A New Technique to Quickly Erase Hard Drives

RockDoctor writes "Stories about 'wiped' hard drives appearing on eBay (and other channels) and being stuffed with personably-identifiable data are legion; rarer are spy planes having to land on enemy territory, but it happened in 2001 to a US spy plane over an un-declared enemy (China, and that's a topic in itself). Dark Reading reports the development of a technique to securely wipe a hard drive in seconds, and which is safe for flying. (The safe for flying criterion rules out things like fun with packing the drives in thermite. Also thermiting the drives may not erase the platters to the standard required, which is moderately interesting itself."

First question:

[fluch]

Why wasn't the content of the harddrive encrypted?

Re:First question:

[SagSaw]

Why wasn't the content of the harddrive encrypted?

Encrypting the harddrive (which it may have been) simply changes the problem from one where you need to destroy the unencrypted information quickly and compleatly to one where you need to destroy the encryption key quickly and compleatly. Destroying the key may or may not be any easier that destroying the data depending on how it is stored. Also, even if the data is encrypted and the key compleatly destroyed, you probably still want do destroy the encrypted data. After all: How sure are you that your enemy hasn't found a way to break your encryption or somehow obtained a copy of the key?

Re:First question:

[gweihir]

It probably was. Encryption can be broken. Always. Doesn't matter how strong.

Heard often, that is an urban myth and nonsense. There is proven secure encryption that is impossible to break, unless the assumption that you can generate secure (i.e. random) keys and some other very simple ones are wrong. ElGamal has this property. Even for less secure ciphers, the statement is untrue. Sure, a single cipher may have weaknesses that may allow a break with high (and often prohibitive) effort. Just use two different ciphers with independen keys and the problem becomes exponentially more difficult since you now need to find a joint vulnerability.

Of course there is a lot of bad encryption on the market, like home-brewed, not peer-reviewed ciphers. Ciphers are also often used in an insecure way, see, e.g., the very good ECB example here: Wikipedia

But the basic problem can be solved. There is just a lot of ignorance.

Re:First question:

[dhasenan]

At the present level of computing technology, the expression "billions of years" pales in comparison to the length of time required to brute force a 4096-bit key.

Given Moore's law, and assuming it holds beyond physical limits, the expression "billions of years" accurately describes the length of time required to brute force a 4096-bit key.

Given the possibility of quantum computing, the only thing you can do is use one-time pads for all your needs, provided you need these things to stay secret for more than the 50-100 years required to develop quantum codebreaking systems.

Now, that solution is quite feasible, but time-consuming. Here's how you'd do it:
1. Have a secure [D]RNG fill a hard drive to capacity. Copy that to the plane's hard drive.
2. Have a filesystem that writes raw data to the disk--you only want one file containing all data that's collected, and that should be append-only.
3. Instead of simply writing data, XOR the block you're writing with the one that's currently on disk.
4. Once you're back on base, another XOR gets your information back.

Why not use flash memory?

[Richard_J_N]

Wouldn't it be easier to use a flash memory chip? It's unlikely that more than a few GB would be needed. And destroying a flash chip is much easier.
Or, just encrypt the data with the key in RAM. (Linux can already do this with swap - it's completely transparent to the user, and the key only lasts as long as the system remains running).

the product is stupid

[r00t]

Normally the hard drives just go into a grinder or furnace. Sure, that won't suit an airplane, but neither will a bulky magnetic device that weighs 125 pounds per hard drive. (can't just have one because the drive has to slide right in)

The obvious solution: encrypt everything that hits the disk, keep the key in RAM, and overwrite the key when needed.

I'd worry the most about antenna shapes and sizes and various analog circuitry.

Re:What a crock...

[LWATCDR]

You forgot that the plane wasn't over China but was in international airspace when it got hit by the Chinese jet. You got to love the Chinese claim that a 1950's turbo-prop airliner managed to ram a supersonic jet fighter.
Those guys are a laugh riot.

Re:Joe does it

That is mostly urban legend. There is a theoretical possibility that overwritten data could be reconstructed, even several layers "deep", but in practice there is no commercially available service capable of that stunt. If you know of one, name it (with references that they can do it). If they could do it, they would have to have technology available which could instantly multiply the space on these platters. It's not just a matter of having a reader with twice as good a SNR as a standard RW head. The writing harddisk doesn't just add signal, it also adds noise. The SNR on the platter will be barely good enough to read the signal of the last write. Otherwise the harddisk manufacturer could have made a bigger harddisk at the same price. The economics of the situation make recovering a previous write unlikely. The real problem with deletion by overwriting data is that it is really slow. It takes hours per disk.

Instead of worrying about residual magnetism which can at best be detected by government agencies with extreme funding, people should simply never write unencrypted confidential information anywhere. This also protects you in cases where you didn't schedule the removal of a harddisk, i.e. theft.

Re:Joe does it

Threat is combination of assets and risks. The amount of risk is often a funtion of the value, or percieved value, of the assets, but that generality is proved invalid when bored kids are involved, or the attack is particularly simple.

In term of data on hard disk, there are three circumstances. First, a person may not protect the asset, i.e. not erase the hard disk, and a bored kid then rummages throughthe harddisk. Second, a user may not understand what erase means. There was a time when erase simpley meant change a bit in the file table and mark the space as free. Unerase was then simply a matter of resetting that bit, and then seeing what data as left. Again, the bored kid would unerase and rummage. This has gotten better with the two stage trash can/erase, but can stil be a problem. Both of these are simply solved by a hard disk wipe, as the bored kid will not spend hours with a hard disk, especially when the asset is of no value.

If the asset is of value, all bets are off, and the third case is in effect. If the data is of value, or is incriminating, then the scenario of the parent takes effect. Risk is increased not only because exposure has personal consequences, but there is a specific attacker looking for specific things. In the case of the story, the specific attackers has significant resources to throw at the problem. This was not some bored kid or some local PD on a fishing expedition. Therefore any shortcut trick that did not destroy the integrity of all the data would be insufficient. The attacker has at lesat the resources of the defender. This is the same problem with missle defense. Defense is much more difficult because it must defend against all threats.

So the permamanent magnet seems effective and elegent. It does not require the vaguaries of matching a wipe with specific recording formats. It restores the suface to baseline radomness, perhaps for real. Even normal destruction is often insuffiecent. I once heard a story where to destroy a secret paper one had to burn it, crush the asses, blend it in water, dye it, and who knows what else.

Sounds fishy to me

[gweihir]

Degaussers are nothing new. But there is no need to use them. Encryption does the trick as well. Just erase the key securely and you are done. If the device that the disk is installed in does not support encryption, then develop a module that sits between disk and device and encrypt on that. Attach a switch that triggers key erasure.

There is a second problem with degaussers: You have to physically remove the disks from their housing. That may take more than minutes.

And there is a third problem with degaussers: You have to very carefully check they work with each device they are to be used on. For example, older degaussers do fine for older disks, but are completely useless for modern ones.

And a 4th problem: Degaussers do not work at all for solid-state disks. Since they are not that uncommon in military application and actually may look the same, that seems to be a serious problem. One that encryption does not have.

I see one advantage for the permanent-magnet solution in military application: It works without power. But if you use the encryption-in-the-cable approach I described above, you can keep the key in a battery-buffered memory chip and erase that securely using the power of the battery (not quite as simple as it sounds, but it is possible to do). All in all, this mainly seems to be a scheme to sell the military something expensive.

China??

[nephridium]

rarer are spy planes having to land on enemy territory, but it happened in 2001 to a US spy plane over an un-declared enemy (China, and that's a topic in itself)

What's with all this hate mongering against China? Why was this totally OT snippet even up there anyway? To keep us reminded that there are "bad guys" out there and when we think about harddisks we also should be completely aware that we should be afraid, very afraid of an "undeclared" enemy?

China may have different attitudes and morals standards than the US, but they are doing many things right as well; more than western media tends to portray (e.g. according to the CIA world factbook China has a lower percentage of citizens suffering from poverty than the richest country in the world (namely the US)). I don't want to whitewash anything, but reading things like "undeclared enemy" in a tech article on an international website just pisses me off.

China is not an enemy

[linuxrocks123]

> ...undeclared enemy (which is China, and that's a topic in itself).

China is not an enemy. We buy a ton of stuff from them. They buy a ton of stuff from us. Our businesses have offices there. Our colleges have exchange programs with them.

Yeah, our diplomatic relations are a little bit strained over things like Taiwan, but we're nowhere near going to war with them. If you're a troll, shame on you. In any case, shame on the Slashdot editors for choosing this ignorant or trolling person's story.

Re:What a crock...

[LWATCDR]

Umm... And your point is?
Yes Francis Gary Powers over flew the Soviet Union and was shot down. Never said he didn't
The EP-3 was in international airspace and was rammed by a Chinese fighter.
How is one anything like the other?
BTW according to international law it is illegal to shoot down an aircraft just from intruding into your airspace. There has to be a clear threat involved. Every attempt has to be made to contact the aircraft and to escort the aircraft to a landing field. There is an entire protocol worked out.
Russia did have at least a marginal case that the U-2 was a threat since it was so far in it's airspace and overflying military sites.

Re:RISK of quantum computing taking off

[stoborrobots]

in the real world the data you send does not has many possible outcomes and many of those very few are legitimate. If you try 600 times and you get the text:

oyioa2dsi5fuso
nbvsouydgfvs4f
attack at dawn
90s8 asd0shdks ... etc

I think it's pretty clear which is the correct messae

The way that one-time-pads work, if "attack at dawn" is a possible result, then so are:

attack at dusk
eat more veges
Where's Waldo?
hoist the sail
What you say!!
Zerowing Rules
Do you get it?
search google.
Cryptonomicon.
This is ending
Game is ending
Fire is ending
Heat is ending
What is ending
Iraq is ending
USAF is ending
It isnt ending

Now, which one was the correct decryption?

The reason a one-time-pad is "completely unbreakable", even resisting brute-force cracking, is that every possible string of length X is a valid decryption result for some key. So without knowing the "correct" key, it is impossible to recover any part of the plaintext. The four character ciphertext "sjrw" could decrypt to any of the following strings, even if you found my working paper and were able to deduce that the first two letters were "go":

golf, gods, gore, gold, gone, gout, goal, goad, goat, gosh, goog, go.., go??

No plaintext has higher probability than any other of being correct...