RunCore Introduces Self-Destructable SSD

jones_supa writes "RunCore announces the global launch of its InVincible solid state drive, designed for mission-critical fields such as aerospace or military. The device improves upon a normal SSD by having two strategies for the drive to quickly render itself blank. First method goes through the disk, overwriting all data with garbage. Second one is less discreet and lets the smoke out of the circuitry by driving overcurrent to the NAND chips. Both ways can be ignited with a single push of a button, allowing James Bond -style rapid response to the situation on the field."

Old News

[Anne_Nonymous]

Western Digital has had self-destructing drives for years.

Re:Old News

[Aranykai]

I think you are forgetting the infamous Hitachi DeskStar...

Re:Old News

[houstonbofh]

Western Digital has had self-destructing drives for years.

No, they just fail. The data is usually still they if you have the resources. The hard part is running dban on a failed hard drive.

Re:Old News

[hcs_$reboot]

That reminds me of a double WD hard drives failure within a week, the main HD and its backup (this happened in a cloudless life). Amazing, they're even synchronized...

Re:Old News

[Norwell+Bob]

Western Digital has had self-destructing drives for years.

No, they just fail. The data is usually still they if you have the resources. The hard part is running dban on a failed hard drive.

You're that guy at the party who ruins a good joke with 'facts', aren't you?

In any event, assuming you've got the resources, rather than running DBAN on a failed disk, you put a few holes in it with a drill press and fill it with epoxy.

OR, use a bulk tape eraser/degaussing wand on it for a little bit.

Re:Old News

Try "G-BAN": http://us.glock.com/products/model/g37gen4

Re:Old News

[wulfmans]

It's DeathStar get it right !

Re:Old News

[houstonbofh]

You didn't include the "Export HD failure" flag in your rsync command did you? Newbie mistake...

Re:Old News

[linear+a]

And how, we're having a 30-40 % failure rate on Western Digital drives after 1 year.

Re:Old News

[heypete]

Western Digital has had self-destructing drives for years.

Nice.

Interestingly enough, Western Digital is the only brand of drives I've had a repeatedly good experience with. Maxtor sucked. Seagates sucked for a while. Hitachi sucked. Not sure about Samsung, having never used them. I've only had one WD drive (out of about two dozen) fail inside the warranty period (and that was due to my fault causing a hardware problem; WD still replaced it with no questions asked). The others just keep trucking along.

I guess the old adage "your mileage may vary" still applies.

Re:Old News

[Joce640k]

I guess the old adage "your mileage may vary" still applies.

I think it's more of a selective reinforcement thing.

Everybody seems to have a brand they're sure fails more than any other so they reinforce their beliefs based on subconscious selection of anecdote.

Me? I prefer WD, too - Velociraptors for performance and 'green' for mass-storage. I don't know if they're any better than other brands but I've got quite a few and never had a problem. The only disks I've owned that actually died on me before they became obsolete were Hitachi and Toshiba.

Re:Old News

[markatto]

IIRC the "DeathStar" moniker came about back when IBM still owned the brand, before Hitachi bought it.

Re:Old News

[Idbar]

Here I was thinking that was the technology Seagate bought from Maxtor.

Re:Old News

[AngryDeuce]

Same here. That's why I've always had a hard time swallowing the whole "Western Digital drives are crap" meme. If I had to choose a brand as a "crap", it would be Maxtor...I literally had a 0% survival rate beyond 3 years with one of their drives.

Western Digital drives, on the other hand, I've had nothing but good results with. My dad is still using both a 7.9 GB and a 13.1 GB Western Digital drive he bought pre-2000 in his Windows 98SE legacy machine (which I think only recognized up to 32 GB drives or something), and I've got a handful of working, but too small to be practical, WD drives in my workbench in the garage as we speak...just haven't decided what the hell I want to do with them, as there isn't much use for sub-100 GB hard drives these days obviously.

I honestly know it's all anecdotal, and opinions are like assholes, but honestly the only place I've ever heard Western Digital being considered shitty is here on /..

Re:Old News

[hairyfeet]

And if you want one today the Seagate 1Tb and 1.5Tb will happily kill itself and your data! For extra super duper security it will do so at a random time so it even gives you plausible deniability! What a company, so thoughtful.

Re:Old News

[hairyfeet]

Shame you never used 'em because Samsung drives ROCK! I have put Samsung drives in construction trailers and shop floors, places where a Seagate or WD wouldn't survive the month and the Samsungs would just keep on purring. Their EcoDrives would often score damned close to the Seagate 7200RPM in my real world tests while being almost 40 degrees cooler. Hell I liked 'em so much when Tiger had the big sale right before the flood I changed out all my drives for Samsung 1Tb and 2Tb models, truly rock solid drives.

And I'm sorry but at least in my experience if you buy Seagates over 640Gb they SUUUUUUCK! The failure rates on their 1Tb and 1.5Tb drives are just nuts. Check out Newegg or tiger and you'll see wall to wall complaints where builders bought those by the dozen and had those fail within 6 months to a year. I bet this is why a lot of the tiger kits now carry the Seagate 500gb instead of the 1Tb they used to have. Now I can't confirm this but the rumor going round is that they have been using shitty Maxtor ARM controllers they got during the buyout and that along with shitty firmware is causing the drives to crap all over themselves. All I know is I had to RMA a bunch of the 1Tb and 1.5Tb drives and frankly ended up relegating them to externals because I wouldn't trust them in new builds.

As for TFA while this is certainly cool tech I bet it'll be expensive as all hell. Anything like this is usually sold to the military where insane markups are king, kinda like how those hardware encrypted flash drives were insanely priced or had teeny tiny sizes compared to the regular drives. Its just a shame this will be crazy priced as it sounds like something that would be great for stolen laptops, just have it toast the drive if they input the wrong password too many times.

Re:Old News

[Joce640k]

the only place I've ever heard Western Digital being considered shitty is here on /..

Me too. I think drives like the Velociraptor show they're tech leaders who know a thing or two about making hard disks. I don't see any other brands making disks that come close.

Re:Old News

That reminds me of a double WD hard drives failure within a week, the main HD and its backup (this happened in a cloudless life). Amazing, they're even synchronized...

This is totally f@#$ standard. There are two drives bought at the same shop at the same time. Do you think the manufacturers specially made sure to mix them all in with drives from different places? They aren't even just the same batch. They have probably been produced within seconds of each other.

What do you think happens when a drive fails? Some capacitor has been made with the wrong chemicals; some piece of metal has impurities. Some bit was screwed too tight and is weakening the rest of the structure. It's not deliberate; it's may not even be outside normal manufacturer's specifications, but it's the thing which ends up as the weakest link in your drive. The drives made just before have the same metal; the same capacitors and have been put together by the same machine which is reaching the point where it needs calibration. They are all going to fail at the same time.

At the point where the first drive fails, the second one suddenly gets more load (e.g. double the number of reads; up to N-1 times the number of reads if it's part of a RAID array before you even take into account that some idiot normally rebuilds the array before backing it up). It's extremely close to failing as it is. Rebuilding is likely to drive it over the edge and kill the array.

Don't talk to me about the idiots at HP, IBM and every other bloody server manufacturer who put a series of ten identical drives with consecutive serial numbers in their RAID arrays and then sell it as ...

For more start here; and this also seems worth reading

Re:Old News

[plover]

I think it was Steven Wright who asked "If one synchronized swimmer drowns, do they all have to drown?"

Re:Old News

[AmiMoJo]

In anticipation of this article my Adata SSD died last week. It is the second SSD I have had fail, the first being an Intel model which ran out of spare blocks and started corrupting data. I was able to save my data. The Adata one just stopped responding completely, all data lost, had to go to a week old backup.

SSDs are supposed to be more robust, but two out of three I have owned have failed. Touch wood but I have owned a lot of HDDs over the years and the failure rate has been much lower. Small sample size, I know.

Re:Old News

[sjames]

All hard drives suck! The last time I used $(BRAND) drives, they lost my data so hard the stone tablet in my garden shattered!

Re:Old News

[LordLimecat]

Or if you feel like being more secure and spending less time on it, get a torx screw driver, open it up, remove the platters, and play frisbee with them for a bit until they shatter.

Re:Old News

[Norwell+Bob]

I would have to guess that electromagnetically wreaking havoc on the disk with a tape eraser or degausser would be a lot quicker than physically disassembling the disk... the platters aren't going to "shatter" anyway.

Re:Old News

[RockDoctor]

SSDs are supposed to be more robust, but two out of three I have owned have failed.

But you've not been testing for "robustness", you've been testing for longliveity - which is a different thing.

If you'd mounted your SSD on one side of a shaking plate with peak accelerations of (say) 50g, and mounted a conventional hard drive on the other side of the plate, then the SSD would probably have outlived the hard drive.

OTOH, if you've kept up-time records for your machine and you can demonstrate that the observed MTBF (Mean Time Before Failure) for your SSDs is lower than that for your hard drives, then you've got statistics, not anecdotes. Which is a whole other story. And grounds for demanding refund with menaces.

(I can't say that I've felt the temptation to get a SSD. I don't see a need for the potential speed. And I've seen enough situations where we've spent a million dollars trying to acquire some data to find that the tool's internal data storage has failed and we've got no data. That's with high-spec SSDs in 200g environments at 140+ degC temperatures and thousands of kg/m^2 confining pressure environments. But it doesn't make the waste of money, brains and time feel any better.)

Re:Old News

[arglebargle_xiv]

Western Digital has had self-destructing drives for years.

There's also Intel's 320 series and its notorious Bad Context 13x Error, which destroys all data on your drive at arbitrary moments. After first claiming they'd fixed it, Intel then went on to just ignore the problem. So they beat RunCore to the market by at least a year, and unlike RunCore the Intel drives don't even require you to push a button in order to destroy all data on them.

Rebranding

[TWX]

...lets the smoke out of the circuitry by driving overcurrent to the NAND chips.

Quality Engineer: "Sir! This entire batch, tens of thousands of units! If we put them into normal conditions they'll blow with overcurrent!"

Senior VP: "Oh hell, what are we going to do? The board'll have our asses!"

Marketing: "I have an idea! We'll market these as self-destructable chips!"

Senior VP: "BRILLIANT!"

Perfect for Children's Toys

[Dareth]

Perfect for Children's Toys
Make sure you connect the second "let the magic smoke out" method to a big red button with label that say, "DO NOT PUSH!"

Re:Perfect for Children's Toys

[n5vb]

Make sure you connect the second "let the magic smoke out" method to a big red button with label that say, "DO NOT PUSH!"

I've been wanting this on computers for years. I'd also like for the last thing the computer does before it completely dies to be playing a recording of someone saying, "Told you not to push it!"

Re:Perfect for Children's Toys

[mcavic]

playing a recording

10... 9... 8... 6...
Six? What happened to seven??
Just kidding!

Re:Perfect for Children's Toys

[Maximum+Prophet]

Even better. Put a big red button on your computer, with a lighted sign above it. "Push to Test". When the button it pressed, the lighted sign changes to "Release to Detonate"

Re:Perfect for Children's Toys

[chill]

Hmmm...I guess you never used SPARCstations from Sun. The power button for the system was the upper-right key on the keyboard (Type 5).

I've seen them replaced with red keycaps as well as entire rooms of systems with them physically removed.

Re:Perfect for Children's Toys

[DarwinSurvivor]

Mine will sing "Daisy Bell" and a logarithmically slower pace.

Re:Perfect for Children's Toys

[AlienIntelligence]

Mine will sing "Daisy Bell" and a logarithmically slower pace.

Too many kids out there to get that one. Well played though.

-AI

These should be banned

After all, they are excellent tools for padeophiles and terrorists. Amirite?

Re:These should be banned

[Anrego]

In a weird way, they kinda actually are. More specifically, using them. Far as I know, using such a device when suspected of either crime would fall under destruction of property / interfering with investigation laws.

Re:These should be banned

[pentalive]

Did you mean "destruction of evidence"?

Re:These should be banned

[Joce640k]

Also for Corporations, lawyers and other paper shredders

(who do far more harm than the terrorists and pedophiles).

Re:These should be banned

[fuzzyfuzzyfungus]

After all, they are excellent tools for padeophiles and terrorists. Amirite?

I suspect that it depends how much other evidence they have. Nuking the only copy of something vital might well save you from conviction on more serious charges, at the cost of some sort of obstruction of justice/destruction of evidence charge. If they already have corroborating evidence from other sources, though, the DA will probably just smirk and add another charge, complete with trivially available evidence that makes you look guilty as hell.

"Yes, your honor. We detected child pornography downloads from the IP that the defendant's ISP had assigned to his residence at the time. When we arrived to execute a search warrant, the defendant dove toward his computer and destroyed its hard drive...."

Re:These should be banned

[AngryDeuce]

Goddamn right. A terrorist or pedophile only has a few methods at his disposal to fuck us, but lawyers and corporations spend billions finding new and clever ways to collectively fuck us without us even knowing it every single day.

Re:These should be banned

[Anrego]

yes, yes I did :(

Re:These should be banned

[Khashishi]

Perhaps a better option than a button to nuke the drive is a button to replace the contents with something relatively innocuous and mundane.

Re:These should be banned

[Anrego]

It's actually an interesting thought exercise to come up with a setup that would:

a) allow you every day access to your data in a practical way
b) allow you to get rid of the data, leaving no trace that it was there

Modern software leaves bits of information everywhere. Lock files, history files, logs, cache, etc..

If you re-image your disk to do an emergency destruction, the new image is probably going to be fairly obvious. Huge gaps in all system logs, and an old version of firefox with the last history entry from some time 4 years back? Yeah, this is what was on here 10 minutes ago! If you use that approach, you'd have to keep your "emergency image" in a state where it looks used. And that's not accounting for the fact that re-imaging a drive isn't exactly a quick process.

The other option of course is hidden volumes. But that then strays into the practicality side of it. How do you use something on a regular basis yet leave no trace of it on your system.

Ultimately I think it's a moot point. As has been said, they usually have a pile of evidence on people anyway.. at best you arn't giving them even more, at worst, you are making yourself look really damn guilty[tm]. It's just one of those things that's interesting to contemplate.

Re:These should be banned

[networkBoy]

A VM with delta disk.
you have your base image, along with a couple programs pre-installed.
turn on delting and save all your [sensitive] data to the delta disk. When time to update programs or work on mundane stuff turn off deltaing. if you need to make the sensitive stuff go away write over the delta file with random data.

Plausible, makes things look current. If they ask about the delta file, it must have gotten corrupted. What did your team do to my machine?

This is actually trivially easy in Win7 pro as long as you're OK with the hidden machine being Windows XP.
-nB

Re:These should be banned

[Anrego]

Maybe I don't quite get how deltaing works, but:

You do your evil stuff with it enabled
Disable it and do some more stuff (changing the "real" image)
When you re-enable delta-ing .. does it merge the images or something? I would assume when when you disable delta-ing, your changes are either merged down to the real image or lost. Or does it let you keep almost like an "overlay" that can be applied even after the base image has been changed?

Re:These should be banned

[networkBoy]

yes.

That's the danger of it.
if there are conflicts your delta image will supersede the base image*, on Win XP this can lead to interesting behavior when the page file appears corrupted. Registry and pagefile will be your biggest challenges, but it really is manageable.
-nB

*when you unload the delta these conflicts disappear as they are wholly contained in the delta image.

Re:These should be banned

[splutty]

Sorry. I can't resist. But most likely a pedophile wouldn't be very interested in fucking you.

The rest however are valid points :)

long distance deleting

[DomHawken]

I'd like a remotely deletable version of this for when I leave important government secrets on the train.

Re:long distance deleting

[DarwinSurvivor]

Just put your encryption keys on an IronKey drive and call it a day. Why destroy a perfectly good SSD when you can just render the contents unreadable?

Mission Impossible Style

[Shamanin]

Brilliant, disposable (very expensive) hardware! Your mission Dan, is to ... this disk will self-destruct in five seconds.

Encryption

[AlexTrustworthy]

Considering the (mostly) invincible state of good encryption, this seems unnecessary. Sure, it is a fun idea, but not a practical one.

Re:Encryption

[houstonbofh]

Considering the (mostly) invincible state of good encryption, this seems unnecessary. Sure, it is a fun idea, but not a practical one.

No encryption is invincible. Especially 5 years from now... Computing power has advanced to the point where you can just brute force "invincible encryption" from a few years back...

Re:Encryption

[TWX]

Flaws in existing encryption techniques are found from time to time. Theoretical computer power doubles every eighteen months. Home computer owners sign up for distributed computing processing projects without really knowing what they're processing, essentially trusting the project leaders to use their computer power altruistically.

I'm sure that there are other possible vectors of attack that can break "unbreakable" encryption. Obviously a lot of information would go obsolete in time, like itineraries, plans that get carried out before encryption is broken, etc, but sometimes that information can be used to fill in pieces of who did something or planned something. Obviously longer-term plans or permanent or semi-permanent installations (like locations of sensitive materials) might still be relevant when encryption is finally broken.

Re:Encryption

[MozeeToby]

Encryption done right is invincible. Encryption is rarely done right. Specifically, the keys are often exposed in ways they shouldn't be.

Re:Encryption

Considering the (mostly) invincible state of good encryption, this seems unnecessary. Sure, it is a fun idea, but not a practical one.

No encryption is invincible. Especially 5 years from now... Computing power has advanced to the point where you can just brute force "invincible encryption" from a few years back...

Really? AES and twofish have been around for more than 5 years, they still can't be brute forced.

Re:Encryption

[MozeeToby]

Considering the (mostly) invincible state of good encryption, this seems unnecessary. Sure, it is a fun idea, but not a practical one.

No encryption is invincible. Especially 5 years from now... Computing power has advanced to the point where you can just brute force "invincible encryption" from a few years back...

Short of massive developments into quantum computing, encryption is invincible for a good deal more than five years; and increasing the key size by any arbitrary factor is trivial. Anyone who is choosing key sizes for sensitive applications without taking into consideration Moore's law is probably making a dozen other mistakes in their security anyway.

Re:Encryption

[pentalive]

Using masses of GPUs instead of the slow cpu to do decryption work?

Re:Encryption

[Joce640k]

No encryption is invincible. Especially 5 years from now... Computing power has advanced to the point where you can just brute force "invincible encryption" from a few years back...

Um, no. Nobody sensible ever thought systems with 40 or 56 bit keys were "invincible".

128 bits? That's a different story. Moore's law isn't going to help with that, it's simply too big.

Re:Encryption

[Joce640k]

128 bit (or bigger) encryption keys aren't going to be brute forced.

It simply isn't - do the math sometime.

Re:Encryption

[HungryHobo]

though 256, just to be sure, is probably a good idea for anything really important long term.

cryptographers do, after all, find ways to reduce the cost of attacking particular encrption methods occasionally.

Re:Encryption

[kiite]

Encryption has a major flaw:
http://xkcd.com/538/

If it's obvious that the drive is toast, then it's the torture that becomes pointless.

Re:Encryption

[hawguy]

If you push the green button (you *did* watch the video, right?) the drive is instantly erased. So... the '$5 wrench technique' of decryption is no longer possible: you can be forced to give your password, yes; but it won't matter, since the drive will be unrecoverably deleted. Who knows when that was done, or even if it *had* been done? Perhaps the drive was new, and you hadn't gotten around to putting anything on it yet?

Doesn't a second, hidden encrypted volume also do this (with the added advantage that you don't actually have to hit the Self-destruct button, you only need to say that you did it)? When the guys with the wrench come, you tell them, "Hey, I already deleted the data - the decryption key is L0lCatzAreCr@zyC00l". Which decrypts an empty partition (or one that's full of your LolCats collection)

(I typed my real passphrase above, but I'm not worried since Slashdot has a filter that automatically masks passwords into "*******************").

Re:Encryption

[fuzzyfuzzyfungus]

Considering the (mostly) invincible state of good encryption, this seems unnecessary. Sure, it is a fun idea, but not a practical one.

I suspect that(aside from simply being relatively cheap to implement, and having some expected sales based on the 'cool' factor alone) the real purpose of any system purporting to substitute for, or complement, disk encryption is to deal with weaknesses unrelated to the cryptographic system itself.

As best we know, contemporary crypto systems with keys of reasonable length are not breakable in any useful sense. However, since humans who can store keys of reasonable length are vanishingly rare, most such systems must weaken themselves by storing a good chunk of the key somewhere where it can be recovered(on the device, with a password/passphrase, embedded in a smartcard/fob that is merely expensive and inconvenient to crack and extract, etc.)

If you just hand somebody an AES blob and tell them to come up with the correct 256 bits for themselves, they are SOL. If somebody's HDD is encrypted such that it can be unlocked with a password it is quite likely that dictionary-aided brute force will be enough. If the key is on a smartcard IC it might not be cheap to pull the key; but they don't produce those things in volume for a few bucks a chip, at most, by using all available security features...

Re:Encryption

[Joce640k]

256, just to be sure...

256-bit AES turned out weaker than 128-bit AES precisely because some bright spark at NIST followed that line of thinking. (cite)

cryptographers do, after all, find ways to reduce the cost of attacking particular encrption methods occasionally.

If a system is truly broken then adding more bits probably won't save you.

Re:Encryption

[doublebackslash]

Considering the (mostly) invincible state of good encryption, this seems unnecessary. Sure, it is a fun idea, but not a practical one.

No encryption is invincible. Especially 5 years from now... Computing power has advanced to the point where you can just brute force "invincible encryption" from a few years back...

A few have pointed out that the keys are too large to brute force. I figure you out to know why that is: http://everything2.com/title/Thermodynamics+limits+on+cryptanalysis

That is a good little write up on the subject. Short, sweet, and easy to follow. It demonstrates that non quantum 256 bit keys are safe from brute force attacks for... ever.

Two wrenches (one esoteric, one practical): Reversable Computation and Quantum Computers.

First the "practical" one, Quantum Computers. The algorithm for searching an unsorted database for a key is Grover's Algorithm. This gives a speed up of O(N1/2) and a space complexity of O(log N). For a 256 bit key this gives a time complexity of 2**128 and a space complexity of 78. Now, that time complexity will kill you. Move to a 512 bit key and we are back to 2**256 time complexity (jsut like in the linked article). The space complexity goes to 155. It might not seem like a big deal, but adding another qbit to a quantum machine isn't trivial. In fact it is properly hard, and gets harder for every extra qbit. also that space complexity is a multiplier, not a count. you need log N * or something along that scale (Big O notation demonstrates the rate of growth as things go to infinity so small problems can be dominated by other factors till they "scale up"). Obviously even quantum computation isn't going to help crack a 256 bit key and a 512 bit key will restore the same level of security even IF they could be built large enough and numerous enough and fast enough for the 256 bit version (LOTS OF IFS and with an easy out. As pointed out increasing an encryption key's size is relatively trivial)

Now for the one that caused me some trouble, Reversable Computing. Fancy way of saying that the computation is reversable with no energy expended after being performed and reversed (actually arbitrarily little energy appraoching zero as closely as you care to come... kinda. Physical devices pose practical problems, but let us se that asside for a moment). This is a theory, and a good one. The problem is that you need to drive through all of the states. Let us assume that a computation takes one plank time on our perfect reversable computer (this is impossible, of course. It would be far higher even with a "perfect" device, but this is a lower bound given to us by nature). You need 1.4 * 10**16 time the current age of the universe (1.979 * 10**26 years) worth of computer time to go through all the states. Average is half that to find the correct key. Now you'll want to parallelize this computer to get to that (wholly impractical) time faster. How many can you build? How large are they? I'll leave it as an exerccise to the reader to determine how many you might be able to construct before they collapsed into a black hole. Also: 1 plank time is a few dozens of orders of magnitude smaller than any computation done with matter can achieve. It takes 4.48*10**20 plank times for a photon to pass an electron (if wolfram alpha is being nice to me, that is). Scale your time to be, say, the same as the time it takes a photon to cross your theoretical perfect reversable computer and then work out how many you need to complete the cracking of the key within a reasonable time. You'll get a black hole or incredible distances beyond the mortal ken.

Conclusion: Brute forcing any appreciably sized cryptographic key (512 bit or greater) will never, ever be possible no matter what happens with technology so long as computers are made of matter and compute in space. Period.
256 bit keys will remain equally unchallenged until we can create and power quantum computers the size of grains of sand trilions at a time.

Take that Moore's law

Re:Encryption

[fuzzyfuzzyfungus]

Using masses of GPUs instead of the slow cpu to do decryption work?

GPUs and FPGAs have, in a number of cases, moved attacks on known-vulnerable systems from 'theoretical; but of great concern' to 'desktop, you don't even need 3-phase 220' faster than other technologies would have; but the cryptographic systems that are actually trusted tend to be of the 'barring fundamental breakthroughs in either mathematics or physics, converting all the mass in the solar system into crypto-chips it would merely shave a few zeros off the expected time...' variety.

Re:Encryption

[JazzLad]

Oblig

Re:Encryption

[jones_supa]

Considering the (mostly) invincible state of good encryption, this seems unnecessary. Sure, it is a fun idea, but not a practical one.

Even for encrypted data this can be added as an extra measure to the user's security toolkit. Maybe there was some problem in the encryption process, or the cipher is found weak, or someone will be able to crack the data in the future with brute force. This gives you the last bit of extra protection, the kind of "nuking it from the orbit is the only way to be sure".

Re:Encryption

[the_B0fh]

Except that AES 256 bit is weaker than AES 128 bit.

http://www.schneier.com/blog/archives/2009/07/another_new_aes.html

Re:Encryption

[the_B0fh]

Have you seen this? AES 256 is weaker than AES 128 bit.

http://www.schneier.com/blog/archives/2009/07/another_new_aes.html

Re:Encryption

[lgw]

Which was sort of the point he was making: the math is more important than the key size now.

Re:Encryption

[AmiMoJo]

There is one other wrench you forgot about. Someone might come up with a cryptanalytic attack that reduces the number of computations required to generate and test keys. That has happened in the past.

Re:Encryption

[Frank+T.+Lofaro+Jr.]

That's what THEY want you to think!

P.S. Maybe you ARE one of THEM!

Re:Encryption

[Frank+T.+Lofaro+Jr.]

They can also exterminate you indirectly by giving you a murderer as a cell mate who, unsurprisingly, kills you.

Someone in the CCDC jail in Las Vegas was stabbed to death by his cellmate with a pencil.

I think the placement with that person may very well have been intentional.

No need for a trial for those that don't cooperate, and even one death sends a POWERFUL message!

Re:Encryption

[networkBoy]

In the case of truecrypt with an AES-Twofish-AES cypher chain for example:
You have little to no chance to analyze the image for clues.
What you can do is brute force the password used to generate the key.
Sadly, most users select a password only (no password + keyfile/dongle) and select only alphanumeric characters with a total length < 10 characters.
That keyspace is very very small.
you could even throw in the oxford dictionary and try all 2,3,4 word combos + common misspellings and still manage the time taken if done correctly and on a big machine farm. This would likely net you the majority of "normal" users encrypted file contents.
Now, those who use TC and such may be more likely to have better password hygiene, but human nature being what it is, I'm not so sure.
-nB

Re:Encryption

[networkBoy]

Who knows when that was done, or even if it *had* been done

I could tell.
My desktop wallpaper is that of a die that has been depackaged. If the die had been damaged due to overcurrent it would leave tell tale evidence on the die its self (cratering, burns, discoloration). Now the interesting thing is, depending on how they apply the overcurrent, it may be *possible* (though very hard) to get some data off the flash chips. If the only part that dies is the comparator logic and block map in the flash chip its self, then with external probing it would still be possible to read the contents of individual flash cells with a SPA. Downside: this would have to be done one cell at a time, manually, and likely require FIBbing additional probe points onto the array and column drivers (which its self could further damage the die).
I think this would be the electromechanical equivalent of brute forcing a crypto key.
-nB

Re:Encryption

[doublebackslash]

=D Yes, yes I was. I meant to do things like read over the comment and check it for grammar and make that point, but lunch was already over. Such is life!

Re:Encryption

[doublebackslash]

No, I'd not seen that. Very interesting. I eat that stuff up. Thanks.

Re:Encryption

[galanom]

You're doing it wrong.
Brute force has to be applied to the password keeper, not the encrypted medium.

Re:Encryption

[sjames]

Sure they can, "Brutus, get the rubber hose while I tie this clown to the chair!".

Re:Encryption

[doublebackslash]

That isn't a key, just the length of rotation.

I didn't forget about the mathematical crptoanalytic attacks, I just want it to be well understood that the length of the key isn't nearly as important as the math behind it.

Crap algorithms, or extremely good attacks against good algorithms are THE arms race, not computing power. That said I'm looking forward to having some algorithms within the next few generatiions that are well beyond our ability to crack. Also even, say, AES with increased rounds tends to break attacks. It is just that a balance between security and speed must be struck.

Self-destruct designed for use on planes?

[robthebloke]

I'm sure the TSA will be perfectly reasonable about people carrying those onto planes....

Re:Self-destruct designed for use on planes?

[MozeeToby]

Yes, we all know the dangerous explosive forces involved in letting the magic smoke out of an IC.

(I'm pretty sure you're joking, but the person who modded you insightful apparently wasn't so...)

Re:Self-destruct designed for use on planes?

[AmiMoJo]

Meh, laptop batteries have offered an easy way to start a fire for years and no-one seems to care.

It's already implemented

[hcs_$reboot]

After a few month of usage, SSD suffer from multiple writes (to same locations) and die. (See this.) Depending on algorithms, the lifespan of a SSD varies.
So it's already here, the difference is that a regular SSD fails randomly... (and you may be able to recover some data)

Re:It's already implemented

[houstonbofh]

After a few month of usage, SSD suffer from multiple writes (to same locations) and die. (See this.) Depending on algorithms, the lifespan of a SSD varies. So it's already here, the difference is that a regular SSD fails randomly... (and you may be able to recover some data)

That was one of the best links I have ever followed on slashdot. If only for the quote, "I use my SSD fully expecting it to fail. Just like I date crazy girls fully expecting them to stab me: Always have that backup plan!"

Beautiful!

Re:It's already implemented

[EdZ]

More like years rather than months unless you're pumping through terabytes of data a day. The point is moot, however: SSDs do not store data continuously like HDDs do: your data can be spread across blocks, across chips, compressed AND encrypted all at the same time. Take out the allocation table, and all that data is now randomly arranged bits. And because erased data on NAND is truly erased*, you just need to wipe that little bit of memory to effectively securely erase the whole SSD. If you wanted to be hilariously over-cautious, keep your allocation table on fast volatile memory.

* This is also true for any HDD in the last decade or two if you run ATA SECURE ERA SE command. All those fancy multi-pass erasers and mechanical destroyers are essentially pointless.

Re:It's already implemented

[jamstar7]

Or, in the words of Microsoft, "That's not a bug, it's a feature!"

Re:It's already implemented

[GodfatherofSoul]

That's interesting. So, are we to assume byte-level granularity on writes and not blocks? Blocks that could be read? Blocks that might contain information like passwords or names of undercover agents?

Re:It's already implemented

[EdZ]

You appear to have fallen to the age-old (or rather, about 15 year old) myth that there is a readable 'echo' of a bit after it has been overwritten. This is false, and has been ever since the magneto-resistive head was introduced (and especially the GMR head around 2000). Even with a magnetic force microscope you're not going to be reading squat other than the current bit value (or rather, the current analogue value that would then have to be processed along with the preceding and following values into what is probably the bit that you wrote). While it may have been true - in the days when a R/W head actually had a little coil of wire in it and capacities were measured in megabytes - that you could throw a few hundred engineers at a platter with a MFM and maybe recover a little bit of coherent data, that is no longer true. The amount of data you'd need to comb through if you could recover it perfectly (which you can't) is so immense that you'd need an army working 24/7 for decades. Even if you knew the precise data you were looking for and it's precise location on the platter, if you wrote a single zero pass over that location no MFM would be able to read anything useful, or the same head that was used in the MHM would be used in HDDs and you;d be back to square one.

The ATA SECURE ERASE command tells the head to write zeroes over the entire surface of the platter. Regular write-random-crap-a-bunch-of-times software such as DBAN fail to erase sectors in the G-list, which could subsequently be recovered (albeit unlikely to contain anything interesting). it won't erase sectors in the factory P-list, but nothing was ever written there in the first place. This is sufficient to make any data that was on the drive totally unrecoverable. Hell, ATA SECURE ERASE is NIST-approved for government and military data destruction at the same level as physical destruction of the platters.

Re:It's already implemented

[EdZ]

The bytes on the NAND itself are encrypted and have not guarantee whatsoever of being contiguous. Even if you have a mythical public-key-breaking quantum computer at your disposal, you'd still need to arrange a few gigabytes of 4kb blocks (pages) into the correct order just to get the ciphertext to start with.

Re:It's already implemented

[Guspaz]

It's even more true on SSDs; the ATA SECURE ERASE command causes them to physically release all the trapped electrons. There's a reason why it's a common last-resort for people who get their SSDs (which don't support TRIM) into a scenario where the garbage collector can't fix performance. The nice thing is that a secure erase on an SSD is virtually instant; the controller can very quickly nuke everything in parallel without the limitations of having to physically move the head over the disk. Last time I did a secure erase on an 160GB SSD, it took about a second.

Of course, SSDs that support encryption sometimes implement secure erase by merely erasing the encryption key, without actually erasing the data...

Re:It's already implemented

[Guspaz]

Not all SSDs encrypt anything.

Re:It's already implemented

[pedrop357]

Does any operating system utilize SECURE ERASE? If your file system just marks the space available when you 'delete' something, what then?

Re:It's already implemented

[Guspaz]

We're talking about two different things. I'm talking about wiping the whole disk (which you tend not to do with the normal OS anyhow), you're talking about deleting files.

If your drive supports TRIM, the space will get securely erased (since the SSD will erase the blocks to speed up writing later), but that's not a guarantee.

Garbage data??

[DWMorse]

So it installs Windows ME on itself? Chilling.

Re:Garbage data??

"Welcome to Hell. How can I make your stay more comfortable."

"I'd like a computer to go check Slashdot."

"Ok, you can use the computer lab right over there."

"WTF! This computer is running Windows ME on a Pentium 1. Wait, so is this one."

"They all use Windows ME."

"NOOOOOOOOOOOOOOOO!"

Re:Garbage data??

[Hentes]

Why the hell do they need to rewrite it anyway? In a flash memory rewriting starts with erasing the whole sector, why not just stop after that?

Re:Garbage data??

[Guspaz]

secure erase on an SSD doesn't write anything. It just erases everything, which has the benefit of being virtually instant.

James Bond?

[Snodgrass]

Don't you mean Ethan Hunt?

[This message will self destruct in 5 seconds]

Re:James Bond?

[Chris+Mattern]

That imposter? Hell no! Jim Phelps or nothing.

HCF operator

[ziggit]

I guess they decided it was time to bring back a system with the halt catch fire operator

Inspector RunCore

[TorrentFox]

This message will self destruct.

InVincible

[Fwipp]

Sounds like their marketing team has been taking naming cues from supervillains lately.
"Sure, it's InVincible... as long as you don't push this shiny red self-destruct button."

Re:InVincible

[Hillgiant]

The one right next to the shiny red make-coffee button?

Virus Attackers will enjoy

[na1led]

Now the Hackers can write a virus that will Wipe and Smoke your hard drive if you refuse to buy their Malware Antivirus Scam!

Why so high tech?

[Lumpy]

A nice 1/8th inch layer of thermite with an igniter over the chips will do just nicely.

Re:Why so high tech?

[Ksevio]

That's a bit more dangerous of a solution and probably would create some issues with shipping the devices.

Where's the TSA headed?

[macraig]

The inevitable progression of the TSA will be that pre-flight pat-downs and strip searches won't be necessary: people will simply be required to travel in the buff. Oh, the poor stewardesses!

Re:Where's the TSA headed?

[damien_kane]

The inevitable progression of the TSA will be that pre-flight pat-downs and strip searches won't be necessary: people will simply be required to turn around at the gate and go home, instead of boarding their flight.

There, FTFY

FAKE Encryption

[wisebabo]

Does anyone offer a product (hardware or software) that rewrites a disk with "fake" encryption?

I mean, how about encrypting worthless or random data, or even better if you know your adversary, misleading data?

(The capabilities of our latest super secret bomber are contained in this document, what the enemy should never find out is that it is incapable of flying above 50,000 ft. So let's hope they never figure out the 4-digit PIN, I mean encryption key "0000".)

If used on something that the enemy thinks is valuable enough, you could really force them to spend lots of time trying to decrypt something. (The White House had no comment today on a report that President Obama lost his personal BlackBerry while at the G-8 summit. It has not been verified if, in fact, the hotel housekepers were Chinese nationals at the Hyatt hotel. However due to the chain being recently acquired by a Chinese military corporation, officials cannot rule out that possibility.)

Wasn't there a Stanislaw Lem book that postulated mankind receiving an indecipherable alien signal? Upon more and more sophisticated analysis, the message "seemed" to hint at deeper and deeper levels of meaning that *just* eluded the investigators. It seemed that they were just projecting their own hopes and fears onto what was really a random signal.

(Oh, I just noticed a previous post that says it installs Windows CE, or other garbage data).

Re:FAKE Encryption

That is a really stupid question. Why wouldn't you just take an off-the-shelf full-disk-encryption product, and fill the volume with whatever misleading data you wanted?

Also, aside from the fact that messing with the kind of agencies you're discussing is very high risk for you in the first place, some countries have laws forcing you to disclose encryption keys. In the event they do believe the lies you're spinning them and you can't actually decrypt whatever "fake" data you've created, you could be locked up for a very long time over nothing. Bet you'd feel clever then!

Re:FAKE Encryption

[wisebabo]

I was kinda hoping for some sort of package that, just like the self-destructing SSDs, would only make available this fake data when the proper key wasn't presented. Up until then it could be used normally (rather than just being a decoy). Of course maybe it would take too long to replace the original data with the phony data...

You do have a good point about that very few INDIVIDUALS would need this, I imagine that their main (only?) customers would be governments wanting to send other governments into wild goose chases. Individuals are, like you said, too prone to be forced legally or otherwise(!) to disclose their encryption keys.

finally

[SebNukem]

I needed that for my self-destruchairs.

Ok, really?

[JamesP]

"First method goes through the disk, overwriting all data with garbage"

That's the WORSE possible way to "self destruct"

Do you know why in flash memory they have to work differently then on a spinning disk?

Erasing blocks takes a lot of time. Exactly because it's erasing a whole block!

Erasing and then overriding seems pointless (even though theoretically you could dissolve the chip in acid and then measure the charges there to see if you can recover traces of data)

The second way seems much more promising.

And by the way, "InVincible"?! Really? It should be the opposite of that!

Re:Ok, really?

[firewrought]

"First method goes through the disk, overwriting all data with garbage"

That's the WORSE possible way to "self destruct"

Not if you want to reuse the disk, e.g., clear off corporate data before donating and writing down old computer equipment.

Also, are we sure that the overcurrent will completely destroy the data on an SSD? I think of the 2001 incident where a U.S. spy plane was forced to land in China and did not have time to destroy all intelligence data in the 15-30 min. before they were forced off the plane at gunpoint. An overwrite followed by overcurrent seems like it'd be the best protection against a 3rd party with the resources needed to physically examine the drive.

Re:Ok, really?

[DigiShaman]

Use glass substrate hard drive platters. Install a pin with a compressed spring. If you need to self-destruct the drive, release the pin and shatter the platters (at 7200 or 10k RPM). Instant maracas!

Re:Ok, really?

[JamesP]

Makes sense if you want to reuse the disk and don't want to use a computer to rewrite it.

I think the overcurrent is not just "to the chip" but may be exactly tied to the erasing process, so you just "fry" (over erase) the memory cells

And that's exactly the point, if you're in a critical situation (like at gunpoint) you don't want to waste time with "overwriting" but should just go to the overcurrent method.

Re:Ok, really?

[Guspaz]

Secure erase on an SSD is nearly instantaneous.Yes, having to erase a block before writing it can limit your IOPS when you have to WAIT for it to be erased, but when you're issuing the erase command in parallel to every NAND chip/block, it takes virtually no time at all (about a second last time I tried). The ideal solution would seem to be a secure erase followed by overvolting. The overwriting part serves no purpose on a NAND-based device.

Re:Ok, really?

[niftymitch]

try a .22 rimfire, more reliable.

A nail gun is less of a threat and has uses around the home.

The DriveInator

[bokmann]

Dr. Doofenschmirtz is head of their R&D Department. Marketing wouldn't let him call it the "Driveinator"

fake video

[Inigo+Montoya]

nice fake video.. photoshopped nand chips. I've never seen a chip destroy itself in that manner, as they've shown.

The chip itself is always in the dead center of the carrier, nand flash is bigger than most chips, but still centered in the carrier package. usually the chips overheat, expand the air in the packaging and blow a single crack or blow the top off. not multiple swirly cracks like they've shown for the oohhh..awwww... effect.

And the silkscreen is distorted and swirled too. That just won't happen and it's a smoking gun. Would you trust your data with a company from China that is obviously faking its advertising in such a despicable way?

Encryption would be more secure

[travellerjohn]

I am sure the last thing you want to rely on in a crisis is someone fumbling with a RAID array full of SSDs. Far better to encrypt the data. Power off the unit, you loose the key and all you have is a random collection of 1 and 0.

Drill press, 1/2 inch twist bit..

[Paracelcus]

Drill several holes through the body of the HDD.

Learn English...

[mj1856]

Doesn't invincible imply that it CAN'T be destroyed? Oh wait, they cased it InVincible, nevermind...

Re:Learn English...

[TheSkepticalOptimist]

Marketing team should be fired. It was designed to be "vincible", it's the primary selling point of the product. But I guess they mean that Vincibility is In the product.

Re:A third way they self-destruct

[hendridm]

I cigarette lighter works pretty well, too.

This device is impossible!

[mcgrew]

Good morning, Mr. Phelps...

TSA owns us

[OrangeTide]

I can't bring too much shampoo on the plane at one time. Something that has magic smoke is probably out of the question.

My Prayers are answered.

[axlr8or]

Finally, a system for data destruction that exceeds the efficiency of oh say a hammer. Or,, fire.

Uh.

[mikkelm]

"..mission-critical fields such as aerospace or military."

What? A mission-critical *field*? Critical to which mission?

The FBI would like ALL SSD drives banned

[grantspassalan]

SSD's are forensically very much harder to deal with. When the computer user erases such a drive, the control data is re-zeroed and the wear leveling controller in the drive starts rearranging data among the various memory chips as soon as the drive is powered up, whether in a computer or otherwise. For this reason forensic data on an SSD drive cannot be relied upon if it can even be recovered at all. The data is randomly spread out among all the chips in the drive, which makes it very hard to reassemble, even if the controller did not immediately start messing it up, as soon as the drive was given a new erase command from the OS.
Here is more information:
http://www.forensicswiki.org/wiki/Solid_State_Drive_(SSD)_Forensics

Bad

[ebvwfbw]

Now spammers as they are being busted don't have to try to destroy the drive anymore or swallow it. Just push a button. They get off scot free. Law enforcement may decide to taze the 'bro first.