Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

A New Technique to Quickly Erase Hard Drives

CowboyNeal posted more than 8 years ago | from the clean-and-clear dept.

458

RockDoctor writes "Stories about 'wiped' hard drives appearing on eBay (and other channels) and being stuffed with personably-identifiable data are legion; rarer are spy planes having to land on enemy territory, but it happened in 2001 to a US spy plane over an un-declared enemy (China, and that's a topic in itself). Dark Reading reports the development of a technique to securely wipe a hard drive in seconds, and which is safe for flying. (The safe for flying criterion rules out things like fun with packing the drives in thermite. Also thermiting the drives may not erase the platters to the standard required, which is moderately interesting itself."

cancel ×

458 comments

New technique? (1)

Xymor (943922) | more than 8 years ago | (#15554909)

Is it more effective than wiping HDD using powerful magnets?

Re:New technique? (1, Redundant)

ChronoReverse (858838) | more than 8 years ago | (#15554913)

Powerful magnets do rather little to wipe hard drives (besides, there's a fearsomely powerful permanent magnet inside HDs already). I heard about this test where magnets powerful enough to bend the platters still weren't able to wipe the data off.

Re:New technique? (1)

Saven Marek (739395) | more than 8 years ago | (#15554917)

Magnets powerful enough to bend aluminum and glass? that I would like to see.

Re:New technique? (5, Informative)

Anonymous Coward | more than 8 years ago | (#15554945)

Aluminum can act oddly in the presens of magnetic feels. see this link [pureenergysystems.com] for information on how it might be able to bens platters.

Re:New technique? (2, Interesting)

Wonko the Sane (25252) | more than 8 years ago | (#15555038)

If you shape the magnets correctly and use AC to power them, then a magnetic field can (in theory) move any material that conducts electricity. Because a moving magnetic field will generate an electric field in the conductor, with will create a magnetic field that interacts with the original field. It may not be practical with all materials, but it is possible.

Degaussing Technique (4, Informative)

Kadin2048 (468275) | more than 8 years ago | (#15554986)

It depends on the type of magnetic field used and how it's applied. If you just put a drive platter (or magnetic tape, or floppy disk) into a static magnetic field, you might bend the platters or disturb the media, without actually destroying the data itself.

I'm most familiar with procedures for erasing magnetic tape than hard drives. The conventional method that I was always taught was to put the tape very close to source of a strong alternating electromagnetic field (so easy way is to just have a small coil hooked up to the wall socket). Then -- and this is the important part -- you move the media away from the coil, while the coil is still operating. So it goes from the near field out to where the field is basically no longer having any effect, but without the field going off. The result is that different layers of the media end up with different magnetic fields: as the media moves further and further away from the coil, the field is no longer able to saturate the center of it, so it's left with a certain state. The material just next to that gets left with a different state, because by then the coil's field has changed directions. So you end up with different magnetic states (polarizations) being written to the media both in the depth direction, and lengthwise (as you pull the tape along past the coil). I guess the thickness of the "stripes" would depend on characteristics of the media, plus the frequency of the coil's field and the speed with which the media was moving past it. I just always moved it slowly away at a few inches per second, personally.

Just holding the media next to a magnet, even an AC electromagnet, and turning the magnet on and off, doesn't erase the data as effectively as moving the media from close to the coil to far away. Or at least that's what I was always told. I suppose if you had a circuit that powered down the coil slowly, it would have much the same effect.

Re:New technique? (4, Informative)

tomhudson (43916) | more than 8 years ago | (#15555023)

Poster wrote:

Powerful magnets do rather little to wipe hard drives

If you had read the article , you would have found that they ARE using magnets to wipe the hard drives. FTFA:

The researchers concluded that permanent magnets are the best solution.

There's powerful and then there's powerful... (2, Informative)

Animaether (411575) | more than 8 years ago | (#15555162)

GP probably meant by 'powerful' magnets the kind you can get at scientific supplies shops, or even (in slightly less powerful degree) at ThinkGeek.

The 'powerful' in the article refers to the power akin to an MRI scanner. Ever see that video of somebody holding a scissor on a string several feet away from the aperture, and the scissor points straight to it with some duress on the holder's finger from the string when the MRI is on?

Suffice to say that nobody in a home/office environment is going to have one those 'powerful' magnets laying around.

Me - I settled for "Darik's Boot and Nuke" as part of the Eraser program to wipe two old computers, and will again for a third shortly. They never had highly classified or particularly sensitive information - just stopping the casual users from retrieving old porn. I hate porn pirates.

Re:New technique? (2, Informative)

ballermann (124688) | more than 8 years ago | (#15554921)

FTFA: The researchers concluded that permanent magnets are the best solution.

Re:New technique? (0)

Anonymous Coward | more than 8 years ago | (#15554932)

Just... wow.

I mean, the article isn't even that long.

Second Post!! (0, Troll)

TrisexualPuppy (976893) | more than 8 years ago | (#15554911)

Scientology [ytmnd.com]

Computer systems and their hard drives (3, Funny)

Anonymous Coward | more than 8 years ago | (#15554916)

can be rendered inoperable in seconds - the method's name is "slashdotting".
 
How curious that the anti-bot please-type-in-this-word word is kilobyte for this post.

If it doesn't involve fire arm... (0, Redundant)

Lead Butthead (321013) | more than 8 years ago | (#15555112)

If it doesn't involve fire arm in some way, it's not secure.

Joe does it (5, Interesting)

janet-on (982800) | more than 8 years ago | (#15554918)

Unfortunately a few passes with random data is not as effective against a sophisticated recovery effort as is often assumed.
Now if it's just some random joe with an undelete program he got for $19.99 at the local shop then a single pass is often enough, more sophisticated software only tools might get past a few, but with hardware equipment (probably not used often below the fbi/pro forensics places) you might want to do something a bit more secure.
With good knowledge of how the data is actually stored on the disk you can figure out patterns that tend to degausse the bits being wiped and help eleminate the residual images left by the micro imperfection in head positioning (which are shrinking to almost nothing these days) and simular effects a trully sophisticated data recovery effort might use.

Peter Gutman put out a paper about this that can be read at http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html [auckland.ac.nz]
that explains it better.
Though with remapping and newer recording techniques things change and software only erasure becomes more and more problematic. At the highest levels of secrecy I believe most governments require over-kill levels of outright hardware destruction.

the product is stupid (3, Insightful)

r00t (33219) | more than 8 years ago | (#15554989)

Normally the hard drives just go into a grinder or furnace. Sure, that won't suit an airplane, but neither will a bulky magnetic device that weighs 125 pounds per hard drive. (can't just have one because the drive has to slide right in)

The obvious solution: encrypt everything that hits the disk, keep the key in RAM, and overwrite the key when needed.

I'd worry the most about antenna shapes and sizes and various analog circuitry.

Read the article more closely! (4, Interesting)

NixieBunny (859050) | more than 8 years ago | (#15555156)

With all due respect, the article doesn't describe the device as you say. It weighs 125 lbs in prototype form, which will be reduced for production, and there's only one needed per airplane, not one per drive. What they're proposing is much less bulky than a similarly useful grinder or furnace. After all, it has to be usable on many packaged drives, quickly, in emergency plane-crash conditions. In a previous life, I did some work for E-Systems on a spy plane (Rivet Joint) using big removable ESDI drives of a few hundred megabytes each capacity, and the project guy said that it took about 20 minutes for their emergency drive erase sequence to finish. Not good if you're going down in enemy airspace!

Re:Joe does it (5, Insightful)

Anonymous Coward | more than 8 years ago | (#15555087)

That is mostly urban legend. There is a theoretical possibility that overwritten data could be reconstructed, even several layers "deep", but in practice there is no commercially available service capable of that stunt. If you know of one, name it (with references that they can do it). If they could do it, they would have to have technology available which could instantly multiply the space on these platters. It's not just a matter of having a reader with twice as good a SNR as a standard RW head. The writing harddisk doesn't just add signal, it also adds noise. The SNR on the platter will be barely good enough to read the signal of the last write. Otherwise the harddisk manufacturer could have made a bigger harddisk at the same price. The economics of the situation make recovering a previous write unlikely. The real problem with deletion by overwriting data is that it is really slow. It takes hours per disk.

Instead of worrying about residual magnetism which can at best be detected by government agencies with extreme funding, people should simply never write unencrypted confidential information anywhere. This also protects you in cases where you didn't schedule the removal of a harddisk, i.e. theft.

Wrong (5, Informative)

bwd (936324) | more than 8 years ago | (#15555123)

The paper you are quoting from is horribly out of date and very little of that applies to modern drives. This post [slashdot.org] does a good job of explaining Gutmann's more recent comments.

Plus, some people have called into question a lot of the sources used in that paper. It seems that some of the sources don't even exist.

Re:Joe does it (3, Insightful)

Anonymous Coward | more than 8 years ago | (#15555171)

Threat is combination of assets and risks. The amount of risk is often a funtion of the value, or percieved value, of the assets, but that generality is proved invalid when bored kids are involved, or the attack is particularly simple.

In term of data on hard disk, there are three circumstances. First, a person may not protect the asset, i.e. not erase the hard disk, and a bored kid then rummages throughthe harddisk. Second, a user may not understand what erase means. There was a time when erase simpley meant change a bit in the file table and mark the space as free. Unerase was then simply a matter of resetting that bit, and then seeing what data as left. Again, the bored kid would unerase and rummage. This has gotten better with the two stage trash can/erase, but can stil be a problem. Both of these are simply solved by a hard disk wipe, as the bored kid will not spend hours with a hard disk, especially when the asset is of no value.

If the asset is of value, all bets are off, and the third case is in effect. If the data is of value, or is incriminating, then the scenario of the parent takes effect. Risk is increased not only because exposure has personal consequences, but there is a specific attacker looking for specific things. In the case of the story, the specific attackers has significant resources to throw at the problem. This was not some bored kid or some local PD on a fishing expedition. Therefore any shortcut trick that did not destroy the integrity of all the data would be insufficient. The attacker has at lesat the resources of the defender. This is the same problem with missle defense. Defense is much more difficult because it must defend against all threats.

So the permamanent magnet seems effective and elegent. It does not require the vaguaries of matching a wipe with specific recording formats. It restores the suface to baseline radomness, perhaps for real. Even normal destruction is often insuffiecent. I once heard a story where to destroy a secret paper one had to burn it, crush the asses, blend it in water, dye it, and who knows what else.

Thermite... (1)

Tavor (845700) | more than 8 years ago | (#15554922)

What 'standard' required? Are you trying to tell me that you might be able to read some data from the molten aluminium?

Re:Thermite... (2, Informative)

Harmonious Botch (921977) | more than 8 years ago | (#15554963)

Actually, it's the iron that comes out molten; the aluminum is tied up as solid aluminum oxide. Nonetheless, it is a good question.

Re:Thermite... (1)

Oggust (526634) | more than 8 years ago | (#15555160)

The aluminum in the thermite burn up, that's right, but you still end up with lots of molten aluminum from the casing s of the disks etc. (In addition to the iron from the thermite.)

/August.

yes (1)

r00t (33219) | more than 8 years ago | (#15555016)

Nobody is going to stir the molten aluminum. Nobody is going to make sure the whole thing melts, including all the edges.

A budget equivalant to many billion dollars can support a rather large and dedicated team of geniuses. Getting the info from a partly melted platter sounds like a fun challenge.

In related news . . . (2, Funny)

UnknowingFool (672806) | more than 8 years ago | (#15554927)

Dozens of prank hard drive erasing have occurred within the Georgia Institute of Technology's nerd population. This was preceded by large orders of extremely powerful magnets. When questioned, the victims only had this to say:
"Khaaaaaaaaaaaaaaaaaaaaaaan!"

not good enough.. (5, Funny)

Adult film producer (866485) | more than 8 years ago | (#15554931)

When I need to protect my data from spying eyes I secure a 500m sata cable into the back port and slowly, very carefully; feed the hard drive into the event horizon. Giving it a good yank after a few minutes and reeling it back in.. the drive returns to normal working condition afterwards.

First question: (5, Insightful)

fluch (126140) | more than 8 years ago | (#15554935)

Why wasn't the content of the harddrive encrypted?

Re:First question: (1)

011011 (894467) | more than 8 years ago | (#15554979)

It probably was. Encryption can be broken. Always. Doesn't matter how strong. The best protection is the other party not having access to it at all. I think that is the idea here.

Re:First question: (0)

Anonymous Coward | more than 8 years ago | (#15555110)

Decrypt this:

aousnbaoiunbouanboan8nvaonernvzlknygogz

Re:First question: (1)

Surt (22457) | more than 8 years ago | (#15554997)

The performance of full-disk encryption tools probably wasn't adequate at the time.

Re:First question: (2, Interesting)

nottestuser (166818) | more than 8 years ago | (#15555003)

Because the Windows 98 computers running the spy cameras don't support encrypted file systems.

Seriously, this is a fricking no-brainer. Make the key 4096 bits of random data, load it into battery-backed RAM from a storage device kept at the air field. When you run in to a problem you have 4K of data in RAM to destroy instead of GBs of data on disk with the added benefit that if you ever get the disk back to the air field you still get your data. Unless the Air Force doesn't have access to unbreakable encryption...

Re:First question: (1)

Professor_UNIX (867045) | more than 8 years ago | (#15555102)

Why not just stream the video/photos in real-time to a satellite (encrypted of course) and not even worry about losing your data if the plane crashes? I imagine that's what the Predator drones do.

Re:First question: (2, Insightful)

bwd (936324) | more than 8 years ago | (#15555153)

I would imagine that the plane was recording enormous amounts of data, both video and otherwise. Streaming all of that to a satellite in real time would not be practical. I'm sure that those large spyplanes were recording significantly more data than a predator drone.

Re:First question: (0, Troll)

tacocat (527354) | more than 8 years ago | (#15555144)

Given a multi-billion dollar defense budget, how long do you think it will take to find that 4096 key and decrupt all the hard drives? Maybe a day. Sorry, you are the one that a frickin no-brainer.

Re:First question: (0)

Anonymous Coward | more than 8 years ago | (#15555194)

have a look at this http://www.keylength.com/index.php [keylength.com]

and please stop spreading fud

Re:First question: (3, Insightful)

SagSaw (219314) | more than 8 years ago | (#15555056)

Why wasn't the content of the harddrive encrypted?

Encrypting the harddrive (which it may have been) simply changes the problem from one where you need to destroy the unencrypted information quickly and compleatly to one where you need to destroy the encryption key quickly and compleatly. Destroying the key may or may not be any easier that destroying the data depending on how it is stored. Also, even if the data is encrypted and the key compleatly destroyed, you probably still want do destroy the encrypted data. After all: How sure are you that your enemy hasn't found a way to break your encryption or somehow obtained a copy of the key?

Re:First question: (1)

Tanktalus (794810) | more than 8 years ago | (#15555177)

I wonder - if the key were two-part, would that help? One part being the 4096-bit key mandated by the XO of the airfield in question, and thus backed up at the air base (and changed daily using some real random data source), and the other part being some phrase chosen by someone in a completely different role - say the the maintenance personnel who last dealt with the aircraft? Might make the info on the disk a bit more difficult to retrieve should the RAM key be lost but the disk recovered. Compromising both keys at the same time for the same aircraft would be incredibly unlikely. Especially if the rules are that the maintenance person is not allowed to tell anyone the key - even his/her commanding officer - without the harddrive in his/her possession.

Of course, with my luck, some moron will choose the disk's serial number as their key...

Wrong word? (1)

JorDan Clock (664877) | more than 8 years ago | (#15554936)

...stuffed with personably-identifiable data are legion...


I think the word that should be there is legend. Or am I just unaware of another definition of legion?

Re:Wrong word? (3, Informative)

Tavor (845700) | more than 8 years ago | (#15554944)

"Definitions of legion on the Web: * host: archaic terms for army * association of ex-servicemen; "the American Legion" * a large military unit; "the French Foreign Legion" * horde: a vast multitude" via Google's "define" search

Re:Wrong word? (0, Redundant)

SillyWilly (692755) | more than 8 years ago | (#15554960)

Yes you are unware.

According to the OED:

"A vast host or multitude (of persons or things): freq. of angels or spirits, with reminiscence of Matt. xxvi. 53."

Or see definition 3 here: http://dictionary.reference.com/search?q=legion [reference.com]

It's really simple... (5, Funny)

Anonymous Coward | more than 8 years ago | (#15554949)

Just use Maxtor harddisk drives, those things destroy themselves all the time!

As an aside (0)

Anonymous Coward | more than 8 years ago | (#15554955)

I've often wondered why the standard is to rewrite over the drive several times. Is dd if=/dev/zero of=/dev/hda unacceptable? Does it leave traces of data?

Re:As an aside (1)

RobertLTux (260313) | more than 8 years ago | (#15555019)

the best way to explain this is imagine a circular race track and a car with paint writer do a 70 laps and see how many times you ran a lap exactly the same way. get in a plane and take a picture of the track. i would bet that you have at least 12 different sets of tracks.

If you have access to a clean room and an electron microscope you can in fact see the same effect with a hard drive
a single run of dd i=/dev/random o=/dev/hda count=bignum will not have enough wiggle to remove the data (the run might be a couple of mils to the left of the data or right of the data)

the answer to the whole thermite might not get it is to use more thermite (maybe thermite the hd cage?)

Why not use flash memory? (4, Insightful)

Richard_J_N (631241) | more than 8 years ago | (#15554958)

Wouldn't it be easier to use a flash memory chip? It's unlikely that more than a few GB would be needed. And destroying a flash chip is much easier.
Or, just encrypt the data with the key in RAM. (Linux can already do this with swap - it's completely transparent to the user, and the key only lasts as long as the system remains running).

Re:Why not use flash memory? (1)

yincrash (854885) | more than 8 years ago | (#15555080)

the amount of data a spy plane generates is probably more than a few GB per flight.

What a crock... (5, Interesting)

Anonymous Coward | more than 8 years ago | (#15554965)

The Chinese eventually gained access to U.S. military secrets.

What a crock of crap. That and the rest of the story.

I worked in the military long enough to know that they would have encrypted sensitive data as a requirement (destroy or erase a security token, in the use of a combined token/passphrase crypto system and the data is safe) and that the military already use storage devices which can be erased in seconds with a function specifically built just for that.

This story sounds like it is just trying to inject some life into the stock price of some crap company that provides too little, too late.

Re:What a crock... (0)

Anonymous Coward | more than 8 years ago | (#15555027)

Perhaps the Chinese already cracked your top-secret encryption algorithms? Like they already did with MD5 and SHA-1?

Re:What a crock... (3, Insightful)

LWATCDR (28044) | more than 8 years ago | (#15555071)

You forgot that the plane wasn't over China but was in international airspace when it got hit by the Chinese jet. You got to love the Chinese claim that a 1950's turbo-prop airliner managed to ram a supersonic jet fighter.
Those guys are a laugh riot.

Re:What a crock... (1, Interesting)

Anonymous Coward | more than 8 years ago | (#15555095)

because the US have the most immaculate record when it comes to respecting foreign airspace. Francis Gary Powers anyone?

Re:What a crock... (0)

Anonymous Coward | more than 8 years ago | (#15555163)

because the US have the most immaculate record when it comes to respecting foreign airspace. Francis Gary Powers anyone?


Unless they were on a ferret mission (which the type of aircraft and crew indicates they probably weren't) it's pretty much part of the game to send intelligence gathering assets up and down the borders just outside of legally restricted airspace of likely enemies. The Russians did this all the time with trawlers bristling with antennas.

The bottom line is, the Mig pilot was a fucking retard and followed orders a bit too vigorously when control told him to intimidate our aircraft.

The game is still afoot. We all spy on each other. Such is life.

RAM (1)

mattyrobinson69 (751521) | more than 8 years ago | (#15554968)

why not store the entire filesystem on RAM with a battery, in a tmpfs. when you want to wipe it, put a thousand volts through it for a couple of seconds, then cut power?

Re:RAM (1)

011011 (894467) | more than 8 years ago | (#15554985)

It would still need to be bootable after a complete power outage. A flashROM might be a better option for this, but you still have problems of possible data fragment after "erasing."

Re:RAM (1)

mattyrobinson69 (751521) | more than 8 years ago | (#15555005)

For maintaining the data in ram, a battery would suffice for a long time, if not, get a bigger battery.

Re:RAM (1)

011011 (894467) | more than 8 years ago | (#15555073)

You forget. This is the military we are talking about here. They want it to work. Redundancy is good. But it must be able to be destroyed in case of emergency. Batteries wouldn't be considered redundant enough because they may be drained.

Actually, you make a good point but volatile memory is considered just that: Volatile. Therefore it cannot be a trusted storage method. It may also be harder to protect against EMP..

Re:RAM (1)

ArbitraryConstant (763964) | more than 8 years ago | (#15555000)

"why not store the entire filesystem on RAM with a battery, in a tmpfs. when you want to wipe it, put a thousand volts through it for a couple of seconds, then cut power?"

RAM has the same problem. If a bit has been set a particular way for a long time, it will have detectable effects afterwards. It's not enough for your computer to be able to suspend to RAM without power to maintain the memory, but a forensics lab would have better luck recovering the data.

Too fragile, too complicated (1)

Opportunist (166417) | more than 8 years ago | (#15555001)

War planes are supposed to fly in ... well, war. And in war, people shoot at you. Now, if you happen to live in an area where brownouts happen, you know what even a minimal power outage does to your system. The data on the HD, however, stays ok. So, during a stress situation where power fails for a moment, the plane system may be shot, but it can notice this and reboot to a stable state (this is done by MAGNITUDES faster than on your Windows box, btw). This is not an option if the system itself is stored in volatile memory. One power outage and the whole electric on the plane is dead.

Also, it's often time consuming to prepare the flight plan for a plane from scratch. Often, it is much easier to take the old plan and alter it, give it new coordinates and parameters. Also, you could not "prep and set" a plane before flight, you'd have to do it just as the plane is about to take off, or you have to keep the system up and running and supervised all the time from programming to takeoff. This is often not really doable.

I can see flash ram, which has other problems (with stability and reliability most of all), but volatile ram is definitly out.

Fluff (2)

Sosarian (39969) | more than 8 years ago | (#15554971)

If this isn't a fluff piece I don't know what is.

"We developed a 125 rare earth magnetic eraser with self contained power source"

Interesting, but adding in this US spy plane angle has got to be simply PR.

Re:Fluff (1)

platypuszero (825061) | more than 8 years ago | (#15555142)

And not only that, but isn't carrying a very large magnet on board an aircraft a bad idea? I know most navigation equipment is GPS based nowadays but isn't there a backup analog compass that would go haywire around this thing no matter how shielded it is? This may not be an issue on unmanned aircrafts, but it just seem practical on manned aircrafts. Just my two cents...

Drill+Thermite? (1)

Junta (36770) | more than 8 years ago | (#15554972)

I know by itself thermite and similar methods have difficulty penetrating the outer case reliably, but I would think drill+thermite injection to fill the internal cavity of the system would be effective..

Combined with an encryption scheme I would think it virtually impossilbe to recover data if you can reduce the platters to slag reliably..

Re:Drill+Thermite? (2, Interesting)

Oggust (526634) | more than 8 years ago | (#15555140)

I know by itself thermite and similar methods have difficulty penetrating the outer case reliably, but I would think drill+thermite injection to fill the internal cavity of the system would be effective..

Takes too long to drill the disks and insert the thermite, while your spy plane is spiralling down.

And anyway, if the themite didn't fully destroy the disks [chalmers.se] , you weren't using enough [chalmers.se] of it. See? [chalmers.se]


/August.

Erasing, not Voodoo (5, Interesting)

Psionicist (561330) | more than 8 years ago | (#15554978)

I would like to take the oppertunity here to debunk a very common myth regarding hard drive erasure.

You DO NOT have to overwrite a file 35 times to be "safe". This number originates from a misunderstanding of a paper [auckland.ac.nz] about secure file erasure, written by Gutmann.

The 35 patterns/passes in the table in the paper are for all different hard disk encodings used in the 90:s. A single drive only use one type of encoding, so the extra passes for another encoding has no effect at all. The 35 passes are maybe useful for drives where the encoding is unknown though.

For new 2000-era drives, simply overwriting with random bytes is sufficient.

Here's an epilogue by Gutmann for the original paper:

Epilogue In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.

Looking at this from the other point of view, with the ever-increasing data density on disk platters and a corresponding reduction in feature size and use of exotic techniques to record data on the medium, it's unlikely that anything can be recovered from any recent drive except perhaps one or two levels via basic error-cancelling techniques. In particular the the drives in use at the time that this paper was originally written have mostly fallen out of use, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 80GB of other erased traces are close to zero.

Re:Erasing, not Voodoo (2, Insightful)

ArbitraryConstant (763964) | more than 8 years ago | (#15555037)

If data can be recovered after fewer wipes, the people capable of recovering it certainly wouldn't advertise the fact. Extra passes are cheap, the costs of someone recovering data might not be.

Of course, the bad sectors that get transparently reallocated leave dead sectors that can probably be recovered and would not be wiped with stock firmware, so it's academic anyway. If you can't take that risk, you have to turn the media inside the drive into molten slag. There's no other way.

Re:Erasing, not Voodoo (1)

imsabbel (611519) | more than 8 years ago | (#15555082)

Not to mention that the whole "residuum magnetism" that may actually have existed in 90s HDs isnt simply possible anymore with todays track density. Any kind of remnand from the last state would be well under the paramangetic limit and completely replaced by thermal noise.

Re:Erasing, not Voodoo (3, Interesting)

asuffield (111848) | more than 8 years ago | (#15555154)

For new 2000-era drives, simply overwriting with random bytes is sufficient.

That's not what the text you quoted said, nor is it correct. It's true that overwriting 35 times doesn't accomplish anything more, though. The quote said:

For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do.


For new 2000-era drives, simply overwriting with random bytes is the best you can do [from software / without breaking the drive]. That's because the firmware makes it almost impossible to 'securely' erase data from the drives, so you just can't do any better. It's nowhere near 'sufficient'; in fact it's almost useless against any modern hardware analysis. (The best you can do, if you don't want to keep the drive, is to heat the platters until they melt; that is guaranteed to destroy the data, but almost everything else isn't).

The other important part of the quote is:

Conversely, with modern high-density drives, even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 80GB of other erased traces are close to zero.


This is true, but more commonly you've got several Gb of sensitive data, and the 'enemy' manages to recover some percentage of it. There are companies who do this stuff on the open market - you send them your drive, pay a figure on the order of several thousand dollars, and a while later they send you back most of your data. Their customers tend to be law enforcement, divorce lawyers, private detectives, and companies who are big enough to afford it but not big enough to have a proper backup system in place for their laptop hard drives. They don't need to recover 100% of the porn that has been in your browser cache, just a few pages from some of the sites.

Re:Erasing, not Voodoo (1)

bwd (936324) | more than 8 years ago | (#15555167)

That's because the firmware makes it almost impossible to 'securely' erase data from the drives

How so? As far as I know, the only limitation that modern firmware places on securely erasing data is smart buffering. i.e. the firmware sees 10 writes to the same sectors in the buffer and chooses to only write the last one to save time. Although that is a problem, modern erasing software ensures that all X amount of specified writes actually get written.

Re:Erasing, not Voodoo (2, Funny)

jhines (82154) | more than 8 years ago | (#15555174)

If I'm getting paid by the hour, 35 passes is fine by me, and I will watch every single one of them to make sure it really ran. Can't cut corners when it counts.

Great... (1)

WML MUNSON (895262) | more than 8 years ago | (#15554980)

...but the prototype is 125lbs and uses materials I don't have access to.

I don't care about a device like this until I can get my hands on one or make one without having to break into a hospital to steal parts.

I did find the bit about the spy plane interesting though.

Hammer (1)

Crashmarik (635988) | more than 8 years ago | (#15555124)

This is especially usefull for drives using glass platters.

DMCA! (5, Funny)

fluch (126140) | more than 8 years ago | (#15554983)

Seal the HD with a sticker that says reading the content of this HD is prohibited by the Digital Millennium Copyright Act. That will show them! :)

Easy solution (5, Funny)

JanneM (7445) | more than 8 years ago | (#15554988)

If thermite doesn't do a good job, go one better and make the platters out of thermite. Make the motor axle out of magnesium, add a fuse and you're set.

If the burning is a problem, just make the platters from cheddar cheese, and add a mouse in a cage adjacent to the drive. Open the hatch, and problem is solved.

Actually... (1)

Robot Randy (982296) | more than 8 years ago | (#15555078)

It would be better to make the platters out of peanut butter. Mice don't like cheese as much as you think.

Flamebait, but someone had to do it (0)

Anonymous Coward | more than 8 years ago | (#15555010)

Load an unpatched copy of XP to it, then hook it straight to a T3 line.

Re:Flamebait, but someone had to do it (1)

Z80a (971949) | more than 8 years ago | (#15555091)

this will not knock out the processor before it can even touch the HD?

Harddrives in an airplane? (1, Funny)

reklusband (862215) | more than 8 years ago | (#15555020)

Aren't they specialized drives anyways? Couldn't they just get the company that makes these drives add an internal shredder+heat source? Like a mini car compacter that then puts voltage through the whole thing. Hell you could probably do it so it if the wrong encryption key is entered, the drive self destructs. Alternate solution. Put the drives in a raid. Throw one of the drives OUT OF THE AIRPLANE. Destroy the other.

Not really new (2, Interesting)

Dolphinzilla (199489) | more than 8 years ago | (#15555033)

Both M-Systems and Memtech have solid state disk drives that implement NSA and NISPOM approved methods for secure hard drive erase - and they can erase the entire drive in under a minute -

Re:Not really new (1)

TechForensics (944258) | more than 8 years ago | (#15555191)

I'll say. I used a handheld, AC-powered electromagnet to bulk-erase tapes back in 1963. It created a pulsating magnetic field that would literally rattle a steel garbage can if you were dumb enough to try it. (I was.) When I finally got to erasing my reel of audio tape, it did such a good job the tape would never record again.

Other Georgia Tech innovations (5, Funny)

dpbsmith (263124) | more than 8 years ago | (#15555036)

And in further news, Georgia Tech scientists have designed a printer with an integral shredder that shreds all output continuously as it is printed.

They have also designed a novel camera which, instead of a digital CCD array, uses a tough, thin strip of polyester polymer coated with a chemical, light-sensitive substrate. Intended for spy applications, if caught the captured images can be destroyed in seconds simply by opening the back of the camera.

What about encryption? (1)

JensR (12975) | more than 8 years ago | (#15555057)

Store the data on the disk encrypted and the key in RAM. In case of emergency erase the chip and the data becomes worthless. I wouldn't trust a system that has to operate or where the pilot has to be conscious.
But if you're on a spy plane, wouldn't you have the enemies military secrets?

Zeros written to drive (0)

Anonymous Coward | more than 8 years ago | (#15555062)

This is slightly offtopic, but I'm at a loss as for what to do. About 8 months ago I wrote zeros in one pass to an 80gb WD drive using the Western Digital Data Lifeguard tools. After trying numerous software programs, and a local "recovery" center (mom and pop operation), I have set the drive in my closet to remain untouched until I can find some way to recover the data, and afford that recovery. Reading http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html [auckland.ac.nz] gave me some hope that this is quite possible.

Does anyone know a recovery center that can do this (anywhere, I am willing to mail the drive)? How much can I expect to pay for something like this? Is there any software out there that could potentially help me?

Please let me know if there's a better forum or place to ask this question. Thanks!

Forget the secret information (2, Interesting)

sk999 (846068) | more than 8 years ago | (#15555066)

the researchers designed a neodymium iron-boron magnet with special pole pieces made of esoteric cobalt alloys.
Sounds like the magnet may be worth more than the secret information it is supposed to protect.

Re:Forget the secret information (0)

Anonymous Coward | more than 8 years ago | (#15555090)

still cant beat my method of smashing a harddrive with an 8 pound hammer until it is in pieces and the platter is warped and dented beyond any recovery, cheap but effective.

bullets will render a harddrive unreadable too :)

Wiping disks... (2, Informative)

Gordonjcp (186804) | more than 8 years ago | (#15555072)

... by overwriting twice with random data will destroy any data beyond recovery. You can't use special things to read residual magnetic data off the platters, unless you're habitually using 25-year-old hard disks. Modern drives use very complicated modulation schemes, unlike old MFM drives.

Just get crappy self destructing hard drives (2, Funny)

MrP- (45616) | more than 8 years ago | (#15555074)

Like this one [elitemrp.net] from my work last week.

(nothing important was on it though)

Simpler solution (0)

Anonymous Coward | more than 8 years ago | (#15555075)

1: Drill hole in HDD case
2: Pack HDD with C4
3: insert and ignite fuse
4: drop HDD from plane by any means possible, preferably over an ocean
5: watch things explode
6: profit.

Quick delete for disk (0)

Anonymous Coward | more than 8 years ago | (#15555076)

Use symmetric key encryption to encode all the data on the disk. In a few redundant locations on the disk store the key and have the disk driver use these to decode and encode data written to the disk. When you want to quickly "erase" all the data on the disk, overwrite the keys n-times with the random data to make all the data on the disk unreadable.

Violation of Chinese airspace (0, Troll)

Anonymous Coward | more than 8 years ago | (#15555083)


What the **** is the US government doing violating Chinese airspace without permission or clearance?

This is an act of war.

Those pilots should be tried as war criminals and summarily shot for being party to start an international conflict.

Compromosing NO FLY ZONES was the same excuse the US gave for invading Bagdad. I think the Chinese should take Los Angeles and San Fransisco... its sitting right there on the coast, just ripe and ready for the taking. Half of them practically built it in the old western times, it belongs to them. Or give it back to the Indians.

Re:Violation of Chinese airspace (1)

Z80a (971949) | more than 8 years ago | (#15555179)

yep yep,we know XD,this is why we re all creating better methods to erase the hard drive for the chinese :3

THiS IS GOaTSEX (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#15555086)

its 83aders and [goat.cx]

Good sram based key storage. (1)

stonefoz (901011) | more than 8 years ago | (#15555092)

Carry around a HugeAssMagnet? just let me pull that out of my back pocket....
Ok, the best idea is to assume that the harddrive will be recovered if anything left is found, so I encrypt the harddrive. Now where do I put the key? I'm not typeing in some huge pass just cause my server has to reboot. Dynamic ram can be recovers by examining the oxide layer even after the power is pulled, flash of course stays for a long time, and I can't find anywhere that sells an sram key storage device that can be zerolized. If there isn't such a device that can be reasonabley hooked up to the computer... if not anyone have an idea for a microcontroler that has enough computing power to use public key crypto, amtel only sells their secret squirl stuff to well, i guess it's a secret. I know that the tpm module in future systems is suposed to fix all of this, but the master key is wonkey and comes with stuff already on it from factory. (read as big brother) I'm sure that any sized fpga could to wonders, but that's beyond me to figure out, I was planing a mostly copy-n-paste app in c for some micro cause crypto isn't secure till it's stood up to years worth of atemted atacks. I'd be more that happy to place such and experiment in the public, excluding (hate to admit USA exports).

In recent survay, Jack Danials beats Gramernatzies, at 3 to 2 odds.

HDKP Anybody? (1)

Friar_MJK (814134) | more than 8 years ago | (#15555096)

Does anybody remember Munga Bunga's Hard Drive Killer Pro? It supposedly would wipe a drive in seconds to an unrecoverable state. http://www.hackology.com/programs/hdkp/ginfo.shtml [hackology.com] Perfect for when the FBI or other law enforcement agency comes knocking at your door.

DRM (3, Funny)

elgee (308600) | more than 8 years ago | (#15555098)

Now the RIAA/MPAA/FUD are going to demand that such a device be put into every possible digital recording device.

Attempt to copy a protected product and BAM, your hard drive is toast.

its pretty simple (1)

Z80a (971949) | more than 8 years ago | (#15555118)

use a final fantasy cart to store the data,and then DON`T hold reset while turning the power off :3

Why bother? (1)

RealGrouchy (943109) | more than 8 years ago | (#15555121)

The point of doing this is this would be so the "enemy" can't find out what you know about them.

But if you erase all your data, then they'll know how much data you have: nothing.

It's like a catch-22.

(:P)

- RG>

Re:Why bother? (0)

Anonymous Coward | more than 8 years ago | (#15555129)

the hard drives would have more than just the reconnisance for that mission, it is likely that they'd be holding other military information

Random? (1)

MindStalker (22827) | more than 8 years ago | (#15555138)

They used a magnetic force microscope to map even the smallest magnetic domains on the surface of an erased disk drive to ensure that the patterns found there were completely random.

So after they passed the test drive through a very strong magnetic field the data was random? Wouldn't it be in a pattern to match the field??

How do you read a thermited platter? (4, Interesting)

vadim_t (324782) | more than 8 years ago | (#15555165)

Now, even assuming there's something remaining after thermite, how do you get it out of a molten platter? The head hovers at nanometers from the disk's surface. A bent disk with a huge hole through it will just instantly wreck any head trying to read it. Is it even technically possible to restore the platter to a condition where you can even try to read anything from it?

Besides, shouldn't all the data vanish due to the reaction bringing the surface above the Curie temperature?

There are other ways to wipe the hard drives... (0, Flamebait)

8cr885 (983252) | more than 8 years ago | (#15555166)

Well, none of us will be able to afford this. Regarding the Chinese incident: That plane should have never been allowed by our gov't to land on a Chinese base, even if it meant it was shot down and started a war. Bush & co. will never stand up to anyone who poses even a minor threat. I can't believe Bush got off so easily on this MAJOR incident.

Sounds fishy to me (4, Insightful)

gweihir (88907) | more than 8 years ago | (#15555178)

Degaussers are nothing new. But there is no need to use them. Encryption does the trick as well. Just erase the key securely and you are done. If the device that the disk is installed in does not support encryption, then develop a module that sits between disk and device and encrypt on that. Attach a switch that triggers key erasure.

There is a second problem with degaussers: You have to physically remove the disks from their housing. That may take more than minutes.

And there is a third problem with degaussers: You have to very carefully check they work with each device they are to be used on. For example, older degaussers do fine for older disks, but are completely useless for modern ones.

And a 4th problem: Degaussers do not work at all for solid-state disks. Since they are not that uncommon in military application and actually may look the same, that seems to be a serious problem. One that encryption does not have.

I see one advantage for the permanent-magnet solution in military application: It works without power. But if you use the encryption-in-the-cable approach I described above, you can keep the key in a battery-buffered memory chip and erase that securely using the power of the battery (not quite as simple as it sounds, but it is possible to do). All in all, this mainly seems to be a scheme to sell the military something expensive.
 

I've got a near-flawless erasure method. (1)

Khyber (864651) | more than 8 years ago | (#15555183)

Go buy a nice 3" diameter 1" thick n50 Neodymium-boron magnet. Condiering it's strong enough to attract steel pots and pans from ten to twenty feet away, just setting one of these bad boys on a hard drive will almost 100% efectively wipe it the fuck out, not to mention most likely fuck up the heads on the drive, making it totally useless.

Why not just use strong encryption? (1)

Mostly a lurker (634878) | more than 8 years ago | (#15555192)

If the data on the HDD was encryptyed using appropriate algorythms and a strong enough key, then the data would be safe without the need to erase it. Depending on the operating system used, and presence or absence of a swap file, there may be a few details to resolve, but nothing insoluble. It would be possible to create an encryption system that relies on a time sensitive key transmitted from a base station (using some kind of challenge response method) and easily disabled from the base station when necessary.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...