Slashdot Mirror
Self-Wiping Hard Drives From Toshiba
Orome1 writes "Toshiba announced a family of self-encrypting hard disk drives engineered to automatically invalidate protected data when connected to an unknown host. Data invalidation attributes can be set for multiple data ranges, enabling targeted data in the drive to be rendered indecipherable by command, on power cycle, or on host authentication error."
...is going to love these.
Nothing at all, except a motherboard failure now means you lost all your data.
"I use a Mac because I'm just better than you are."
TrueCrypt is great in most circumstances. But if you need (for example) FIPS140-2 compliance, you' need something more.
This one is way cooler.
It actually releases acid into the hard-drive platters:
http://www.deadondemand.com/products/enhancedhdd
If they've implemented this properly then you could send a remote command wirelessly that would wipe the hard-drive.
I'm pretty sure this is a forensic investigators nightmare...
No you haven't. Your data is still there. Just don't be doing anything foolish like trying to access it.
I can only imagine how many IT support types will accidentally wipe these things. How sad and hilarious this will be!
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Nothing like having a ticking time bomb built right into your hardware. The first time some cosmic ray flips some bit that the drive queries to determine which host its attached to you lose all of your data. Nice. Hope you remembered your backups.
I read the internet for the articles.
For storage in devices like printers, etc., where there might be a large amount of storage to facilitate print queuing, etc., I can see how something like this coul be useful. For instance, one of the options on these devices is to self-wipe on power cycle. For companies worried about security, this might be worthwhile in their printers, where the storage itself might be for the purpose of convenience, but they would rather be safe than sorry, and data destruction is of ultimately no consequence because the source for that data is found elsewhere. That way, they can dispose of their printers in relative peace of mind, because if someone powers on the printer to see what it has on it, then poof, no more data. Or even do the "unknown host" thing, and then all you have to do is make it clear to IT that you don't want the valid host (the printer) to survive the disposal process, so if they want to play with some baseball bats in a field to the point of smashing the drive controller... then that's fine with corporate.
Finally, Write-Only Memory becomes mainstream.
As someone who recently say a big raid array failing spectacularly and taking data with it because of a firmware bug on the disks themselves, can say that nothing will go wrong. This has success written all over it.
Hey, I liked DOS.
"If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
Self wiping drives - I had a few of those YEARS ago. They had the added feature that when they were erasing themselves,they alerted the user via a loud screeching sound.
[Insert pithy quote here]
What a ... blog. Yeah. Just go to toshiba.com and read the press release from the source, instead of the cut and pasted partial version at the ... blog:
http://sdd.toshiba.com/techdocs/MKxx61GSYG_release.pdf
They claim it uses AES256.. How do you know its not some kind of simple XOR? Probably their exotic "crypto erasure scheme" which they don't discuss is simply deleting the AES256 key. Where would you store the key? How about in the partition table? How long until there's a patch to linux fdisk to read the key, or at least not overwrite it when partitioning, and then how long until someone uses a loopback crypto file system support until linux to read a drive assuming you previously know the AES256 key?
Also, those drives are small. The last time I bought a 160 GB drive was in the mid 00s. Wouldn't it be hilarious if the low capacity was because everything is stored twice, once "encrypted" for the (l)user and once unencrypted for government special access "only"?
This is just all speculation on top of speculation, yet it all seems strangely likely.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
These drives are intended for embedded application like copy machines and medical equipment. That equipment now has major security holes once it is disposed of. NOT intended for PCs or data center use. HOWEVER, for secure laptops -- they are ideal. If the laptop gets stolen, now, it is trivial to circumvent OS-enforced security and get to the data. In an environment were data backup is handled by the corporate system, if the laptop fails or is lost or the user forgets his password, you ABSOLUTELY want the data in that machine gone forever. Legitimate users of the data will get it, through the proper channels, from corporate backup.
I will create a sig when innovation restarts in the U.S.
Laptop theft is at an all time low. In unrelated news, kidnappings are on the rise.
A bad blocks scan at the weekend showed my year-old Toshiba hard drive has invalidated at least a hundred sectors so far.
You had multiple disk corruption due to a common firmware bug on the drives themselves? That seems like its going to be pretty damn rare.
Happens all the time because most RAID builders buy all their drives in one order from the same vendor. Heck they probably have sequential serial numbers. If there is a bug, they're going to totally lose that array because it'll hit all the drives.
Let me guess, about a year ago or a bit more, he bought a set of Maxstor 541DX, Fireball 3, or DiamondMax Plus 8, the defect lists slowly started filling up, one drive finally failed outright, then during the restore/rebuild process multiple drives also failed because their defect lists filled up during the restoration, then the drive firmware literally crashed on the next boot leaving you with nothing at all but a set of paperweights that don't even show up in the BIOS list? Mmmm, just guessing?
Always better off buying RAID drives from different vendors at different times, if you can.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
Self wiping drives, what could possibly go wrong? But it should also be noted that Western Digital has been making self wiping drives for years, although they are not as selective or precise about when they wipe your data.
I'm an American. I love this country and the freedoms that we used to have.
So steal/confiscate the whole machine. The only thing this does is it makes legitimate data recovery harder and may even cause unintended data loss. This is not how to do it. Amateur-crypto at best.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Or different but better protections. For instance, a drive like this might be in a remote office in China, whereas the backup (or the source of the data) is in some secure location in your home country.
Damn Small Linux (a boot & eject distro) booted from read only media, save your shit to an external truecrypt USB drive (hidden offsite)!
I killed da wabbit -Elmer Fudd
TrueCrypt is FIPS140-2 compliant, it just isn't certified as such. No one has yet volunteered to pay for it and it would be a recurring expense for every released version. Such a thing is generally unreasonable for an open source project unless it is sponsored by an interested third party.
It is much the same situation as the Single UNIX Specification (http://en.wikipedia.org/wiki/Single_UNIX_Specification). There are only a few OSes that can call themselves certified UNIX, but there are hundreds if not thousands of open source projects that qualify. The problems are funding and release cycles, not compliance.
The US simply does not manufacture items like hard drives. I am certain that law enforcement as well as government good squads in many nations will not tolerate any form of personal security including a self wiping drive. So when it comes to back doors and over rides it may well be governments other than our own that can peek into these drives at will. And I doe believe that any software or hardware that is effective in securing ones' data will usually be from a source either infiltrated or owned by government agencies.
I'm not so sure how much I would like to protest the situation as I understand that covert electronic modes have already been effective for our forces in war actions.
I absolutely concur. However, when the government won't give you an ATO unless the product is certified, you've got no choice.
This raises the bar in terms of effort required to safely capture the data. If the system is effective then the drive electronics have to be bypassed. That is, either transplant new control electronics into the drive frame or transplant the platters. Clearly beyond the means of the average thief and raises the cost/effort level for law enforcement. That is unless Toshiba provides a "Law Enforcement SDK".
OTOH, the sword cuts two ways: not only does the drive provide protection from unauthorized access, it also puts the data under constant risk. Any data on the drive has a veritable Damocle's sword hanging over it. The possibility of accidentally triggering the destruct mode seems very real. Think about some of the false positive issues with that used to occur with Windows licensing where a minor system change made Windows think it was on a new installation. Happened to me several times and put me on the phone to Microsoft. ie: I added ram once, going from a single 512M to 2x1G and my activation cancelled; another time I upgraded the video card. Innocent but triggered the software detector.
Reminds me of Dr. Strangelove for some reason. I have an image of Slim Pickins riding my Toshiba disk into a mushroom cloud of destruction. Sorry, off topic. Damn OCD ;->