricity in order to power emergency shutdown maneuvers is so awesome I had to put it in there.

Re:Congratulations... (1)

profplump (309017) | more than 3 years ago | (#33209534)

Or they could just install a capacitor, which is what's typically done for dying-gasp circuits. It's not like you need 4kJ to overwrite 4K of RAM, particularly if you design a circuit with rapid reset in mind -- for example, DRAM could be built with the ability to connect all its capacitors to a drain simultaneously (or in big chunks) rather than one word at a time.

Re:Congratulations... (0)

Anonymous Coward | more than 3 years ago | (#33209394)

Find me an affordable machine with 1 terabyte of RAM. Thanks.

Re:Congratulations... (0)

Anonymous Coward | more than 3 years ago | (#33209448)

These take 6TB, and don't cost that much [sgi.com] , and if you'll take a full rack version, there's a server in the set that takes 16TB RAM.

Every HPC lab worth the name should be able to afford one :)

Re:Congratulations... (1)

mweather (1089505) | more than 3 years ago | (#33209454)

1 terabyte? That's one huge encryption key!

Re:Congratulations... (1)

mlts (1038732) | more than 3 years ago | (#33209466)

In a way you are right. A software approximation of this technology is having a RAMdisk, creating a TC volume on the hard disk that stores the keyfile on the RAMDisk, and when the machine is rebooted, the old TC volume and the keyfile that unlocks it is recreated.

Re:Congratulations... (0)

Anonymous Coward | more than 3 years ago | (#33209542)

No, they invented Write-Only memory!

Re:Congratulations... (4, Funny)

sixfootfive (1875604) | more than 3 years ago | (#33209600)

Sounds more like Toshiba said, "Hey, we have this lot of bad drive" why don't we classify them as wipe feature enabled.

Re:Congratulations... (0)

Anonymous Coward | more than 3 years ago | (#33209636)

Not really. All RAM is not volatile.

Re:Congratulations... (1)

pitchpipe (708843) | more than 3 years ago | (#33209650)

You invented random-access memory. Good job!

Not quite... this doesn't include the random part. Call it 'Sequential Access Volatile Memory': includes all the bad of RAM, and all the bad of HDD!

Re:Congratulations... (1)

noidentity (188756) | more than 3 years ago | (#33209772)

I congratulate companies on these advancements. For years we've had to settle for this happening only to the gigabytes of RAM in our computers, but now, we can have our hard drives lose all their data when they lose power as well. Some day, 5-10 years from now, we'll have technology that erases everything within one block of a PC that loses power.

Murphy's Law (3, Interesting)

SilverHatHacker (1381259) | more than 3 years ago | (#33209066)

Sounds like a good idea, but I'm almost positive there will be instances where important data is going to be screwed with by mistake. I personally would rather not have my hard drive erasing my data without my express approval, but I'm not the average Joe.

Re:Murphy's Law (1)

Threni (635302) | more than 3 years ago | (#33209710)

Also, any company which takes security seriously is going to either destroy the drive or perform multiple writes of random data anyway, so what's the point?

My kingdom for a UPS (2, Interesting)

king_grumpy (1685560) | more than 3 years ago | (#33209070)

In other news today, a company under investigation by authorities claimed all the data was wiped from their servers following an unexpected power outage.

How this works (1)

xemc (530300) | more than 3 years ago | (#33209076)

Presumably, no data is actually 'deleted' upon power-down, just the key is lost. Presumably this works by keeping the entire HDD encrypted - no wipe is needed when the drive is repurposed.

Re:How this works (1)

maxwell demon (590494) | more than 3 years ago | (#33209132)

It uses multiple passes of rot13, and the key tells how many passes are done. :-)

Re:How this works (1)

shentino (1139071) | more than 3 years ago | (#33209320)

Considering that there are 256 values possible for a given byte that's not quite as useless as one would think.

Re:How this works (4, Informative)

xemc (530300) | more than 3 years ago | (#33209152)

According to the article, it uses this "Opal" storage spec. (didn't find it on wikipedia..)
Below from: http://www.trustedcomputinggroup.org/resources/storage_application_note_encrypting_drives_compliant_with_opal_ssc [trustedcom...ggroup.org]

Storage Application Note: Encrypting Drives Compliant with Opal SSC

This document provides examples of the communication between a host and a storage device implementing the TCG Storage Security Subsystem Class: Opal SSC and the TCG Storage Architecture Core Specification.

Examples are provided for the following scenarios:.

        * Discovering whether a storage device supports Opal SSC
        * Taking ownership of the storage device
        * Activating the Locking SP
        * Changing the Admin1 PIN in the Locking SP and adding users
        * Configuring Locking Objects (LBA ranges) *
        * Unlocking ranges
        * Erasing a range
        * Enabling the MBR shadow
        * Un-shadowing the MBR
        * Reverting the TPer
        * Reverting the Locking SP
        * Using the DataStore table

For further reading, here's what looks like the spec:
http://www.trustedcomputinggroup.org/files/static_page_files/9FE14508-1D09-3519-AD7D21A695E9B8EE/Opal_SSC_1.00_rev3.00-Final.pdf [trustedcom...ggroup.org]

I find this hard to believe (1)

Meshach (578918) | more than 3 years ago | (#33209080)

As the Microsoft trials taught us data is hard to delete permanently.

Re:I find this hard to believe (3, Interesting)

Andorin (1624303) | more than 3 years ago | (#33209194)

Is it really? Perhaps I can get some education here. *nix systems come with a tool called shred [wikimedia.org] , which overwrites a file multiple times with random data to provide secure deletion. We also have tools like dban [dban.org] , which will do basically the same thing to the whole drive. How securely do tools like these erase data?

Re:I find this hard to believe (2, Informative)

X0563511 (793323) | more than 3 years ago | (#33209326)

dban is great, but is slow. Wiping a 500gb drive takes several hours at least.

Shred and the like are only useful when you don't have a journaling filesystem. So that means anything but ext2 (including ext3) defeats it.

Re:I find this hard to believe (2, Interesting)

Andorin (1624303) | more than 3 years ago | (#33209518)

Can you elaborate on how shred is defeated by any file system besides ext2? For example, does it not function properly on other file systems?

Re:I find this hard to believe (1, Informative)

Anonymous Coward | more than 3 years ago | (#33209596)

Using shred, with an ext3 file system presents the user with the problem of secure deletion because it can only really be effectively used with ordered and writeback journals. a journal on ext3 is a separate file and not touched by a shredding of the actual file itself. the journal file also needs to be shredded or filesystem converted to ext2 to be effective.

Re:I find this hard to believe (3, Informative)

ChipMonk (711367) | more than 3 years ago | (#33209668)

Shred also works on drives. I shredded a Deskstar with a 25-pass wipe, which took over 16 hours. (And in a stroke of good timing, it started making the Deskstar "click of death" sounds less than 10 minutes after it finished.)

But about file system journals. It's a bit much to say "any file system" besides ext2 defeats shred. The concern is this: If file data is committed to the journal first, rather than the filesystem proper, the only way shredding is secure is to shred a file that's larger than the journal. Otherwise, multiple overwrites of file data are actually going to the journal, where they'll be analyzed, all but the last overwrite will be canceled, and the file data in the filesystem ends up with only a single overwrite.

Part of the purpose of shredding a file, is to overwrite the residual magnetic flux between tracks on a platter. Multiple overwrites on the platter will do this; shred used to do 25 overwrites by default, which was good enough for DoD secure erasure requirements. However, a FS journal would defeat this on a file that was less than 1/25 the size of the journal.

Ext3/4 can do this, but not by default; the default is "ordered" mode, where file data goes directly to the FS, and then its metadata goes to the journal. A mount option can change this temporarily, and "tune2fs" can change the mode persistently.

XFS and JFS journal only metadata, so shredding a file on those FS's is safe. You can verify this with an external journal on a different drive, then watch where the activity is during a shred. It isn't in the journal.

OTOH, log-structured file systems like Btrfs may or may not erase the data in place; if the data is part of a snapshot, then later overwrites don't remove the snapshot.

Yes, this is a lot to think about.

Re:I find this hard to believe (1)

whovian (107062) | more than 3 years ago | (#33209546)

dban is great, but is slow. Wiping a 500gb drive takes several hours at least.

Shred and the like are only useful when you don't have a journaling filesystem. So that means anything but ext2 (including ext3) defeats it.

No need to be concerned about journaling really; just apply shred to the partition or entire disk.

Re:I find this hard to believe (1)

PeterBrett (780946) | more than 3 years ago | (#33209550)

Shred and the like are only useful when you don't have a journaling filesystem. So that means anything but ext2 (including ext3) defeats it.

That's why you copy files you want to keep onto another partition, then run shred on the original partition's block device, then recreate the filesystem.

Re:I find this hard to believe (4, Informative)

gad_zuki! (70830) | more than 3 years ago | (#33209656)

>Wiping a 500gb drive takes several hours at least.

Not really. The problem is that everyone picks some zany wiping scheme. Those Gutmann patterns don't even make sense with any modern drive. All you really need to do is zero the drive once. It doesn't take that long. I have yet to see a recovery from a drive that's been zero'd out. Anything past one pass of zeros is just extra credit.

Re:I find this hard to believe (4, Informative)

txoof (553270) | more than 3 years ago | (#33209552)

This has been covered to death here [slashdot.org] on slashdot [slashdot.org] , but basically one pass of /dev/random will pretty much take care of wiping a drive. Drive recovery companies will tell you that the hypothetical bit-by-bit recovery is possible, but is so ungodly costly that it's not worth doing unless there's something REALLY important on the drive (like pictures of your mom [xkcd.com] ). If you're really paranoid, don't waste your time with shred, just dd if=/dev/urandom of=/dev/hda twice and call it a day. Shred takes F O R E V E R and really provides nothing more than a nifty status bar. If you're SUPER paranoid, dd the drive twice and yank the platters, play frisbee, build a tesla turbine [instructables.com] or simply scratch the hell out of them and chuck them in the recycle bin.

Re:I find this hard to believe (1, Insightful)

Anonymous Coward | more than 3 years ago | (#33209690)

Of course there that unfortunate possibility that the drive had just decided to relocate the sensitive data and mark it as unusable, in which case shred is no better than urandom..

Re:I find this hard to believe (2, Insightful)

txoof (553270) | more than 3 years ago | (#33209800)

That's why the really paranoid can always pull out the platter and inflict whatever thermite hell they want on it.

Re:I find this hard to believe (0)

Anonymous Coward | more than 3 years ago | (#33209558)

Shred huh? That's really cool. So...umm...

Can you tell me if shred works on your computer? No...really--does it? Do you know? Have you tested? Have you RTFM, or just the first paragraph?

I've got 10 computers in the room with me. Won't count the glorified tape drive.

Let's see what they're running among multiple boots and the VM's on them all...

FAT32 (1)
NTFS (6)
Reiser (6)
EXT3 (4)
UFS (1)

Plus a VMware file system I can't recall the name of.

Of course.... shred would work...as intended... in exactly *2*. The others it might work on. Maybe. Depending on implementation details.

Journaled file systems. They've been the standard for a long time. And that isn't even counting NTFS file stream support, where even if you overwrite in place, you might not actually overwrite what you think you are.

Yeah, shred tries to overwrite a file in place multiple times. Let me know when somebody's verified this.

Re:I find this hard to believe (1)

Ironhandx (1762146) | more than 3 years ago | (#33209274)

As long as it can guaranteed stay encrypted out past the statute of limitations I think that it will be fine for legal/illegal purposes. AKA: Sure they're going to come up with better decryption methods and better supercomputer/cloud compute power but if in its current state it'll take big blue 1000 years to decrypt it, I think its safe to say its not going to be decrypt-able in any sort of time frame that would be relevant to anyone living today. 100 years of estimated big blue time to brute force it would even be sufficient for most things. I think statute for civil courts, though it varies from place to place, ranges anywhere from 5 years to 25 years.

Re:I find this hard to believe (1)

shentino (1139071) | more than 3 years ago | (#33209342)

There is no statute of limitations when it comes to a fraud upon the court, which includes knowingly withholding evidence.

Re:I find this hard to believe (1)

maxume (22995) | more than 3 years ago | (#33209522)

If they can't prove it without decrypting the data, you'll be dead enough not to care.

Re:I find this hard to believe (1)

Ironhandx (1762146) | more than 3 years ago | (#33209536)

The beauty of the situation is that it seems to me that the drive can be set up so that even if you wanted to you can't possibly retrieve the data, thus the statute would still apply.

Re:I find this hard to believe (1)

Ironhandx (1762146) | more than 3 years ago | (#33209610)

I thought about it for a second after hitting the submit button and remembered that if they do decrypt it afterwards and find criminal material they can still prosecute as long as its for a new crime. At least in Canada. Don't know about anywhere else. The Civil suit would be history however.

As the other respondent said though, you'd likely be too dead to care by then.

It's just a RAM disk then? (2, Insightful)

Dynamoo (527749) | more than 3 years ago | (#33209118)

Remember RAM disks? Kind of an eighties thing I guess..

Re:It's just a RAM disk then? (0)

Anonymous Coward | more than 3 years ago | (#33209200)

no, it's disk RAM

Re:It's just a RAM disk then? (0)

Anonymous Coward | more than 3 years ago | (#33209512)

Remember RAM disks? Kind of an eighties thing I guess..

no, it's disk RAM

No, it's disk GOA-e~e~e~e-aa~aa~aa~aa~aa~uu~uu~uu.

I think I'm having a meta-moment here, but do you remember the Goat Boy sketches from SNL back in the late 90s? He did that Remember the 80s show and always started braying in the middle of his sentences. That's what I was going for.

Re:It's just a RAM disk then? (0)

Anonymous Coward | more than 3 years ago | (#33209222)

Sure, if a ram disk is several hundred gig, then yeah, they're the same.

Re:It's just a RAM disk then? (2, Informative)

h4rr4r (612664) | more than 3 years ago | (#33209366)

Not a problem with a tmpfs on a beefy server.

RAM disks (1)

jvonk (315830) | more than 3 years ago | (#33209662)

One thing that has always irritated me about tmpfs is that it will page out into swap if memory pressure dictates.

Using ramfs as an alternative to tmpfs means that you lose the ability to stipulate a maximum size, and it can grow to exhaust all available memory in the system. Because ramfs won't page out, I presume it is quite possible to take down the entire machine in such circumstances.

It's sad that MacOS (pre-X) had the problem solved 15 years ago by allowing the creation of a fixed size RAM disk that would not page out, but this capability has apparently been lost in modern OS's. Unrelated aside: it was quite fun to load a stripped down version of the MacOS System Folder into a RAM disk and watch how fast the machine would boot (MacOS RAM disks would persist between reboots but would naturally be obliterated if power was cut).

Re:It's just a RAM disk then? (1)

txoof (553270) | more than 3 years ago | (#33209572)

Remember RAM disks?

Is that an operating instruction?

This is old news... (0)

Anonymous Coward | more than 3 years ago | (#33209130)

The RamDisk in my PC did that everytime I powered off the system. Big deal....

And if... (0)

Anonymous Coward | more than 3 years ago | (#33209168)

via virus or other stealth works, YOUR hard drive will be wiped remotely by ANOTHER user or worse, government? I will not put any nickel into this kind of technology.

Information, please. (1)

westlake (615356) | more than 3 years ago | (#33209172)

The Computer Word story is light on details. No surprise there.

How is your data protected against accidental deletion - hardware failure, power outages, etc?

Re:Information, please. (1)

kenrblan (1388237) | more than 3 years ago | (#33209404)

I would love to know this as well. Many scenarios should be covered by a normal backup/recovery strategy, but that doesn't really cover the up to the second transactional type of data. I have seen a UPS system fail, not because of Electrical System outage, but because of UPS battery/controller issues. Everything in the room went dark. If all of my disks had "self-erased" at the middle of the working day, I would have had a heart attack. Surely there is a low level utility that can restore the security key in the event of power supply/environment failure.

Re:Information, please. (1)

Grishnakh (216268) | more than 3 years ago | (#33209440)

Sounds like it isn't. If the power fails, the data's gone. I'm guessing this is really only useful for applications where you really don't want to preserve data past a power outage (such as spooled documents on a networked office printer, or some other weird high-security application where they're actually worried about people reading the RAM (on a ramdisk) using cryogenic methods).

Re:Information, please. (4, Informative)

txoof (553270) | more than 3 years ago | (#33209658)

All the articles are pretty poorly written, and the Computer World article misquotes the Toshiba press release

Computer World

Drives with the technology will go into hard drives for laptops and desktops.

Toshiba

But lost or stolen notebooks are not the only security risk that IT departments must address. Today, most office copier and printing systems utilize HDD capacity and performance to deliver a highly productive document imaging environment. Many organizations are now realizing the critical importance of maintaining the security of document image data stored within copier and printer systems.

Toshiba is selling these drives as a method for securing scanning copiers. Many of the current copiers hold onto everything that is copied or scanned indefinitely leaving a gaping security hole. The new SED drives encrypt their contents and then wipe the key when the drive powers down leaving the data intact, but no meaningful method for recovering it. If a thief tries to yank a SED drive out of a copier, it automagically wipes it. If part of your security procedure is to shut down the copiers each night, your daily load of potentially secure documents and copies of Bob's butt are also automagically wiped.

Clearly, this type of technology would be worthless in a notebook or any other type of PC. You'd always be running from outlet to outlet to save your data. It'd be an IT version of that terrible Jason Statham movie Crank 2: High Voltage. Shudder.

Hackers best friend (0)

Anonymous Coward | more than 3 years ago | (#33209184)

When they cops raid your place and yank all your drives for evidence they would be in for a rude surprise.

Re:Hackers best friend (1)

h4rr4r (612664) | more than 3 years ago | (#33209646)

Nope, if they want your data they keep the machine one by splicing into the power outlet.

Their drives have self erased for years (1)

Indy1 (99447) | more than 3 years ago | (#33209198)

Their laptop hard drives have been self erasing for years via head crashes and other catastrophic malfunctions. Absolutely horrible laptop hard drives.

That's nothing... (1)

stagg (1606187) | more than 3 years ago | (#33209232)

I spilled water into a power bar back in 95 and achieved exactly the same effect!

Oh really? (1)

Nemyst (1383049) | more than 3 years ago | (#33209302)

I used to call that "hammer & magnet"...

SED? (4, Funny)

lowrydr310 (830514) | more than 3 years ago | (#33209322)

I've always thought SED stood for "Smoke Emitting Diode"

It's my favorite electronic component, but the only problem is that they only work once.

Re:SED? (1)

mweather (1089505) | more than 3 years ago | (#33209488)

Duh, the magic smoke is what makes electronics work. Once you let it out, it stops working.

Re:SED? (0)

Anonymous Coward | more than 3 years ago | (#33209526)

Hey! British cars run on magic smoke too!

Yeah, that's great journalism (4, Insightful)

overshoot (39700) | more than 3 years ago | (#33209408)

Somehow I don't think that Toshiba is quite so stupid as to build what TFA describes: a laptop drive that wipes itself after the power is turned off.

My bet is on the usual baked-in drive encryption, very badly described.

Re:Yeah, that's great journalism (1)

Lord Ender (156273) | more than 3 years ago | (#33209584)

It could be intended for use as a tmp/swap drive.

Piffle. (1)

jeko (179919) | more than 3 years ago | (#33209436)

Pfft. Western Digital and Maxtor have had this feature for years....

Misleading (0)

Anonymous Coward | more than 3 years ago | (#33209458)

It doesn't wipe data. The data is encrypted and when the drive is powered down, it intentionally loses the key. The data can be recovered if the key can be recovered.

Not deleted, encrypted (4, Interesting)

joe_cot (1011355) | more than 3 years ago | (#33209478)

From the scant details in the article and summary, it appears that the drives are encrypted, and the "wipe" consists of getting rid of the encryption key.

Calling that a "wipe" is rather misleading in my opinion. Toshiba's in for one hell of a liability issue if their encryption is ever cracked -- though I'm sure they'll take care of all that in the fine print.

Technically... (1, Informative)

Anonymous Coward | more than 3 years ago | (#33209670)

it is called a cryptographic erase.

http://seagate.custkb.com/seagate/crm/selfservice/portalhome.jsp?DocId=205983&Hilite=#14

However, your assessment is accurate, the data is still there, just nearly impossible to recover.

"...invalidates a hard-drive security key..." (2, Insightful)

John Hasler (414242) | more than 3 years ago | (#33209502)

Well, the local copy, anyway...

This better work (1)

vlueboy (1799360) | more than 3 years ago | (#33209620)

Aren't we tired of hearing of simple-sounding solutions that appear unattainable?

See recent /. stories stating our computer-level "private browsing [slashdot.org] " of the web is everything except "private." One problem I already see with any data wipe is that it takes a lot of time, like the article mentioned for Eraser.

The article had too few specifics, so let's sit on the what-if armchair for a bit: short of a strong explosion, the FBI could just not power the drive before removing the circuit board and replacing with one lacking wipe logic.

I'm impressed (1)

rickb928 (945187) | more than 3 years ago | (#33209654)

I've never had a drive that did ANYTHING after it was powered down.

This is a tremendous advance. And I RTFA, and it doesn't offer me much of an explanation.

unhappy people (0)

Anonymous Coward | more than 3 years ago | (#33209664)

If the description is accurate, I can imagine that there will be an outcry from the forensics people, or at least their masters. Isn't SOP to remove power immediately, pull the drive, and copy it? Then I guess we know there'll be some sort of "key escrow" or back door for LE.

Forward into the Past! (0)

Anonymous Coward | more than 3 years ago | (#33209694)

Now that's real progress!

The first hard drives were flaky and prone to data loss, now they want to engineer it into drives?

Yes, what could possibly go wrong, besides power failures.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...