A close shave: How to destroy your hard drives without burning down the data centre

Thermite, kinetic shock and power surges tested

DEF CON 23 Four years ago at DEF CON a popular presentation examined how best to destroy hard drives in a data centre within 60 seconds of a three-letter agency knocking at the door. Now, that research has been updated with new techniques.

Security researcher Zoz looked at three core methods for destroying platter and SSD drives – thermal, explosive and electric – within a simulated 1U frame. A successful technique would have to make the drives unreadable, not damage other data centre equipment and not threaten human life.

It turns out that this is surprisingly difficult to achieve.

Thermite was the first test material and Zoz unscrewed a standard Seagate platter drive, filled the inside with a bag containing 15 grams of thermite (stuffed into the side so the drive would still operate) and rigged one of the bus pins as an igniter.

The results were rather poor. While one section of the top platter was significantly damaged, the data on the disk, and the two platters underneath it, could conceivably be read. Placing the thermite on top of the drive was also tried, but the outcome for that method was even worse.

So Zoz and his compatriots tried thermate, which is chemically similar to thermite but adds barium nitrate to increase temperatures. The resulting pyrotechnics were impressive, but again the drives could be cleaned off and potentially read.


Thermate, like thermite, proved a little disappointing

Next up he tried a plasma cutter mounted above the platter. This worked well at burning through the Seagate casing, but once it began cutting the disks the platters froze in place and the cutter just left a hole in one sector of the drive.

He then tried kinetic destruction, using a nail gun powered by the propellant from a .22 bullet. This punched a nail right through the drive and he suggested that these could be positioned above the drive and fire multiple nails to destroy all the platters.

A pneumatic press worked satisfactorily as well, with the added bonus of pressure welding some of the platters together. But Zoz found this solution rather boring and moved on to explosives.

With the help of some advanced chemistry skills, and the support of a friendly local bomb squad, Zoz mixed together a two-part explosive he dubbed FELIX. Then it was a question of working out the most effective means to deploy it.

He opted for a 3D-printed shaped charge. By cutting a cone or groove in the explosive the energy of the blast can be directed and so he printed a cup of explosives over the drive.

shaped charge

It's all down to getting the right shape, apparently

The results were somewhat discouraging: the platters suffered significant damage but weren't totally unreadable. So he built another shaped charge, with six spokes to punch through the platters and upped the amount of explosives, which worked a treat.

The bomb squad also gave him a couple of shaped charges that would normally be used to blast out the side of oil wells. While these punched through the drive's platters admirably, they also went through the quarter inch steel plate the drive was resting on and pummelled another 15 inches into the ground.

Clearly this technique wouldn't work in a data centre, so he looked for a material to pack around the 1U rack to absorb some of the force of the explosion. The material should be capable of containing a blast, easily deployable and preferably cheap.

The material in question was one the bomb squad used themselves while blowing out locks – shaving foam. The foam showed a considerable dampening effect but it was still going to be too much for a data centre.

Shaving foam

Amazing what a couple of cans of shaving foam will do (left) compared to a raw explosion (right)

Zoz tried varying the amount of explosives, eventually settling on 100 grain detonation cord coiled up and placed over the platters on top of the casing. This not only destroyed the casing but also pressure welded the platters together, making them unreadable, but again containment of the blast remained an issue.

Finally, Zoz and his team turned to electricity.

This technique isn't much use against platter drives but could be handy against solid-state drives. He used a flash drive for testing, since SSDs are very expensive, and managed to snap the chip in half with a high-voltage surge.

The conclusion? None of the techniques were perfect, although it's clear that the testing team had a lot of fun.

But to be absolutely sure your drive will never be read, there's only one solution that really works – degauss and shred the platters and dispose of them in multiple locations. ®

Similar topics

Other stories you might like

  • Google opens the pod doors on Bay View campus
    A futuristic design won't make people want to come back – just ask Apple

    After nearly a decade of planning and five years of construction, Google is cutting the ribbon on its Bay View campus, the first that Google itself designed.

    The Bay View campus in Mountain View – slated to open this week – consists of two office buildings (one of which, Charleston East, is still under construction), 20 acres of open space, a 1,000-person event center and 240 short-term accommodations for Google employees. The search giant said the buildings at Bay View total 1.1 million square feet. For reference, that's less than half the size of Apple's spaceship. 

    The roofs on the two main buildings, which look like pavilions roofed in sails, were designed that way for a purpose: They're a network of 90,000 scale-like solar panels nicknamed "dragonscales" for their layout and shimmer. By scaling the tiles, Google said the design minimises damage from wind, rain and snow, and the sloped pavilion-like roof improves solar capture by adding additional curves in the roof. 

    Continue reading
  • Pentester pops open Tesla Model 3 using low-cost Bluetooth module
    Anything that uses proximity-based BLE is vulnerable, claim researchers

    Tesla Model 3 and Y owners, beware: the passive entry feature on your vehicle could potentially be hoodwinked by a relay attack, leading to the theft of the flash motor.

    Discovered and demonstrated by researchers at NCC Group, the technique involves relaying the Bluetooth Low Energy (BLE) signals from a smartphone that has been paired with a Tesla back to the vehicle. Far from simply unlocking the door, this hack lets a miscreant start the car and drive away, too.

    Essentially, what happens is this: the paired smartphone should be physically close by the Tesla to unlock it. NCC's technique involves one gadget near the paired phone, and another gadget near the car. The phone-side gadget relays signals from the phone to the car-side gadget, which forwards them to the vehicle to unlock and start it. This shouldn't normally happen because the phone and car are so far apart. The car has a defense mechanism – based on measuring transmission latency to detect that a paired device is too far away – that ideally prevents relayed signals from working, though this can be defeated by simply cutting the latency of the relay process.

    Continue reading
  • Google assuring open-source code to secure software supply chains
    Java and Python packages are the first on the list

    Google has a plan — and a new product plus a partnership with developer-focused security shop Snyk — that attempts to make it easier for enterprises to secure their open source software dependencies.

    The new service, announced today at the Google Cloud Security Summit, is called Assured Open Source Software. We're told it will initially focus on some Java and Python packages that Google's own developers prioritize in their workflows. 

    These two programming languages have "particularly high-risk profiles," Google Cloud Cloud VP and GM Sunil Potti said in response to The Register's questions. "Remember Log4j?" Yes, quite vividly.

    Continue reading

Biting the hand that feeds IT © 1998–2022