Silk Road forums

Discussion => Security => Topic started by: helpmywife on July 25, 2013, 05:59 am

Title: giant magnet? how big?
Post by: helpmywife on July 25, 2013, 05:59 am
is it true that if u put a speaker magnet onto yur laptop its fried and useless to LE??
Title: Re: giant magnet? how big?
Post by: xx138xx on July 25, 2013, 06:16 am
This isn't reliable enough to cover your ass. You'd actually need a powerful electromagnet or a degausing tool to wipe a drive like that. And if you used either, the drives firmware would get damaged too making it unusable, so you might as well physically destroy the drive in a matter that renders the platters inside into pieces (sledgehammer it?) or subject it to extremely intense heat for a long period of time like it was a body you wanted to get rid of. If you decide to beat it to death, don't stop until you actually see the platters inside in pieces.
Title: Re: giant magnet? how big?
Post by: helpmywife on July 25, 2013, 06:50 am
ok so either take my BHO culinary torch to the hard drive discs and/or USB guts or take a sledgehammer and the hard drive you say has to be in multiple pieces?  im just thinkin god forbit that day ever came whats the easiest way to destroy everything in seconds, so ill just put a sledgehammer in my room! lol
i feel like i must burn it though if its only broken there some pieces that CAN be read so gotta really go all the way

HOW STRONG A MAGNET WE TALKING? WHAT WOULD YOU RECOMEND?
Title: Re: giant magnet? how big?
Post by: Tessellated on July 25, 2013, 07:01 am
Magnets are not going to do it.

Look up thermite.
Title: Re: giant magnet? how big?
Post by: ShApEsHiFtInGsHaPeS on July 25, 2013, 08:26 am
or get yourself a HDD with a self destruction button.

http://www.runcore.com/en/RC-SSDnewsdetail-262.html  (ya'll know its clearnet)
Title: Re: giant magnet? how big?
Post by: kmfkewm on July 25, 2013, 09:35 am
Breaking the platter into pieces is the worst way to try to destroy data, forensic data recovery specialists can pull data even from extremely fragmented drives. Breaking the platter into pieces hardly destroys any data at all unless you like grind it into dust or something. I suggest avoiding all of the standard paranoid and senseless techniques of destroying data (which frequently are ineffective in actuality), and sticking with something simple and effective, like Secure Erase.
Title: Re: giant magnet? how big?
Post by: zookaa on July 25, 2013, 02:34 pm
Well, I agree with kmfkewm that this is pretty much senseless.

First, why would you need to destroy your WHOLE harddrive? Do you have so many gigabytes of illegal data that could bring you into jail for many many years? And I'm not talking about your pirated software/movies/music...

Anyways, I do it like this: My main computer is totally clean. There is no trace of Tor, or ANY encryption software at all. And yes, I do keep some pirated movies and mp3s on my "clean" computer on purpose... I use this "clean" computer for my daily work only.

For my Tor activites I have bought an old used laptop for around $200. On the internal HDD of this laptop I installed a clean windows without anything special on it... it's supposed to look like my old backup laptop, you know? ;) Then I created a Tails USB stick with a persitent volume. I keep all my "illegal" data on my encrypted tails volume. And the "illegal" data that could really get me into trouble are just a few megabytes... saved securely on my tails stick.

Now imagine LE busts your house. And they find you trying to smash your harddisks with a sledgehammer lol. What do you think will that look like? Kinda retarded ;)
Even if they find out that your whole computer is encrypted with e.g. TrueCrypt, that will give them enough reason to investigate you even further.

IMHO in case of a bust, the goal should be: They should find absolutely NOTHING that is suspicious. If they bust your home and you happen to have your Laptop online with your Tails stick, then just pull the stick out and hide it somewhere, they are small enough... Tails will then force a "panic shutdown" and overwrite your RAM to protect you from a so called "cold boot" attack.

Title: Re: giant magnet? how big?
Post by: Tessellated on July 25, 2013, 03:45 pm
You want to smallest hard drive you can get. The cheap 128mb SD cards that come with cameras are good.

The idea behind a small drive is that you can erase it faster.

Download dban(disk boot and nuke) and burn it to a CD, boot off that CD and select the drive to nuke. It will erase it properly.

I 128mb drive will take a minute or two, a 16gb drive could take hours.
Title: Re: giant magnet? how big?
Post by: xx138xx on July 25, 2013, 05:22 pm
Breaking the platter into pieces is the worst way to try to destroy data, forensic data recovery specialists can pull data even from extremely fragmented drives. Breaking the platter into pieces hardly destroys any data at all unless you like grind it into dust or something. I suggest avoiding all of the standard paranoid and senseless techniques of destroying data (which frequently are ineffective in actuality), and sticking with something simple and effective, like Secure Erase.

While I usually agree with almost all the information you put forth on these forums, I have to slightly disagree with you on this one, respectfully of course. Not because you're wrong, but because Secure Erase isn't properly implemented by all device manufacturers.

Due to personal safety concerns I can't really lay out my qualifications in speaking on this matter, so I fully understand if you don't believe or trust the info given (and rightfully so as I'd rather you stay safe too than trust some randomly posted info on the darknet).

So let me try to address some points in the OPs post in light of some of the advice in this thread. He didn't state what sort of storage he was trying to sanitize so it could be flash, mechanical drives, or a hybrid of the two.

Secure erase theoretically sanitizes all data from a flash device. In reality it doesn't always work. Not every flash device manufacturer implements the Secure Erase commands completely in line with the established standard. In the case of thumb drives especially, there may not even be a controller embedded that has the capability to perform the command at all. The same goes for card readed devices you would insert an sd card into. And to make matters worse, some drives lack the ability to even detect their own failure to erase the data, leaving it in place.

**Clearnet warning** Following excerpt taken from http://security.stackexchange.com/questions/12503/can-wiped-ssd-data-be-recovered which itself references this paper www.usenix.org/events/fast11/tech/full_papers/Wei.pdf  **

"The most reliable way to securely erase an entire SSD is to use the ATA Secure Erase command. However, this is not foolproof. The FAST paper found that most SSDs implement this correctly, but not all. In particular, 8 of the 12 SSDs they studied supported ATA Secure Erase, and 4 did not. Of the 8 that did support it, 3 had a buggy implementation. 1 buggy implementation was really bad: it reported success, but actually left the data laying around. This is atrociously bad, because there is no way that software could detect the failure to erase."

If the OP is trying to destroy the data on a mechanical hard drive then secure erase does nothing for him at all. Most people assume a mechanical drive can be sanitized by formatting it, then overwriting it entirely with new data. Sadly this isn't entirely true. While consumer level data recovery software can't overcome this, there are techniques for using a scanning magnetic microscope to recover residual data even after a 10 pass "DoD" data wipe. The same sort of device can also be used to get data off the tiny pieces of internal disk platters after you smash the disk to dust, but requires a lot more effort to assemble the gathered data into something interpretable, and something requiring this technology and effort to be used wouldn't come into play unless you did something to piss off the NSA or CIA and were considered a threat to national security.



Title: Re: giant magnet? how big?
Post by: thebakertrio on July 25, 2013, 06:04 pm
A big magnet? Someone has watched to much breaking bad
Title: Re: giant magnet? how big?
Post by: helpmywife on July 25, 2013, 06:31 pm
never saw that show once, it was something someone said ina cypher so i asked.
also i mean regular hardrive that came with the laptop that windows is on.
im thinkin magnesium strip with a bunch of thermite(or another if better) and my BHO torch to light will incinerate it nicely :-) anybody disagree??
Title: Re: giant magnet? how big?
Post by: Tessellated on July 25, 2013, 07:17 pm
never saw that show once, it was something someone said ina cypher so i asked.
also i mean regular hardrive that came with the laptop that windows is on.
im thinkin magnesium strip with a bunch of thermite(or another if better) and my BHO torch to light will incinerate it nicely :-) anybody disagree??

Thermite will create a blinding flash and fill the room with toxic smoke. If you light something like that off while the cops are kicking in the door they are likely to shoot you.
Title: Re: giant magnet? how big?
Post by: zookaa on July 25, 2013, 07:45 pm
never saw that show once, it was something someone said ina cypher so i asked.
also i mean regular hardrive that came with the laptop that windows is on.
im thinkin magnesium strip with a bunch of thermite(or another if better) and my BHO torch to light will incinerate it nicely :-) anybody disagree??

Doing this is a retarded idea, but in theory it should work, it will incinerate it nicely ;-)
Title: Re: giant magnet? how big?
Post by: xx138xx on July 25, 2013, 07:55 pm
Thermite would be quite effective but would also get you charged with possessing a weapon of mass destruction, as well as probably burning down your house. You can melt through solid stone with this shit. Then there's the problem of applying it in time, then igniting it while having a bunch of deputized assholes with penis envy kicking in your door. There's also the fact you might actually want to live through the raid, and trying to light thermite with a torch would definitely get twisted into "we shot him 28 times because he was attempting to detonate an explosive device".

And as far as the big magnet from Breaking Bad? It wouldn't work through a wall as they portrayed it. But it would obscure all the magnetic signatures on the drive if left in contact with each other for a sufficient amount of time.

I also asked an associate about whether making an EMP generating device would work in this situation. The conclusion was NO because anything small enough to keep on hand wouldn't be powerful enough to penetrate the metal shell the drive is enclosed in, as it would act like a Faraday cage protecting the drive internals.
Title: Re: giant magnet? how big?
Post by: tbart on July 25, 2013, 08:00 pm
this might be too simple, and i'm pretty sure it wouldn't work with a HDD with spinning platters but what about a 120V line connected straight to a SSD, so that if you thru the "kill" switch, it would fry the SSD - any chance someone here is electrically or electronically literate?
Title: Re: giant magnet? how big?
Post by: helpmywife on July 25, 2013, 08:50 pm
going to ask an electrician book or person if i can find one....but what CAN i get that i can light it up with if not thermite surely there is something that will burn hot what about if i just use the magnesium strips to just burn the bitch up?
Title: Re: giant magnet? how big?
Post by: TMan99 on July 25, 2013, 10:29 pm
Why can't you just flush it down the toilet?
Title: Re: giant magnet? how big?
Post by: tbart on July 25, 2013, 10:54 pm
so you're sitting at the computer, you hear door explode open, flash bangs go off, and you're going to find the time to take your computer apart, take the harddrive out, and then run thru the squad of steriod brain addled / testosterone heavy swat guys, with your hand out in front of you like the statue on the heisman trophy?

so much easier if you can hit a switch that would effectively destroy the hard drive, imho
Title: Re: giant magnet? how big?
Post by: kmfkewm on July 25, 2013, 11:50 pm
Quote
While I usually agree with almost all the information you put forth on these forums, I have to slightly disagree with you on this one, respectfully of course. Not because you're wrong, but because Secure Erase isn't properly implemented by all device manufacturers.

You could use Secure Erase and then a full drive wipe program that doesn't rely on Secure Erase. That will be pretty fail safe. The general theme is that the best method is not physically destroying the drive in any of these outlandish ways, but rather simply wiping the drive. The drive should be encrypted as well to aide in this, because if the drive is encrypted only the key actually needs to be wiped in the majority of cases. In the case of solid state drives using FDE is even more important. I have read about some solid state drives that automatically and seamlessly encrypt everything put onto the drive, in some cases they don't even require you to set a password. I can only imagine that this is to aide in secure erase, so that they only need to protect a small area of the drive where the encryption key is held, and then they can wipe the encryption key during the secure erase procedure to essentially wipe the drive. This method of secure erase on SSD would have the benefit of not needing to spend write cycles going over the entire drive as well, but it would be a bit different from regular secure erase where data is actually destroyed rather than made (usually) impossible to access.

Anyway I still say that the technique used should be FDE and then if you ever need to start fresh you can do a wipe with Secure Erase and if you are worried Secure Erase was not implemented properly for your device you can do another pass with something that simply fills the platter with 0's. Data deletion from persistent storage is not something that is going to be possible in an emergency situation anyway, it is laughable to think you will have time to put in a CD and start an erase program while the police are kicking your door in, at best you will have time to cut power to your system to clear your volatile memory of encryption keys.

Quote
Due to personal safety concerns I can't really lay out my qualifications in speaking on this matter, so I fully understand if you don't believe or trust the info given (and rightfully so as I'd rather you stay safe too than trust some randomly posted info on the darknet).

I know Secure Erase was found to be improperly implemented on some percentage of tested solid state drives, but I have not heard of any research claiming one way or the other as far as hard drives go. If you are worried that Secure Erase is not properly implemented on your device you could first wipe with Secure Erase and then do another wipe where you simply fill the platter with 0's using software that doesn't rely on Secure Erase. If your drive is fully encrypted you are even better off since you in most cases (pretty much all cases where the attacker doesn't already have your encryption key) you will only need to securely wipe the encryption key to render all other information on the drive impossible to recover.

Quote
Secure erase theoretically sanitizes all data from a flash device. In reality it doesn't always work. Not every flash device manufacturer implements the Secure Erase commands completely in line with the established standard. In the case of thumb drives especially, there may not even be a controller embedded that has the capability to perform the command at all. The same goes for card readed devices you would insert an sd card into. And to make matters worse, some drives lack the ability to even detect their own failure to erase the data, leaving it in place.

Yes I have read the research indicating that not all solid state drives have a properly implemented Secure Erase function. I had assumed the OP was talking about a hard drive but that is a bad assumption on my part since there are very important differences between wiping a hard drive and a solid state drive. In the case of a hard drive I would feel much more comfortable with Secure Erase, and very confident with Secure Erase followed by filling the platter with 0's with some other software. In the case of solid state drives things become more difficult. Many solid state drives have properly implemented Secure Erase and if you happen to have such a SSD using Secure Erase is sufficient. On the other hand, several solid state drives have been shown to have incorrectly implemented Secure Erase functions, and in such a case not only will Secure Erase not be sufficient, but filling the drive with 0's after the Secure Erase will still probably not be sufficient. So if you have a Solid State drive I think that you really need to do your research to make sure that the drive can actually be wiped with any level of confidence. One thing I have noticed is that several of the current generation (brand new) motherboards have connectors for SSD Secure Erase, I wonder if those are more reliable than the built in Secure Erase functions on the drives. I also have noticed that several new SSD's appear to be automatically encrypted but without a password, I can only imagine that this encryption is entirely with the goal of being able to Secure Erase by wiping a small protected area of the SSD where the encryption key is held.

Quote
If the OP is trying to destroy the data on a mechanical hard drive then secure erase does nothing for him at all. Most people assume a mechanical drive can be sanitized by formatting it, then overwriting it entirely with new data. Sadly this isn't entirely true. While consumer level data recovery software can't overcome this, there are techniques for using a scanning magnetic microscope to recover residual data even after a 10 pass "DoD" data wipe. The same sort of device can also be used to get data off the tiny pieces of internal disk platters after you smash the disk to dust, but requires a lot more effort to assemble the gathered data into something interpretable, and something requiring this technology and effort to be used wouldn't come into play unless you did something to piss off the NSA or CIA and were considered a threat to national security.

I completely disagree with this. Secure Erase was originally designed to securely erase data from mechanical hard drive platters. I believe it does two passes, one with the magnetic head on track center and one with it slightly off center to wipe magnetic edge residue. This is generally considered to be overkill. Definitely a platter that is smashed can be read with spin stand microscopy, and only a very trivial amount of information is actually destroyed with every fracture of the drive. There has been a great deal of debate about if forensics can pull data that has been overwritten or not, in the past it was widely thought that they could pull data even after it had been overwritten, but in modern times most people think that they cannot. Even in the forensics community there is much debate over this, but I am forced to agree with the people who argue against the possibility of recovering overwritten data simply because nobody seems to be able to respond to their argument of "show me a single example of where overwritten data was actually pulled off of a completely wiped hard drive, ever". In the past there was a theoretical paper by Gutmann that theorized that a magnetic microscope could recover overwritten data unless it was overwritten many dozens of times, but I think this is largely seen as impossible with modern drives which have much greater density. In any case Secure Erase does two passes and there are various software programs for doing 35 or more passes.
Title: Re: giant magnet? how big?
Post by: kmfkewm on July 26, 2013, 12:05 am
https://en.wikipedia.org/wiki/Gutmann_method

Quote
The delete function in most operating systems simply marks the space occupied by the file as reusable (removes the pointer to the file) without immediately removing any of its contents. At this point the file can be fairly easily recovered by numerous recovery applications. However, once the space is overwritten with other data, there is no known way to use software to recover it. It cannot be done with software alone since the storage device only returns its current contents via its normal interface. Gutmann claims that intelligence agencies have sophisticated tools, including magnetic force microscopes, which together with image analysis, can detect the previous values of bits on the affected area of the media (for example hard disk).

The National Bureau of Economic Research criticized Gutmann's claim that intelligence agencies are likely to be able to read overwritten data, citing a lack of evidence for such claims.[3] Companies specializing in recovery of damaged media (e.g., media damaged by fire, water or otherwise) cannot recover completely overwritten files. No private data recovery company currently claims that it can reconstruct completely overwritten data. Nevertheless, some published government security procedures consider a disk overwritten once to still be sensitive.[4]

Gutmann himself has responded to some of these criticisms and also criticized how his algorithm has been abused in an epilogue to his original paper, in which he states [1]:

    In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.

It is also worth mentioning that Secure Erase has been tested on mechanical hard drives before, and the researchers testing it were incapable of recovering anything off any of the tested drives.

https://en.wikipedia.org/wiki/Data_remanence#Feasibility_of_recovering_overwritten_data

Quote
Peter Gutmann investigated data recovery from nominally overwritten media in the mid-1990s. He suggested magnetic force microscopy may be able to recover such data, and developed specific patterns, for specific drive technologies, designed to counter such.[2] These patterns have come to be known as the Gutmann method.

Daniel Feenberg, an economist at the private National Bureau of Economic Research, claims that the chances of overwritten data being recovered from a modern hard drive amount to "urban legend".[3] He also points to the "18½ minute gap" Rose Mary Woods created on a tape of Richard Nixon discussing the Watergate break-in. Erased information in the gap has not been recovered, and Feenberg claims doing so would be an easy task compared to recovery of a modern high density digital signal.

As of November 2007, the United States Department of Defense considers overwriting acceptable for clearing magnetic media within the same security area/zone, but not as a sanitization method. Only degaussing or physical destruction is acceptable for the latter.[4]

On the other hand, according to the 2006 NIST Special Publication 800-88 (p. 7): "Studies have shown that most of today’s media can be effectively cleared by one overwrite" and "for ATA disk drives manufactured after 2001 (over 15 GB) the terms clearing and purging have converged."[1] An analysis by Wright et al. of recovery techniques, including magnetic force microscopy, also concludes that a single wipe is all that is required for modern drives. They point out that the long time required for multiple wipes "has created a situation where many organisations ignore the issue all together – resulting in data leaks and loss. "[5]
Title: Re: giant magnet? how big?
Post by: helpmywife on July 26, 2013, 12:48 am
Secure Erase: where can i get this from sir?
Title: Re: giant magnet? how big?
Post by: helpmywife on July 26, 2013, 01:14 am
i believe your right tbart, easier to flip a switch than burnonly because id hafta take it apart a little, i always have my torch near but what do you think basicly i want to have a switch forces it to have a massive flood of electrical power like as much as i can get it to do?
Title: Re: giant magnet? how big?
Post by: kmfkewm on July 26, 2013, 01:23 am
Why not just have a switch to wipe the encryption keys from the RAM. Most computer cases already come with such a switch.