# Destroying a hardrive

## alexis101

Ok,

My boss come to me with a strange request ... in case of emergency he wants the hardrives of our servers to "self destruct" even if they are in use. We have very sensitive data on these hard drive and in case of an emergency( like buglars) we need to be sure that nobody go away with our data. I search the internet for solution but the only solution i found its booting with a floppy drive and things like that ... But i need to be abble to activate the destruction  :Twisted Evil:  remotely (By phone with asterisk). 

I dont know if anyone can point me to any software or code that will burn the hard drive!

----------

## occ

Even IF you were able to run a program, to say, 'erase' the data, it would not be enough.

See:

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

If the data on your disk must not be read by unauthorized party under any circumstances, your only choice, AFAIK is to have use an encrypted filesystem.

see

http://www.sdc.org/~leila/usb-dongle/readme.html

http://www.gentoo.org/proj/en/hardened/disk-cryptography.xml

http://fedoranews.org/alex/tutorial/crypto/

----------

## ToeiRei

My 'self-destruct' setup here:

* USB Stick with Certificates

* encrypted system

* Root-Plug

The system is only bootable with the USB Stick which can easily be destroyed...

You might want to have a look at sys-fs/cryptsetup-luks

Rei

----------

## alexis101

Thanks for these solution , Encrypted system sounds interesting ... Ill look into it ... But the fact is I am more looking into something that will destruct the drive itself not only the data ... 

And Rei you boot from the usb stick but once the system is up can you remove it And do you have any links for me about this setup?

----------

## GenYetiToo

 *alexis101 wrote:*   

> Thanks for these solution , Encrypted system sounds interesting ... Ill look into it ... But the fact is I am more looking into something that will destruct the drive itself not only the data ...

 

Get a remote switchable power supply. Connect that to the 12V part of the drive. If you 'fire' that remotely (eg. with a web-browser), you'll at least fry the electronics of the drives (but not the data!).

M.

----------

## Rikai

Basically, short of an enormous, moving, permanent magnet you're going to have a hard time completely wiping the drive. Even encasing the thing in thermite and setting it off may not do it.

There was an article on slashdot a little while ago about it. That might give you more information, or at least a place to start looking.

----------

## Aurisor

Basically, the only reliable way to destroy the data on a hard drive is using a magnet.  Simply sending too much voltage to the drive will just burn out the controller and leave the data intact, and any software solution is going to take a long-ass time to work properly.  Unless you can be sure that the drive will be unattended, running, and connected to the internet after the theft, it's nearly impossible to do this reliably.  Anyways, here are a few ideas...

1) Don't bother with trying to destroy the data....write something that silently "calls home" and just go find the person instead.

2) Minimize the amount of data.  You could create an encrypted volume on your disk of say 200 megs and store all of the important data in there.  Then have some program run "shred" on just that part of the disk.  I'd imagine that could probably wipe the data before anyone notices.  Of course, there is still the issue of getting in contact with the computer....if you can connect to the stolen laptop, why not just get the IP and do some detective work?

3) Hardware solution.  As far as I know, wrapping live, short-circuited hard drive is the easiest way to TRULY erase a drive.  You just take a heavy-gague extension cord, strip off one of the plugs, connect that end, and then connect the other plug to the wall.  I've heard of l33tsauce hackers having these on all of their hard drives connected to a switched outlet that's always off.  If they ever get busted, they just have to make sure they flip the light switch on the way out and they're clean.  Of course, I'm not sure how you'd connect something like this to a laptop, since the power supply lowers the voltage before it even gets to the laptop.  If you guys have the resources, perhaps you could make a custom power supply with a cell phone in it....when the cell phone activates, it switches the full voltage through a special wire which wraps around the laptop's hard drive.  Only problem is, this may be beyond what you guys are capable of doing.

Anyways, although I don't think this is a very practical project, it is neat to think about it.

----------

## alexis101

First , The data are not on laptop but on server.

 *Quote:*   

> 
> 
> 2) Minimize the amount of data. You could create an encrypted volume on your disk of say 200 megs and store all of the important data in there. Then have some program run "shred" on just that part of the disk. I'd imagine that could probably wipe the data before anyone notices. Of course, there is still the issue of getting in contact with the computer....if you can connect to the stolen laptop, why not just get the IP and do some detective work? 
> 
> 

 

I cant minimize the data since the sencitive data is all the data about our custumers employes .... 

And about the issue of getting in contact with the computer, the solution im looking for must start while the computer is still in place . The buglar have to go true a lot of security level before he can get to the server room. Our place its a bit like fort knox!! And i got a sms message on my cell phone if anyone get in the building while the system is armed. 

So i was looking into something i could call the asterisk server and than activate a hard drive destruction program. But it looks like this does not exist. So I guess i look into encription.

About the power supply with a cell phone in it its quite interesting ... But i think it would be easier with a pager .

I think i will try to talk to my boss about encrypted file system.  But is there anyway to encrypt our data after the installation of gentoo. The links occ gave me are all about making a new installation.

----------

## Aurisor

Well, there are hard drive destruction programs, shred.  Just run shred /dev/hda and it'll just start overwriting random patterns on all of your data.  It won't stop the FBI, but petty thieves most likely won't have the resources to recover the data.

As far as I know, encrypting a drive requires a reformat.  There's probably a way to do it on the fly, but honestly I would just copy my data somewhere else, reformat, and then copy it back....you need a backup anyways.

And just an unwarranted two cents....I don't know what kind of business you're in, so I may just be talking out of my ass here, but...

Honestly, most data loss happens because of absolutely colossal stupidity, rather than actual assaults against planned defenses.....you know, downloading sensitive data on public computers, using "ADMIN" for a password, accidentally leaving laptops in public places, redacting data in pdfs by drawing black boxes over them, etc etc.   IMO most of the time spent designing james bond gadgets to protect your armored data center against ninjas would be better spent elsewhere.  It's the proverbial locked door and open window....

Anyways, just my two cents, take it as you will.

----------

## bluedevils

an old workplace had degussers for erasing tapes, but it also completely destroyed the hard drive physically and the data itself.

Buy one of those and connect it to a remotely controlled power strip.

----------

## xPAGANx

The only safe way to protect your data is through encryption.  Once you start trying to implement ways of actually harming your own data you put a risk there.  What if something funky happens and that process launches?  What if you make a slight logic error?  If you want to implement anything of that sort you would need a serious testing environment.  If you pick a strong encryption, that data is as good as gone without the key.

----------

## occ

based on the description, we can assume that the 'bad guy' is after the data. Indeed if he only cared about the hardware he would not go after this particular one: there are millions of computers more easely accesible. (if you are after a dolly, you don't try to break into fort knox)

If he is after the data, and if you assume that he is not stupid, he will do his homework and lear how to break-in without trigerring the 'silent' alarm, or at least do it in a way that make you wonder if it's for 'real' long enough so he can get to it before you decide to push the nuke button.

With an encrypted FS, the guy would not be able to unplug the computer. he would have to steal the computer AND the UPS that goes with it (I assume that your computer has an UPS). While still doeable, that present unique logistical challenge: UPS are heavy and cumbersome... now the bad guy need to be a full team with heavy equipment... and the timing is quite critical.

If you still want you nuke button, all you need to do is to remotely turn off the power of your machine. The good news is that in case of false alarm, you can recover with minimal disruption. once you filesystem has been unmounted (the hard way : power failure), as it has been said before, the disk's data is just as good as junk without the password.

Of course, now you have the problem to protect yourself agains social engineering effort to gain access to the password. On the other hand, you already have this problem today, since a smart 'bad guy' would certainly try to access the data that way than physically breaking in.

Another thing to consider. Maybe the bad guy intention is just to cause disruption. If you rig you computer to self destruct at the first intrusion alarm, a disgrunted employee could certainly make that happen, without actually being even near the site. (how-to, depend on the type of alarm(s) you have, but there is alwys a way to make it trigger)

----------

## alexis101

 *Quote:*   

> 
> 
> Another thing to consider. Maybe the bad guy intention is just to cause disruption. If you rig you computer to self destruct at the first intrusion alarm, a disgrunted employee could certainly make that happen, without actually being even near the site. (how-to, depend on the type of alarm(s) you have, but there is alwys a way to make it trigger)
> 
> 

 

Well we do have a good security camera setup so we will know if its an employe or a real threat.

Anyway like i said before i will go with Encription. Never played with that before and i will have to rebuild 4 gentoo servers ... Long week-ends in front of me! I already know about the shred thing but since I work in a buisness that the data is really sensitive (Its a financial thing so we do have a lot of personnal information on custumers) only erasing data wont be enought. I dont really care about FBI cause i live in Canada and im not sure if RCMP (Royal Canadian Mounted Police) agents know what a hard drive is   :Razz:  We are more concern about people who came exactely for the data.

----------

## jackieTHEjokeman

I've heard from a guy who's brother in law works for the NSA that they can recover data off of any hard drive. It doesn't matter how many times it was erased or even if the hard drive was thrown out the window! They can piece the platters together. The only solution:

THROW IT IN HOT MOLTEN LAVA!!!

----------

## thehailo

Despite the nature of the post above, he is right. The NSA and any other large Government or well funded private organization can purchase the right equipment to read data that's been overwritten at least seven times, and newer technology is pushing it into the low double digit area. That's why overwriting data 8-12 times has always been recommended. Even then, your best bet by far is still to drop the James Bond crap of remotely detonating the hard disk and use encryption. It's cheaper, easier, better proven, and less likely to go off by accident and screw yourself.

Besides using military style measures (thermite grenades) you're not going to achieve complete destruction with any measure of reliability, meaning something will be left, and if that something contains unencrypted data, you're still hosed.

----------

