disabling a computer for security purposes

[Perdition]

I'm looking for a method to quickly disable a computer without having
to handle the hardware such as physically removing a heatsink. The
method should be a valid failsafe which can be executed quickly. A
possibility would be through BIOS or a script to disable the heatsink
or something else necessary for the motherboard's operation, in a way
that is irreversible. Any thoughts?

 

[MJP]

I'm looking for a method to quickly disable a computer without having
to handle the hardware such as physically removing a heatsink. The
method should be a valid failsafe which can be executed quickly. A
possibility would be through BIOS or a script to disable the heatsink
or something else necessary for the motherboard's operation, in a way
that is irreversible. Any thoughts?

Although you mentioned not having to handle hardware, placing the hard disk
in a removable caddy would appear to be the perfect solution for your needs.

MJP

 

[Perdition]

Although you mentioned not having to handle hardware, placing the hard disk
in a removable caddy would appear to be the perfect solution for your needs.

MJP

unfortunately this has to be done in a way that doesn't involve
handling directly hardware or it isn't scriptable. These computers also
don't allow the use of external media devices such as cd drives, usb or
floppy. So the answer has to be through software i'm afraid

 

[Perdition]

i should also mention that the data on the computer should be as
difficult to recover as possible, military standard

 

[MJP]

I'm looking for a method to quickly disable a computer without having
to handle the hardware such as physically removing a heatsink. The
method should be a valid failsafe which can be executed quickly. A
possibility would be through BIOS or a script to disable the heatsink
or something else necessary for the motherboard's operation, in a way
that is irreversible. Any thoughts?

BIOS password?

MJP

 

[philo]

i should also mention that the data on the computer should be as
difficult to recover as possible, military standard

just wipe the HD...
there are plenty of utilities out there

 

[Perdition]

just wipe the HD...
there are plenty of utilities out there

data recovery techniques these days means that you'd have to rewrite
the entire harddrive over 7 times (7 levels of erasure being DOD
standard) to ensure some security, and even then it won't go over parts
which are flagged as defective. The information has to be erased to the
highest military standard meaning rewrites aren't acceptable, it has to
be destroyed. Whether the entire motherboard is destroyed as well is
irrevelant, the computer must never be used again

 

[Jamie]

Shotgun?

 

[CK]

i should also mention that the data on the computer should be as

difficult to recover as possible, military standard

If you want to quickly destroy the data as well, then it's going to have
to be some kind of incendiary device. Should be easy enough to trigger
through software - maybe using the serial port, or something else that
isn't going to be used for anything else.

HTH.

CK

 

[dylan]

data recovery techniques these days means that you'd have to rewrite
the entire harddrive over 7 times (7 levels of erasure being DOD
standard) to ensure some security, and even then it won't go over parts
which are flagged as defective. The information has to be erased to the
highest military standard meaning rewrites aren't acceptable, it has to
be destroyed. Whether the entire motherboard is destroyed as well is
irrevelant, the computer must never be used again

What exactly are you trying to achieve ?.
You mentioned disabling the Heatsink, whatever that is supposed to achieve
BUT now you are talkng about wiping the HD.
The only place that data is stored, assuming RAM is depowered is the HD, why
not just take it out and smash it (them) to bits with large hammer ?

 

[philo]

data recovery techniques these days means that you'd have to rewrite
the entire harddrive over 7 times (7 levels of erasure being DOD
standard) to ensure some security, and even then it won't go over parts
which are flagged as defective. The information has to be erased to the
highest military standard meaning rewrites aren't acceptable, it has to
be destroyed. Whether the entire motherboard is destroyed as well is
irrevelant, the computer must never be used again

most of the wipe utilites i've seen will do that.


otherwise...just remove the HD and throw it in an active volcano!

 

[old jon]

most of the wipe utilites i've seen will do that.

otherwise...just remove the HD and throw it in an active volcano!

Ah, but if he did that, the data might melt, and float to the top. It would
then trickle down the side of the volcano.
And as it cooled, someone might come along and pick up all that secret
data. Then where would he be ?.
All that secret data exposed to the whole wide world.
What the bloody hell do people store on their computers ?.
bw..OJ

 

[John Smith]

If you truly want to make data on the hard drive unavailable forever
remove the hard drive and smash it with a sledge hammer then do as some
agencies on the Beltway in DC do and incinerate the drive in a furnace
that is capable of melting the metal platters
of the disk.

John

 

[philo]

Ah, but if he did that, the data might melt, and float to the top. It would
then trickle down the side of the volcano.
And as it cooled, someone might come along and pick up all that secret
data. Then where would he be ?.
All that secret data exposed to the whole wide world.
What the bloody hell do people store on their computers ?.
bw..OJ

I suppose someone with X-ray vision would have "seen" all the data
anyway...even before it got to the volcano...

but worse still...even if the HD and all data were destroyed...
all one would have to do is read the OP's brain waves!!!!!

probably best to jump into the active volcano along with the HD


then have someone run a "wipe" utility 7 times on the volcano itslef!

 

[old jon]

I suppose someone with X-ray vision would have "seen" all the data
anyway...even before it got to the volcano...

but worse still...even if the HD and all data were destroyed...
all one would have to do is read the OP's brain waves!!!!!

probably best to jump into the active volcano along with the HD


then have someone run a "wipe" utility 7 times on the volcano itslef!

You do make I laff.

 

[Paul]

data recovery techniques these days means that you'd have to rewrite
the entire harddrive over 7 times (7 levels of erasure being DOD
standard) to ensure some security, and even then it won't go over parts
which are flagged as defective. The information has to be erased to the
highest military standard meaning rewrites aren't acceptable, it has to
be destroyed. Whether the entire motherboard is destroyed as well is
irrevelant, the computer must never be used again

Here is some public info on drive destruction. This should
give you some idea of what level of secret is compatible with
what erasure/destruction method.

http://www.rcmp-grc.gc.ca/tsb/pubs/it_sec/g2-003_e.pdf

This is not military standard, but would be sufficient for
most civilian uses. This is a disk drive that does encryption
at the drive level. Obviously, there are all sorts of questions
about "back doors" and whether the NSA could crack it, but for
a situation where your computer is stolen during a break and
enter, this should be sufficient.

http://www.seagate.com/newsinfo/newsroom/success/D2g42.html
http://www.seagate.com/content/docs/pdf/marketing/PO-Momentus-FDE.pdf

I would feel safer, if the architecture looked like this.
Being able to specify the algorithm and the key, should give
you more control.

programmable ordinary
motherboard ---- encryption ------ hard
engine drive
|
|
removable key and
algorithm

Another thing you could consider using, is solid state drives
(so-called RAM disks or solid state disks). It would be easier
to engineer destruction of the media (the RAM) by electrical
means, than to destroy a platter. (Simply switching off the
power may not be sufficient to meet your needs.) These are not
very convenient, in terms of form factor, and this one is tiny
in capacity. Larger versions are rack-mountable.

http://www.cenatek.com/store/category.cfm?Category=9

A third option, is for your computers to be diskless. The
computer boots from a network disk. This is good for installations
in an office building, where the server room is locked up, and
the computers in the office area are subject to possible theft.
This should bring back fond memories of IBM mainframes, 3278
terminals, or X terminals plus server architecture.

Paul

 

[Doug Kanter]

If you truly want to make data on the hard drive unavailable forever
remove the hard drive and smash it with a sledge hammer then do as some
agencies on the Beltway in DC do and incinerate the drive in a furnace
that is capable of melting the metal platters
of the disk.

Perhaps I'm being naive, but the data is stored magnetically. Isn't there a
commonly available large magnet which, when placed directly onto the
platters, would mess them up sufficiently? Perhaps a 15" bass speaker?

 

[John McGaw]

I'm looking for a method to quickly disable a computer without having
to handle the hardware such as physically removing a heatsink. The
method should be a valid failsafe which can be executed quickly. A
possibility would be through BIOS or a script to disable the heatsink
or something else necessary for the motherboard's operation, in a way
that is irreversible. Any thoughts?

http://155.252.151.82/05/05I/pdf/Physical_Security_Equipment.pdf

Page 79 will tell you what you need. It appears that now the destruct
device is being called an ACED. I can't really recall what we called
them when I was in the AF -- it was always just the "destruct box" on
top of each rack that we were supposed to set off before heading to the
door with our weapons.

Of course if you are simply trying to make hard drive data unrecoverable
in a _simple_ way all that would be required would be a disk with a
"Darik's Boot and Nuke" on it and a bit of time.

 

[Perdition]

hehe, it's not paranoia guys, the point of stopping the heatsink would
be to destroy the motherboard and harddisk, i simply suggested it as
one possible way to destroy the computer because i'm looking for some
way to destroy top secret data without using the field protocol which
involves alot of heavy machinary. This is for the office, when you want
to effectively take out several computers without making a large mess
of things. If you have a suggestion which can be done without
explosives or taking apart the computer, i'd be happy to hear it. A
software trigged destruction of the data at a hardware level would be
ideal, that is all. If something can be done through the serial port as
mentioned before, I suppose that would be good as well as long as it
was a simple routine that could be done in a standard office setting
which could be employed by a worker without having to depend on his
ability to take apart anything including the casing.

 

[Doug Kanter]

If you're referring to the heat sink installed on the main processor chip,
you're barking up the wrong tree. Removing that will probably cause the
processor chip to have a bad day, but it won't do a damned thing to the hard
disk.