Hello.
home   about   links   shoes   music   books   

More hard drive & dissertation nonsense :: 29/5/10 ~01:15 :: Comments: 1
category: tech

I've spent the majority of the last week in the lab at uni getting hard drives prepared for my dissertation work. So far I've amassed 34 drives, I'm aiming for a total of 40 before I start.

As for preparation for them, I decided the quickest way to do it was simply to take one drive and do a full Windows installation on it (using XP SP3), then put some stuff on it; browse a few websites, install a few programs, plug in some USB stuff, put some photos and documents etc on the desktop. After that, I basically just cloned that drive, using md5sums to verify the copy and then booting each drive up after it's been copied to make sure it's working. Forensically speaking I shouldn't really be booting the drives because it does alter the content, but my dissertation scope means I don't need to worry about that, as long as I know definitively what files etc I should be looking for. I might not be able to recover some stuff that would be in the pagefile, but that's not really the concern; the question is whether I can recover anything at all from the pagefile, or from anywhere else. Anyway, I've got the following set of methods by which I'm going to attempt to destroy my drives:

  • Dropping from a pre-set height
  • Leaving the drive running with the platters exposed
  • Pouring bleach on the platters
  • Putting the drive in the dishwasher
  • Pouring battery acid on the platters
  • Running a high power magnet against the drive
  • Same with a low power magnet
  • Leaving the drive sitting on top of an old TV
  • Putting the drive in the oven
  • Set the fucker on fire

    Additionally I'd quite like to try putting them in the microwave, but I don't know how feasible that's going to be. Firstly I'd need to find a microwave to use which can be destroyed, and for the sake of completeness I'm doing each of these experiments 3 times (with the exception of the magnet ones), so that could mean 3 microwaves...Not too practical, so I'll probably not do that. I'll probably not do the battery acid experiment either if I can't get my hands on another 6 drives, because it's going to be a pain to get the acid I imagine.
    I say the magnet ones are an exception; each of those will be done 5 times instead of 3. 3 times with the drive completely intact and sealed, 2 times with the drive open and the platters exposed. I don't really think it'll make a big difference, but for the low power magnet it actually might. My experiment falls down a wee bit on that level because the vast majority of drives I'm using are only single platter drives. Using drives with multiple platters might reveal different results for the magnet tests because it's possible the lower/lowest platter wouldn't be affected that much. Don't really know. Although I'm curious about the magnet test now - the high power magnets I'm using are these:

    Those magnets are really pretty bloody strong, and they actually came out of hard drives. They sit perhaps 2" away from the platters on a normal size drive; I'd never really considered why drives are the size they are, but I'm curious as to whether there's an element of that's how far the magnets need to be from the platters to avoid causing accidental damage. If that's the case, what about smaller drives? Perhaps they use weaker magnets? Sadly I have none of those to play about with, so this is entirely conjecture. I'll read up on it in due course, but it's interesting. Well, to me anyway.

    As for the low power magnets, well that's just gonna be a fridge magnet. The cathode tube TVs/monitors use magnets (as I'm sure anyone who's put a magnet near a screen and noticed the discolouring would be aware) but that's going to be incredibly weak; I'm not sure if that will affect the drives at all. I'm not even sure if I still have an old TV around in the house, but I'll find a monitor somewhere I'm sure.

    I do have a few concerns about the experiments. Particularly the dishwasher one; the salt residue is going to surely fuck with the electronics on the board since it'll conduct. Bit worried that plugging it in is going to cause a bloody huge surge. I had hoped to, after forensically examining the drives, actually connect the things back up and see if they are even still bootable. But I reckon that'll be a dead PSU and motherboard if I try it with the dishwasher ones, so I'll have to see what to do about them.

    Anyway, whilst I was sitting in the lab trying to boot these drives and copy others, I got bored so decided to do an experiment that stems from the one I tried the other week of swapping logic boards; this time I tried to swap platters. This is a procedure that should theoretically work, professional companies do this, although they use specialist tools and do it in a clean room. I wanted to simply see if it can be done using a screwdriver, a pair of pliers and a desk. I did create a bit of a mess tearing the things apart:

    Basically I expected this to fail miserably, not least because it's actually very difficult to take a hard drive apart without touching the platters. I tried holding them with paper towels to avoid fingerprints, but it probably still causes damage. And the short version of it is it didn't work, but it wasn't the spectacular failure I expected. The drives could be seen and recognised, the only problem I encountered was this:

    [362247.629667] sd 19:0:0:0: [sdc] READ CAPACITY(16) failed

    Which basically means it can read the drive but can't work out the disk size. So instead of a 40gb hard drive, it gets seen as a 1.6gb drive. This was the same for both of them, I'm not sure why it seems to stop at 1.6gb. Something to do with sector sizes I assume, but I have no idea at all. Something else to look at!

    Next week I'll hopefully be getting my hands on the rest of those drives, then towards the end of the week I'll start breaking the things. Youtube videos of burning drives coming shortly.

    Orishas - Machete

    Top

    Comments

    Name:
    Cake

    Comment:
    This hasn't been updated :'(

    Add a comment!

    Name:
    Email Address:
    Comments:
     

    Top

    Home

    This website has been hand-coded in utterly basic HTML and is optimised for nothing. Hope it bugs you.
    All content belongs to me unless stated otherwise, and if you use it without my permission, I'll set my cat on you.
    jason at jasoned dot co dot uk