You know how in the movies, the Feds rock up and storm the Hacker’s lair, he presses a big red button and all his server’s and data are instantly nuked with thermite! The hacker escapes in a cloud of smoke and a hail of sparks!
Hypothetically how would one setup an automatic script or system to properly destroy data in an emergency? The data may not be criminal, just private - a lawyer or journalist for example, wanting to secure a piece of information about a source.
I don’t mean burn it or blow it up with explosives. I mean from a reasonable software perspective - like a script or app that writes zeroes over the data or makes it unlikely to be recovered.
(I’m probably on “a list” writing this now, but I think it is a technically interesting problem)
What would your setup be to have a “big red button”?
Essentially isn’t that the same thing as ransomware to encrypt all the data ? I would guess there is some kinda playbook in Ansible that could do something similar to what you are looking for.
Destroying data on drives and making it non-recoverable used to take a long time with writing multiple bit patterns in each sector. Our company goes for drive pulverization and recycling because it’s done very quickly. I do like the dramatic data center bursting into flames though, anyone have a Ansible book for that?
Thanks for your comment - my concern with encryption is there would be a possibility to decrypt the data. What I’m thinking of would be irreversible data destruction.
I’m familiar with entire drive wiping boot disks, which yes, would take some time to write zeroes over the entire drive. But what I’m thinking of is basically something that would be more targeted - it should write multiple times over the exact sectors storing just the confidential files. The operating system files, etc are not important in this context.
A very powerful electromagnet. There also exists rare earth magnets the size if a brick but very expensive. keep the most sensitive data on 2.5" spinning rust or SSD , hot swap bay bucket of acid. SD cards high capacity micro with encrypted data easy to destroy. Food for thought.
Yes I think your best approach is the confidential folder, encrypted, and then written on easily disposable media. I know when I did some work for the government though Motorola they had a self destructing access path mandate on many operational systems dealing with the delivery of sensitive information. But there goal wasn’t to destroy the data only the access to the data and control systems. My clearance didn’t provide any information on physical security.
The closest I have gotten in the last two years was media destruction from our Iron Mountain storage of 30 years of mainframe tapes and drives.
I would say en encrypted volume would be best, red button could do as much as unmount or reboot the server. (reboot would clear the memory, so would be the better option. Unmount could still have the decryption key in memory. If you stick to best practices crypto there is no way the data will ever get decrypted.
There are disk drives which are rated for fast data destruction. They work by encrypting the drive all the time with fast symmetric crypto
using key material known only to the drive
internal controller silicon. This is nominally transparent.
When a destruct order is received, the silicon
containing the key material is physically destroyed in milliseconds with energy stored
just for this purpose. The data is rendered
unrecoverable with less than “national asset”
capability for the best ones.
this is sometimes called “fast erase”.
there are standards for how and what to do
for drive makers.
