On Sun, Aug 20, 2000 at 10:52:16PM -0500, Signal 11 wrote: > > > Another solution would be to modify your hard drive in a clean room so > > that it would have an autodestruct capability that can be > > electronically activated and which takes effect instantly or nearly > > instantly. The autodestruct should be able to be activated by the > > computer itself (of course, only root would be able to do this) (which > > would require some extra software on your box). The autodestruct > > This is dangerous for several reasons - an autodestruct which could > oblitherate your drive would require an immense amount of energy. There's > two ways I could see this being done - with electrical energy, and with > mechanical energy (ie, a bomb). Take the former. A magnetic density great > enough to randomize the data at the molecular level would also mean it is > capable of destroying every electronic device in the near area. Although > magnetic field strength decreases exponentially with distance, the levels > would still be lethal up to several meters. It would also generate enough > EM radiation to attract the attention of several agencies. So that idea is > out the window.
There is always the solution to run like hell. Provided the hostile entities (read: FBI agents) are closer to your computer than you after you start running, it very well may kill or injure them. Anyways, isn't the type of EM radiation that would kill you in this case microwaves? > Option #2 - a bomb. Well, this requires access to a cleanroom, and > a device capable of destroying the drive. Assuming it was technically > feasible to do so (it's not), you still have to get access to a cleanroom. > That means bringing your device in and assembling it. You know, cleanrooms > may not be protected much, but people are gonna notice what you're doing.. > you can't operate in a vaccum when doing something like this. Thermite does the job far better than explosives, which are likely to merely shatter your platter instead of thoroughly destroying it. Also, thermite poses less risk to someone near the box than explosives. > If you want my opinion, it would be far more reasonable to design a > hardware-based encryption solution. Design an IDE controller which > transparently encrypts all data travelling between it and the remote > system. Use a memory type which does not lend itself to data recovery, > and create a secure method of sending the key to the hardware. This could > be done either via the keyboard (since you would be on the PCI bus, > theoretically you could override the OS and capture the keystrokes > directly by hooking directly into the I/O ports of the keyboard in a > secure fashion). This still isn't a highly secure solution though due to > tempest emissions... but fixing that is left as an excercise to the > reader. The tempest emissions can be handles by RF white noise generators which are set up to generate RF in the same range and distribution of frequencies and amplitudes as the RF generated by the box and the monitor. As for the encryption, one should assume that the NSA could possibly have already broken the crypto used. If one is to solely rely on crypto, one should use very large keys (at *least* 256 bits for symmetric encryption and 4096 bits for asymmetric encryption). -- Travis Bemann Sendmail is still screwed up on my box. My email address is really bemann at execpc.com. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 2767 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20000820/fe2a9e50/attachment.pgp>
