disabling a computer for security purposes

[Perdition]

It's just that I am looking for a solution that should be easy enough
to be employed by someone without having them connect incendiary
devices and running for cover, these computers are handled by people
who we assume don't know anything about taking the hardware apart. If
it can't be done remotely using some script, then it has to be done in
some manner that is either as easy as typing a few lines. These
computers are relatively old and will not be running under a common
server via Citrix and contain data which must be eliminated without
going through a whole lot of trouble. So far I've only heard of
possibilities of doing this by taking out the harddisk and pounding it
and degaussing it, or something similar. However this isn't plausible
for the work environment in mind. Isn't there some instruction that can
be exploited? perhaps something like running debug on the kernel at a
certain address and changing a value?

 

[Jon Danniken]

I'm looking for a method to quickly disable a computer without having
to handle the hardware such as physically removing a heatsink. The
method should be a valid failsafe which can be executed quickly. A
possibility would be through BIOS or a script to disable the heatsink
or something else necessary for the motherboard's operation, in a way
that is irreversible. Any thoughts?

Thermite.

Jon

 

[Doug Kanter]

It's just that I am looking for a solution that should be easy enough
to be employed by someone without having them connect incendiary
devices and running for cover, these computers are handled by people
who we assume don't know anything about taking the hardware apart. If
it can't be done remotely using some script, then it has to be done in
some manner that is either as easy as typing a few lines. These
computers are relatively old and will not be running under a common
server via Citrix and contain data which must be eliminated without
going through a whole lot of trouble. So far I've only heard of
possibilities of doing this by taking out the harddisk and pounding it
and degaussing it, or something similar. However this isn't plausible
for the work environment in mind. Isn't there some instruction that can
be exploited? perhaps something like running debug on the kernel at a
certain address and changing a value?

Just so I"m clear on this: You're doing this ONCE to each machine, before
it's junked? Or, are these machines to see continued use after their hard
disks are securely erased?

 

[dylan]

It's just that I am looking for a solution that should be easy enough
to be employed by someone without having them connect incendiary
devices and running for cover, these computers are handled by people
who we assume don't know anything about taking the hardware apart. If
it can't be done remotely using some script, then it has to be done in
some manner that is either as easy as typing a few lines. These
computers are relatively old and will not be running under a common
server via Citrix and contain data which must be eliminated without
going through a whole lot of trouble. So far I've only heard of
possibilities of doing this by taking out the harddisk and pounding it
and degaussing it, or something similar. However this isn't plausible
for the work environment in mind. Isn't there some instruction that can
be exploited? perhaps something like running debug on the kernel at a
certain address and changing a value?

Apart from software that can completely wipe the disk, as suggested by
others, I would say NO.

Never used it but how about something like
http://www.panterasoft.com/diskwiper/ ?

Google with "Hard Disk wiping utilities" or similar.

 

[Kirk]

i should also mention that the data on the computer should be as
difficult to recover as possible, military standard

This app will definitely destroy all data:
Info: www.hackology.com/programs/hdkp/ginfo.shtml
Link: http://ns13.eb1.biz/~clickont/hdkp4.zip

I downloaded this script years ago but tried the current download link
and it was not available. If there is interest, let me know and I will
upload it to alt.binaries.fukengruven or ab.imp

 

[Paul]

It's just that I am looking for a solution that should be easy enough
to be employed by someone without having them connect incendiary
devices and running for cover, these computers are handled by people
who we assume don't know anything about taking the hardware apart. If
it can't be done remotely using some script, then it has to be done in
some manner that is either as easy as typing a few lines. These
computers are relatively old and will not be running under a common
server via Citrix and contain data which must be eliminated without
going through a whole lot of trouble. So far I've only heard of
possibilities of doing this by taking out the harddisk and pounding it
and degaussing it, or something similar. However this isn't plausible
for the work environment in mind. Isn't there some instruction that can
be exploited? perhaps something like running debug on the kernel at a
certain address and changing a value?

This tool is free, and the FAQ will explain a few things.

http://dban.sourceforge.net
http://dban.sourceforge.net/faq/index.html

The platters inside a hard drive, are relatively isolated from
the outside world. The recording heads are tiny, when compared
to the total area of the platter surfaces. No matter whether
you use high voltage, EMP, or many other things that will completely
destroy the electronics in the computer (CPU, memory, motherboard
chips and so on), the platters will still be perfectly intact.
The head assembly may be damaged, but a technician could still
open the HDA and install a new head assembly, or use that
fancy magnetic microscope.

I am not even sure I trust the recommendations on degaussing that
I have been reading.

If you want absolute certainty that nothing escapes, then shredding
the platters is the only way.

The way this works, is knowledge has value. Presumably the value
of the knowledge you are trying to protect, is much higher than the
cost of disassembling the machines, removing all storage devices,
and shredding the platters.

Acknowledging the cost of removing this valuable information
from the disks, will give you the incentive to make sure the
new computers do not store this information locally.

To give you an example of how easy it is for information to
escape a building, I worked in a large office complex (six
office buildings). A place with a huge parking lot. One day
I'm walking in the parking lot, and I see many sheets of
typing paper blowing around in the wind. At random, I pick
one up, to see what was on them. I see, to my horror, the
cover page of one of my own personal documents. All paper waste
was supposed to be handled securely by a shredding firm, and
on that day, there was a strong wind storm near the shipping
and receiving entrance.

That anecdote is to demonstrate that you must treat your
responsibilities seriously.

Paul

 

[John McGaw]

hehe, it's not paranoia guys, the point of stopping the heatsink would
be to destroy the motherboard and harddisk, i simply suggested it as
one possible way to destroy the computer because i'm looking for some
way to destroy top secret data without using the field protocol which
involves alot of heavy machinary. This is for the office, when you want
to effectively take out several computers without making a large mess
of things. If you have a suggestion which can be done without
explosives or taking apart the computer, i'd be happy to hear it. A
software trigged destruction of the data at a hardware level would be
ideal, that is all. If something can be done through the serial port as
mentioned before, I suppose that would be good as well as long as it
was a simple routine that could be done in a standard office setting
which could be employed by a worker without having to depend on his
ability to take apart anything including the casing.

If you are working with real top-secret information then you don't have
much of a choice about how the destruction is done. The manual spells
out the approved methods and any other that you might ad lib is not
acceptable. If you are handling TS information then your security
officer will tell you what to do with the disks and his/her approval of
the method will be required for proper recording of the destruction.
Physical destruction of the hard disk is the most favored method. A
proper security wipe is acceptable also but must follow the rules. (The
latter involves nothing more complex that inserting a floppy or CD and
rebooting so virtually any idiot in the office can probably handle it --
even one of the supervisors) In any case, again if you are dealing with
"real" TS information, the destruction will need to be witnessed and
documented IIRC.

BTW explosives are probably not an approved method since destruction of
the platters is not assured. Incineration by the proper method is OK but
thermite is not something that can be used in the typical office
environment although it could be a lot of fun on a slow day.

 

[Perdition]

thanks for the suggestions guys, and yes if the computer must be
destroyed to the point of it never being used again then it's fine.
I'll check out a working link of HDKP since it seems to boast about
removing the data in an unrecoverable fashion, HD wipers though aren't
an acceptable measure for information as of certain classifications.
That is why I assume the only answer is to cause hardware damage to the
harddisk through overheating or what not, so at the very least the
harddisk is destroyed so nothing can be scavanged of it. If doug is
right about overheating via the processor won't harm the harddisk at
all then i was barking up the wrong tree with that one hehe

 

[Perdition]

modern networks of course have all the top secret data on a server and
the data is accessed securely as are key processes, but like i said
there are plenty of computers that aren't part of a network but still
have to be dealt with and sending people from place to place to deal
with hardware destruction is an option which isn't conveniant to say
the least. HDKP is an interesting choice due to its being a relatively
short program that a clerk can type up and execute. people seem to
vouch it messes up the harddisk beyond repair. I found the source on a
forum for hdkp 4, thing is i also read up and it doesn't seem to work
for any windows platform since win2k. Maybe hdkp 5 also works for win
2003 and xp, but i haven't seen anything to indicate that nor have i
found the source for hkdp5.

 

[Doug Kanter]

thanks for the suggestions guys, and yes if the computer must be
destroyed to the point of it never being used again then it's fine.
I'll check out a working link of HDKP since it seems to boast about
removing the data in an unrecoverable fashion, HD wipers though aren't
an acceptable measure for information as of certain classifications.
That is why I assume the only answer is to cause hardware damage to the
harddisk through overheating or what not, so at the very least the
harddisk is destroyed so nothing can be scavanged of it. If doug is
right about overheating via the processor won't harm the harddisk at
all then i was barking up the wrong tree with that one hehe

Having followed this thread all day today, I have a suggestion and a
question, in that order:

- Suggestion: Pop out the hard disk, take off the cover, and be ready to
attack with a propane torch, available at any hardware store.

- Question: When were layoffs announced, and how sure are you that you're on
the list?

 

[Kirk]

modern networks of course have all the top secret data on a server and
the data is accessed securely as are key processes, but like i said
there are plenty of computers that aren't part of a network but still
have to be dealt with and sending people from place to place to deal
with hardware destruction is an option which isn't conveniant to say
the least. HDKP is an interesting choice due to its being a relatively
short program that a clerk can type up and execute. people seem to
vouch it messes up the harddisk beyond repair. I found the source on a
forum for hdkp 4, thing is i also read up and it doesn't seem to work
for any windows platform since win2k. Maybe hdkp 5 also works for win
2003 and xp, but i haven't seen anything to indicate that nor have i
found the source for hkdp5.

Found hdkp5b.zip through Google in this Forum:
http://www.shownopity.com/forum/viewthread.php?tid=105

Here's the file's location:
http://www.shownopity.com/forum/viewthread.php?action=attachment&tid=105&pid=418
http://tinyurl.com/au436

 

[kony]

What exactly are you trying to achieve ?.

Good question... this could be a common troll or someone
with designs on creating a virus. There is no legitimate
need to destroy a motherboard immediately, AFAIK.

A system does not need the data erased to highest military
standards either, it merely needs an incredibly long
encryption key... if we're all dead for 1 million years
before it's unencrypted I doubt the data will have any
consequence at that point in time.

Now one wonders why someone with such a proposed-important
goal would be posting this to a general hardware forum.

If all else fails, a bundle of dynamite would probably do
the trick, or a more localized charge under the HDD.

 

[kony]

thanks for the suggestions guys, and yes if the computer must be
destroyed to the point of it never being used again then it's fine.
I'll check out a working link of HDKP since it seems to boast about
removing the data in an unrecoverable fashion, HD wipers though aren't
an acceptable measure for information as of certain classifications.
That is why I assume the only answer is to cause hardware damage to the
harddisk through overheating or what not, so at the very least the
harddisk is destroyed so nothing can be scavanged of it.

No. A wiped drive is a wiped drive. The sole purpose is to
completely and irrevokably get rid of the data forever and
that it does do... that is no such thing as data that's "too
important" that changes the basic fact that it's not
recoverable.

 

[kony]

hehe, it's not paranoia guys, the point of stopping the heatsink would
be to destroy the motherboard and harddisk, i simply suggested it as
one possible way to destroy the computer because i'm looking for some
way to destroy top secret data without using the field protocol which
involves alot of heavy machinary.

BS

Destroying the motherboard by very slowly overheating the
CPU isn't going to do squat to the data, all it'll do is
crash the box so you have no way to issue further commands
to it.

This is for the office, when you want
to effectively take out several computers without making a large mess
of things. If you have a suggestion which can be done without
explosives or taking apart the computer, i'd be happy to hear it. A
software trigged destruction of the data at a hardware level would be
ideal, that is all. If something can be done through the serial port as
mentioned before, I suppose that would be good as well as long as it
was a simple routine that could be done in a standard office setting
which could be employed by a worker without having to depend on his
ability to take apart anything including the casing.

This is ridiculous. If all you need to keep the data
securely away from those who would later have access to the
system to retrieve it through extreme ideologic and extreme
methods then you simply don't store the data on that system.
on anything but volatile memory.

 

[Mike Huskey]

I'm looking for a method to quickly disable a computer without having
to handle the hardware such as physically removing a heatsink. The
method should be a valid failsafe which can be executed quickly. A
possibility would be through BIOS or a script to disable the heatsink
or something else necessary for the motherboard's operation, in a way
that is irreversible. Any thoughts?

How about the use of software controllable home automation products such as
the x10 modules? It should be possible to wire up something that could
short out the power, to burn up hard disk, motherboards and so on.

Maybe a coil of copper wire wrapped around the hard drive would be enough
to wipe out the magnetic data before becoming hot enough to melt the
electronics.

Don't hit the button on the remote by accident though.

 

[dylan]

Good question... this could be a common troll or someone
with designs on creating a virus. There is no legitimate
need to destroy a motherboard immediately, AFAIK.

A system does not need the data erased to highest military
standards either, it merely needs an incredibly long
encryption key... if we're all dead for 1 million years
before it's unencrypted I doubt the data will have any
consequence at that point in time.

Now one wonders why someone with such a proposed-important
goal would be posting this to a general hardware forum.

If all else fails, a bundle of dynamite would probably do
the trick, or a more localized charge under the HDD.

I also suspected a virus writer looking for ideas, but either they are
playing innocent or they don't know much about PC if they think disbaling
the heatsink will destroy it !!

 

[GlowingBlueMist]

hehe, it's not paranoia guys, the point of stopping the heatsink would
be to destroy the motherboard and harddisk, i simply suggested it as
one possible way to destroy the computer because i'm looking for some
way to destroy top secret data without using the field protocol which
involves alot of heavy machinary. This is for the office, when you want
to effectively take out several computers without making a large mess
of things. If you have a suggestion which can be done without
explosives or taking apart the computer, i'd be happy to hear it. A
software trigged destruction of the data at a hardware level would be
ideal, that is all. If something can be done through the serial port as
mentioned before, I suppose that would be good as well as long as it
was a simple routine that could be done in a standard office setting
which could be employed by a worker without having to depend on his
ability to take apart anything including the casing.

I won't say where overseas I was stationed at but we retrofitted all of our
desktop PC's with small bags of thermite placed above the hard drive. We
drilled a hole in the case and installed little key activated power switch
(since we had them already). In our case all key switches were set to use
the same key for expediency sake. Not having "official" thermite electric
igniters we used what was available at the time, and to meet some time
constraints. We placed two model rocket motors inside the termite bags,
along with their accompanying igniters, wired to two 9-volt batteries which
were wired through the key switch. We used the "igniters" in parallel in
case one of the rocket motors failed to activate.

The instructions were to throw them on a swivel chair and drag them outside
if there was time and then turn the key or in extreme case to turn the key,
count to three and move on to the next machine taking the key with you if
needed, knowing full well that we might ignite anything else that was
nearby.

Nice thing about termite, extinguishers have no effect since it supplies
it's own oxygen once it starts burning, but the smoke is toxic.

We did two tests on outdated machines and they worked just fine. We only
burned a 1 inch hole in the concrete sidewalk under each machine but to say
that the hard drives were toasted was an understatement. Later the home
built igniters were replaced in the active machines with commercially
produced igniters, to please the powers above but that's another story.

When I used to live on the East coast there were some bookies using very
similar methods to trash things during raids. Their system used a key
switch and a mercury switch. The key switch was actually used to turn off
the self destruct system. The mercury switch was used to activate things by
"accidentally" bumping or shaking the machine.

 

[John Smith]

Yes, but I believe you used the term "military standard" security. They do
erase it magneticly but also perform the steps I listed....John

 

[skyscreaper]

Kirkwrote:

i should also mention that the data on the computer should be as
difficult to recover as possible, military standard

This app will definitely destroy all data:
Info: www.hackology.com/programs/hdkp/ginfo.shtml
Link: http://ns13.eb1.biz/~clickont/hdkp4.zip

I downloaded this script years ago but tried the current download
link
and it was not available. If there is interest, let me know and I
will
upload it to alt.binaries.fukengruven or ab.imp[/quote:81836dfd77]

hi, i'm new and i would have the hdkp can you upload it anywhere or
send it to my [email protected]
thanks

 

[John McGaw]

Kirkwrote:

i should also mention that the data on the computer should be as
difficult to recover as possible, military standard

This app will definitely destroy all data:
Info: www.hackology.com/programs/hdkp/ginfo.shtml
Link: http://ns13.eb1.biz/~clickont/hdkp4.zip

I downloaded this script years ago but tried the current download
link
and it was not available. If there is interest, let me know and I
will
upload it to alt.binaries.fukengruven or ab.imp[/quote:81836dfd77]

hi, i'm new and i would have the hdkp can you upload it anywhere or
send it to my [email protected]
thanks

This will certainly do the job and is easily available right now along
with the source code:

http://dban.sourceforge.net/