Schneier on Security
A blog covering security and security technology.
« De-Anonymizing Social Network Users |
| Google in The Onion »
March 8, 2010
Eating a Flash Drive
How not to destroy evidence:
In a bold and bizarre attempt to destroy evidence seized during a federal raid, a New York City man grabbed a flash drive and swallowed the data storage device while in the custody of Secret Service agents, records show.
The article wasn't explicit about this -- odd, as it's the main question any reader would have -- but it seems that the man's digestive tract did not destroy the evidence.
Posted on March 8, 2010 at 11:00 AM
• 55 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
What did your mother tell you? Always remember to chew your flashdrives before swallowing.
@"The article wasn't explicit about this -- odd, as it's the main question any reader would have -- but it seems that the man's digestive tract did not destroy the evidence,"
They, at this time, may not know how much is recoverable. It may take a while to know for sure.
The point of the article may be to spread what is known: the USB may not be safe to digest (as it did not pass after 4 days) and that it did not succeed in completely destroying the data. This may deter some from attempting to do so in the future.
Seems this man was also accused of placing creditcard skimmers on ATMs. The article doesn't go into the specifics but I imagine the evidence on the flashdrive were creditcards that they skimmed. Most likely pretty damning, which explains why he would care enough to eat it.
I wasn't aware the Secret Service got involved in these sorts of cases though. Isn't their job mostly just counterfieting? Is common credit card fraud and identity theft a common thing for them to get involved in?
Next time he should try TrueCrypt; it has less calories!
Yes the S.S. gets involved in these cases as they involve the currency and inter-state monetary crime.
Will this drive more criminals to use cloud storage?
New term: Intestinal encryption.
Sounds more like a one-way hash to me.
@Mark R: Yes, but did he salt it before he ate it?
Stomach acid doesn't dissolve plastic very well, so I would expect that the most damage it would do to the drive is corrode some connectors. If the drive were still in it's plastic enclosure, then I would expect that the only thing corroded might be the usb connector, which is trivial to repair.
Edible encryption depends on the cipher:
*twofish - watch out for the bones
*blowfish - get a good chef, crooks have numb tongues
*serpent - charismatics only
*caesar - and they said olive oil was good for you
Geez, the jokes practically write themselves.
"Flash in the pan..."
"Files in the hole..."
OK, ok, I'll stop.
"I had his credit cards with fava beans and a nice chianti..."
OK, really stopping this time.
@Trichinosis USA: "Geez, the jokes practically write themselves."
This crook really thought he could pull credit card numbers out of his rear.
That's just hilarious. The best method for secure erasure is still keeping the data encrypted, making sure key never touches non-volatile storage, and then erase is as simple as destroying the key. There is a low tech method that might work for things like ATM skimmers or embedded spy devices with flash drives and USB. Write the key/password down on cigarette paper & enter it with a portable, tiny keyboard. KGB used this paper for notes because it burned fast. Butane lighters are handy, too. Then, if in danger, just run fast, pull out the paper, and burn it. If your life depends on it, take time to crush flaming paper together with your fingers, spreading the effects. Will be painful, but encrypted data will likely be as unrecoverable as the flaming pieces of key used to hide it.
Indeed, I'd be surprised if the data wasn't 100% recoverable. Even if his stomach acid corroded the connectors, PCB and the pins on the flash chip, it shouldn't be very difficult or expensive to carefully etch the sides of the chip to connect a few bondwires and read the contents. The actual flash memory is inside a plastic package, hermetically sealed from the outside world, so it'll be fine.
What he should have done to destroy the data, was bite the drive hard enough to break the chip, but I'm not sure if you could do that with human teeth. These things are fairly though, but also rather thin.
Check the homepage link for a short movie clip of a suspect that did a better job at disposing of evidence by eating it.
@Nick P: "The best method for secure erasure is still keeping the data encrypted, making sure key never touches non-volatile storage, and then erase is as simple as destroying the key. "
I agree. The data destruction method described in the article would be much harder for me to stomach. ;)
Alternatively, you could have your secrets printed on chewing gum. Plausible deniability for destroying evidence :)
So, quick! They're banging on the door! What is the fastest, most reliable and effective way to quickly destroy a flash drive or otherwise render the data irretrievable?
Smash it with a brick?
Thirty seconds in the microwave oven?
Brute force works best on flash drives. By this, of course, I mean a hammer.
range top on high - gas FTW, resistive would do as well. Inductive might work even better or not at all. If that's what I had I'd want to make sure before the knock comes.
@Anonymoose: "Next time he should try TrueCrypt; it has less calories!"
Yeah, but it's all FAT.
Frankly, the only problem from an effectiveness standpoint was that they saw him do it.
I figure these things are also small enough to be flushable if he had wanted to bypass the, um, "man in the middle attack".
Sorry. They just keep coming...
That's so brilliant that I'm going to have to try it sometime.... for totally legitimate purposes, of course. And in front of unsuspecting Feds. For realism. Yeah... ;)
@ vt and Trichinosis
Oh... my... God...
If he could not "eject" it after four days, then it must be one of those bulky types. You know, the old model 256 MB or 512 MB The latest drives, one of those really tiny ones, would have come out nice and easy.
Blame Hollywood. In The Incredible Hulk, Ed Norton swallows a flash drive to keep from losing it. It, er, comes out all right in the end. You have to wonder how many yahoos get bright ideas like this from something they see in the movies.
@Romeo Vitelli: "Blame Hollywood. In The Incredible Hulk, Ed Norton swallows a flash drive to keep from losing it. It, er, comes out all right in the end. You have to wonder how many yahoos get bright ideas like this from something they see in the movies."
True. No one ever seems to ideas from the "he became a super villian when he fell in to a vat of toxic acide" storyline though.
USB flash drives now hammer-degradable.
Heavy industrial shredders (the kind that would cheerfully take your arm off if you stuck it in) are also helpful.
Now introducing: compostable data storage. Anything is compostable if you leave it there for enough millions of years . . .
For all those that think smashing a flash drive with a hammer for a few seconds will destroy the chip, dream on.
Sorry they are not indestructable but they are not far off of it (which is why they are used in modern flight data recorders). I actually know some one who was paid by a TV company to fire a steel cased thumb drive out of a musket at a brick wall. It's case and connector where knackered but it still worked after a replacment conector was soldered on.
And even if you do break the chip, it will not prevent data being read of bits of it, if people are prepared to go the extra mile or three to probe the remains out (and the equipment to do it is well within a University project lab budget).
Oh and for those who where making Alumentary deductions...
And think 4 days is a long time for the data to come to pass as it where. If you know what you are doing you can bring your dietry transit to a halt (just stop drinking water for two days) then only drink sufficient to keep you just alive. After about five days it will be to dangerous to operate on you untill you are properly re-hydrated (not sure what the law is in the US on forcing non essential surgury onto a person but I suspect most surgeons would not want to be involved).
One of the reasons the military like giving short sentance prisoners "as much bread" but only a pint or two of water a day is what it does to your dietry tract (block it rock solid after about 3-4 days and it can take two weeks of gastric pain to sort out and might give rise to lower GI bleeding in the process). It should by rights be regarded as "crul and inhuman treatment"
My advise if you get put on B&W refuse the bread you will save yourself much pain in the long run. Oh and you stop feeling hungery after about three days anyway...
> When Necula was unable to pass the item after about four days
They didn't want to wait for a log dump to recover the data.
Damn near spit my food out laughing at that one!
My daughter twice laundered her flash drive, and it worked just fine.
And the hits just keep on coming:
"Dictionary attack"? How about "acid reflux"?
Were they hoping he'd suffer a "purge" attack?
How long to digest this new form of data destruction?
"Iron Mountain"? How about "Cast-iron gut"?
Hoping for more "caustic" commentary...
Is that a re-definition of /dev/null ?
All I can say is that I'd hate to have to do a forensic analysis on that flash drive when it finally sees the light of day again.
@ Trichinosis USA,
"Geez, the jokes practically write themselves."
First of all there is the question of class certification, was the USB device compliant as "am ass storage device".
Then as in all such cases there is the PR asspect,
Do you call in a Spin Dr or a Medical Dr?
Of course there is there is the marketing oportunity with an advertising slogan,
'If you have piles of data put it on our drive, tuck it away and sit back and relax.'
Then there is Sherlock summing up the case,
'Watson, Watson, Watson it was but an alimentary deduction. Once made all I had to do was wait to get to the bottom of the matter at hand. Just wait for that ring of truth, and the evidence dropped into my hands for all the world to see.'
These chips are delicious!
@ Trichinosis USA, "Geez, the jokes practically write themselves."
Do you wanna supersize that? It's only 48 cents more!
@Clive Robinson: If you manage to really smash the chip, and I mean really break the silicium die inside, not just chip the package, I seriously doubt anyone could recover any data from it. Not only is it nearly impossible to connect to the broken data- and address lines inside, because the bond pads are gone, but the die is going to be seriously scratched. Besides that, the data will very quickly deteriorate if the die is exposed to (UV) light.
If you only get a small portion of the data, it would be really difficult to piece it together, if the wear levelling information is missing or corrupted. I doubt you'd get any evidence that would stand up in court.
they're all going to micro sd cards now.
"Write the key/password down on cigarette paper & enter it with a portable, tiny keyboard. KGB used this paper for notes because it burned fast."
No, they used Flash Paper, which is a form of Nitrocellulose. That stuff is amazing, an entire 8x11 sheet of good quality Nitrocellulose burns in two seconds flat, completely disappearing with no ash (I'm a magician)
It looks like putting flash memory chips into packages easily dissolvable in diluted acids is the next cool thing the security industry is going to offer. The connecting wires should be dissolvable as well. Maybe make the PCB digestible too.
So, you just gulp down that micro SD and all that emerges from your lower orifice is a bare silicon die... (not that it'll protect your data from a determined attacker).
One should be careful not to swallow GaAs chips, though.
Thanks for the correction! The nitrocellulose matches the description from my original source very closely. I wonder what the odds are of it spontaneously combusting on a really hot day. How much heat does it take to set it off? I know a lighter will work, but how much less?
You are all assuming that he hadn't swallowed a degausser first.
It's the most plausible explanation.
If he had cooked it, in a microwave oven, for 30 seconds prior to eating it, would that have destroyed the data?
And here I am just wondering how many state secrets have been smuggled out of secure areas on flash drives in the stomachs of spies (and what would be an appropriate countermeasure for that?)
If a thickness or two of latex condom is all it takes to separate a drug mule from a lethal dose of heroin or cocaine (most of the time) it seems to me it would be a trivial thing to "waterproof" a thumbdrive sufficiently for it to serve as an undetectable data transportation method. Ought to work quite neatly so long as you are not subjected to medical x-rays and you can arrange for a little privacy in the WC on arrival.
What if the drive was rubbed against a magnet? Would this damage the drive contents enough? I know this works with ide and the like...
No. Unlike hard drives, flash drives do not work on magnetism, but on a microscopic pattern of highly insulated electrostatic charges. The only way a magnet would have any effect is if you oscillated it fast enough to generate a voltage high enough to break down the insulation, and you won't be able to do that by hand (not even by a small motor.)
> If he had cooked it, in a microwave oven, for 30 seconds prior to eating it, would that have destroyed the data?
I have carefully stashed an old microwave oven for just such experiments. (The magnetron works, but the turntable motor just emits smoke.) I may try the experiment on the weekend, and report back. Having said that, though, my experience with microwaving CDs causes me to expect the plastics parts to emit a bunch of choking, toxic fumes, even if the chip isn't damaged. I would *not* want to swallow it afterwards.
Apparently NSA used to require (and maybe still does) that certain applications write sensitive data in such a way that an entire sensitive datum (e.g. cryptovariable) not fit within the typical size of a fragment left by the self-destruct. And that was for RAM, not flash! I'm guessing that this means that they *could* read the data back from individual fragments, but finding all the fragments and sticking them back together was too hard. However, that was for a self-destruct; a hammer blow is going to leave much bigger chunks.
It depends on your threat model, of course: it's unlikely that any opponent short of a national intelligence agency is going to go to that much trouble.
@ Nick P,
"I wonder what the odds are of it spontaneously combusting on a really hot day. How much heat does it take to set it off? I know a lighter will work, but how much less?"
There are various flash papers you can make one yourself using ordinary paper and potassium permanganate (you can get it from a chemist with little difficulty).
With regards nitrations of cellulose it was the fore runner of plastic and you will still find old piano keys and knife handles made of it.
One such use as it is near transparent is "Celluloid" which used to be used for making films...
It was also used for making billiard balls as well.
Unfortunately all nitrates of cellulose are either very very flammable or explosive, and have a nasty property in that under a percussive force the nitrates can change upwards becoming more and more explosive as they go (look up Tri-nitro-celluloses other name ;).
Which is why you will find historical reports about exploding billiard balls and musical pieces that brought the house down quite literally...
Thanks for the info. The film thing was fresh on my mind: it was a core plot device in the recent film Inglorious Basterds by Quentin Tarantino. Don't want to spoil too many details for readers, but they plan to use the volatile film to burn down a theater while Hitler & Co. are watching their best propaganda in it. Poetic justice, defined. ;)
The good part is that the idiot's mother is always pregnant... We'll never stop laughing.
Anyone cares to describe the “evidence retrieval” procedure in this case?
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.