messing with the power connection

The same way that most cheap UPS do it - a moderately fast relay and a few mSec with no power at all. So, no attempt at paralleling or phase matching.

The unit can test that the secondary supply is a suitable voltage. It obviously does check that there is a secondary supply present, of some kind.

One could knock up something similar with a mains changeover relay energised via a switch connected to the secondary supply.

IBM lightning drives must be tougher than Seagates (they turn slower and had a smaller capacity, bigger head surface) but even 63Gs is a pretty good hit. The test was really whether the drive, as installed in a machine, would tolerate a lot of rough handling, as was the original question here. It is safe to say if you were holding that drive or riding in the vehicle it was mounted to and took a 63G hit it would be academic to your heirs whether the drive survived.

Simply letting the machine topple sideways onto a hard surface can easily generate more than 63G in the hard drive. Bumping it into a doorway whilst carrying it, likewise. Very short duration G forces rise dramatically when even a slow moving "incompressible" body impacts on an "incompressible" surface. 63G under such circumstances is easily achieved. A drive travelling at just 1 metre per second, deforming elastically less than 1mm on impact with an incompressible surface, suffers a G force of around 50G..for around 2mSec.

Unless I had been first immersed in liquid helium, falling a foot or so or bumping into a doorway isn't going to result in me receiving such G forces. I am, fortunately, relatively good at absorbing impact by deformation, in the unfrozen state.

It is safe to say that, if I was holding that drive in the car and the vehicle hit another at 15 mph - I would be safe and well behind my air bag and restrained by my seat belt. The drive, having gone through the window and hit the ground, would be decidedly unwell.

-- Sue

I moved spinning machines around all the time and never had these problems so I am sure a fairly careful guy could take one across the country. I have a regular PC in my car and it has banged around the trunk a number of times, not even skipping the MP3 that was playing. Hard drives and PCs in general are a lot tougher than people think. I imagine a person who is really interested enough in saving this data will have some kind of ventilated, padded case to carry the system unit in. Just being in a case tends to dampen shocks.

BTW I did take a look at a lightning drive and the HDA is shock mounted in the drive housing so that may have something to do with the rating. It may be apples and oranges compared to the cheap industry drives we have today.

The last line says it all. Add a 10mmm "crumple zone" around a drive, so that it can decellerate over a distance of even just a few mm, rather than a fraction of 1mm - and the G forces plummet.

Risk is as much about the consequences of getting it wrong as it is about the chances of that happening. Transporting a running drive full of irreplaceable data (eg forensic computer evidence) is riskier than transporting a parked drive and that risk can generally be avoided.

My (old) Tufbook has a drive that is suspended in the middle of stuff that feels like jelly (gelatin). So it can move several tens of mm, should the need arise.

It certainly survived dropping off the roof of the car (onto grass) when I drove off, forgetting that I hadn't put it in the car yet.. No, it wsn't running at the time.. It now has a different life, running 24x7 as an email server.

My (new) Tufbook has a silicon rubber sleeve around the drive, maybe

1/20th the thickness of the "jelly" in the old one. It, supposedly, can take a great deal of rough handling too...

Actually I am unclear what shutting the machine off would do to that data in the first place, particularly if you just pulled the plug.

On Sun, 17 Feb 2008 19:37:54 -0500 snipped-for-privacy@aol.com wrote: | On Sun, 17 Feb 2008 23:00:16 GMT, Palindrome wrote: | |>Transporting a running drive full |>of irreplaceable data (eg forensic computer evidence) is riskier than |>transporting a parked drive and that risk can generally be avoided. | | Actually I am unclear what shutting the machine off would do to that | data in the first place, particularly if you just pulled the plug.

When a whole drive is encrypted, or just a partition, to access that data it is necessary to first enter a passphase that decrypts a random bit array, or is the seed to generate one. After that is done, it is used to decrypt the data on the disk. But the key itself is only stored in RAM. If the machine is shutoff, the key is lost and the entry of the passphrase must be repeated. By taking the machine in its running state, the opportunity exists to examine the drive contents while the decryption is still active.

On Sun, 17 Feb 2008 10:54:40 -0800 (PST) snipped-for-privacy@mail.croydon.ac.uk wrote: | On 17 Feb, 17:02, Palindrome wrote: | |> I must admit to being rather shocked ( ;) ) that it *could* be marketed. |> ICBW, but I very much doubt that such a product could be sold to |> anyone, through "confidential channels" or not, in the UK. It is just an |> accident waiting to happen. | | They list a 220V UK version; do they not even know what the mains | Voltage is in the UK?

Probably close enough for government work.

| Unless I've misunderstood how it works the supplies from the mains and | the UPS would briefly be connected in parallel; that might not be a | good idea if the Voltages are not the same, and how do you ensure that | they're in phase?

If they are not the same, the higher voltage source carries most of the current.

The steps to do this first require connecting a working UPS. The UPS would be generating its own power in phase with the mains. So the phase would be the same when making the transfer from mains to UPS power. At the lab, the process is reversed to release the UPS and the HotPlug. Again, the UPS is plugged into the mains, and syncs its phase. Then the computer power connection can be paralleled safely between UPS and mains. Then the UPS is disconnected.

| I haven't seen the thing, but from the description I very much doubt | that it could legally to sold, or used, here in the UK.

It is certainly dangerous. The rules might readily disallow it from being sold to the public. They may make exception for law enforcement.

| They suggest using it to move servers; most servers have more than one | power supply, so you can move them from one UPS to another while | they're running anyway. I've once moved several servers from one rack | to another this way while they were running. Simply replace the | cables one at a time by long ones going in through the front of the | cabinet, very carefully pull the server out of the rack and put it | onto the other rack, one at a time replace the temporary power cables | with the permanent ones in the new rack. It's not something I'd | normally recommend if you can avoid it, but it can be done.

Lots do have the redundant power supplies. Not all do. It could be used for that. But given the hazard, I would never recommend it except in the most dire circumstances.

On Sun, 17 Feb 2008 13:15:12 -0500 Michael A. Terrell wrote: | Ben Miller wrote: |> |> snipped-for-privacy@ipal.net wrote: |> > This is an amazing device: |> >

|> >

|> >

|> Aside from the discussions of security, defeating it, etc. there are |> electrical safety issues: |> |> 1) This guy claims "years of experience as an electrician" yet demonstrates |> opening an outlet cover and cutting a hot wire with the circuit energized. |> He says to use "insulated" cutters, but how many non-professionals would |> know that the normal hardware store cutters are not adequately insulated. |> |> 2) The hot plug device, once armed, puts 120V on the end of an exposed |> plug, and the receptacle (after it is removed). |> |> This is completely irresponsible. Dangerous product, and dangerous |> demonstration. | | | Which is the reason Phil is fascinated by it.

You've completely missed the mark. OTOH, this is not the first time you have been fascinated by making personal attacks online.

If the drive is "opened" when they sieze it, why not just copy the data right there? In real life guys like the FBI and NSA can crack just about any encryption with minimal effort. I know a guy who works in that arena and he has a tool that broke the IBM encryption on my laptop in about

5 minutes.

With 500+GByte disks household items these days - it can take quite a while copying the data off - even presuming a police officer was present who knew how to do it and had enough USB drives with him to do it.

Whilst many encryption algorithms are easily breakable, MS Word springs to mind, others are a challenge - even for the NSA. The advantage of getting hold of a computer which has the suspect still logged in, is that a lot of encrypted stuff is available en clair - whilst that user is logged in. All this kit does is keep the computer in that state. Why spend (expensive) time and effort breaking encryption, when the stuff is available, unencrypted?

Plus, it is possible to set up computers to run with no hard disk at all. They boot from the network and load their operating system from the network - into RAM. From a server that could be in another juristiction, or even on a different continent. Lose power and there is absolutely no evidence left to analyse. However, if someone has gone to the trouble of setting up a computer like this, for less than honest reasons, he is probably going to take a few more precautions, too*.

*Which you will excuse me for not going into.

-- Sue

On Sat, 16 Feb 2008 09:34:13 GMT Palindrome wrote: | snipped-for-privacy@ipal.net wrote: |> On Fri, 15 Feb 2008 19:36:35 -0800 Anthony Guzzi wrote: |> | snipped-for-privacy@ipal.net wrote: |> |> This is an amazing device: |> |> |> |>

|> |> |> | |> | |> | So how long have you worked for that company? |> |> Never have. I'm actually trying to figure out ways to defeat it. |> |> 1. Use a 240 volt circuit. The 240 volt version might not be in the USA. |> 2. Use 48 volt DC to the PSU. They don't even make that. |> 3. Use a power strip plug that shorts itself while not inserted. |> 4. Configure the whole disk encryption to timeout regardless of activity. |> | | | There is a *very* much easier way to defeat it. However, bearing in mind | that its use is as a forensic tool for law enforcement - such | discussions really aren't in the public interest.

Not exclusively so, otherwise it would not be offered to the public (as dangerous as it might be).

On Mon, 18 Feb 2008 02:07:40 -0500 snipped-for-privacy@aol.com wrote: | On 18 Feb 2008 06:17:56 GMT, snipped-for-privacy@ipal.net wrote: | |>When a whole drive is encrypted, or just a partition, to access that data |>it is necessary to first enter a passphase that decrypts a random bit |>array, or is the seed to generate one. After that is done, it is used |>to decrypt the data on the disk. But the key itself is only stored in |>RAM. If the machine is shutoff, the key is lost and the entry of the |>passphrase must be repeated. By taking the machine in its running state, |>the opportunity exists to examine the drive contents while the decryption |>is still active. | | If the drive is "opened" when they sieze it, why not just copy the | data right there?

They could do that. But maybe there is not attachment means to make a copy, or make one fast enough. Ever tried to copy a 1TB drive via USB?

| In real life guys like the FBI and NSA can crack just about any | encryption with minimal effort. I know a guy who works in that arena | and he has a tool that broke the IBM encryption on my laptop in about | 5 minutes.

Wishful thinking. Commercial encryption also tends to be weak.

On Mon, 18 Feb 2008 09:09:20 GMT Palindrome wrote: | snipped-for-privacy@aol.com wrote: |> On 18 Feb 2008 06:17:56 GMT, snipped-for-privacy@ipal.net wrote: |> |>> When a whole drive is encrypted, or just a partition, to access that data |>> it is necessary to first enter a passphase that decrypts a random bit |>> array, or is the seed to generate one. After that is done, it is used |>> to decrypt the data on the disk. But the key itself is only stored in |>> RAM. If the machine is shutoff, the key is lost and the entry of the |>> passphrase must be repeated. By taking the machine in its running state, |>> the opportunity exists to examine the drive contents while the decryption |>> is still active. |> |> If the drive is "opened" when they sieze it, why not just copy the |> data right there? |> In real life guys like the FBI and NSA can crack just about any |> encryption with minimal effort. I know a guy who works in that arena |> and he has a tool that broke the IBM encryption on my laptop in about |> 5 minutes. | | With 500+GByte disks household items these days - it can take quite a | while copying the data off - even presuming a police officer was present | who knew how to do it and had enough USB drives with him to do it. | | Whilst many encryption algorithms are easily breakable, MS Word springs | to mind, others are a challenge - even for the NSA. The advantage of | getting hold of a computer which has the suspect still logged in, is | that a lot of encrypted stuff is available en clair - whilst that user | is logged in. All this kit does is keep the computer in that state. Why | spend (expensive) time and effort breaking encryption, when the stuff is | available, unencrypted?

Ideally, do a RAM dump, and see if you can grab the buffered key. If the computer is in a state it can continue to decrypt disk contents, capturing that state itself is precious.

| Plus, it is possible to set up computers to run with no hard disk at | all. They boot from the network and load their operating system from the | network - into RAM. From a server that could be in another juristiction, | or even on a different continent. Lose power and there is absolutely no | evidence left to analyse. However, if someone has gone to the trouble of | setting up a computer like this, for less than honest reasons, he is | probably going to take a few more precautions, too*. | | *Which you will excuse me for not going into.

Yeah, it's off topic for this group. These things are frequently discussed on various software related groups.

One of the things I've often thought about is the new hi-speed drives and gyroscopic torque. So I sat down and *assumed* a few dimensions.

If the rotating platters add up to 50 grams, and the radius of the platters is about 5 cm, and the drive spins at 7400 RPM (775 rad/s), you get a moment of inertia of only 6.25e-5 kgm^2, which doesn't sound like very much.

Now, if you tilt the spinning axis of such a drive while its running at rated speed, the gyroscopic torque is the product of the moment of inertia, the rate it's spinning and the rate you're tilting it. So if you tilt it at a leisurely 1 rad/s, the resulting torque is about 0.05 N-m. Again, it may not sound like much, but if the shaft length is only 2 cm, that places a force of 2.4 N extra loading on the bearings. Considering the normal weight on the bearings is only about 0.25 N, that extra force is almost 10x the normal loading.

Not enough to fail probably, but gives one an appreciation for what 'rolling / twisting' a running hard drive can do.

daestrom

And you don't? YAWNNNNN!!!!!!!!!!!!!!

On Mon, 18 Feb 2008 15:28:32 -0500 Michael A. Terrell wrote: | snipped-for-privacy@ipal.net wrote: |> |> You've completely missed the mark. OTOH, this is not the first time you |> have been fascinated by making personal attacks online. | | | And you don't? YAWNNNNN!!!!!!!!!!!!!! | |

I don't start them. I defend when it happens.

Absolute bullshit!

That's not "just about any encryption". It's meant to keep thieves from stealing your data, not the NSA. Sheesh!