Evaluation of the effectiveness of means of destroying information stored in hard disk drives.
Boborykin Sergey Nikolaevich
Ryzhikov Sergey Sergeevich, Candidate of Technical Sciences
ASSESSMENT OF THE EFFICIENCY OF MEANS OF DESTRUCTION OF INFORMATION STORED IN HARD MAGNETIC DISK DRIVES
Source: magazine «Special Equipment»
Owners of personal computers and computer networks are gradually coming to understand the dangers associated with the loss of information stored on hard disk drives (HDD). A market is being formed for software and hardware offerings that provide protection and effective destruction of this type of data. It is only natural that manufacturers want to present the proposed tools in the best possible way and thus ensure their rapid promotion to the market. However, even computer experts sometimes find it difficult to assess the real advantages of information destruction tools. This publication attempts to analyze the effectiveness of hard disk drive information destruction tools.
Overview of existing approaches to HDD information destruction
A classification of methods for destroying information on magnetic media is given in /1,2/. These are:
- standard software (such as Wipeinfо, etc.);
- physical destruction of the magnetic medium;
- heating the magnetic medium to the Curie point;
- destruction of the working layer (medium) by chemically aggressive environments;
- destruction of the carrier by ionizing radiation;
- the effect of an external magnetic field.
Let's consider some aspects of the application of the above methods of destroying information.
As is rightly noted in /1/, standard erasure of information is possible only on a working HDD, and its reliability is insufficient. This is due to the fact that microregions (small-volume magnetic domains) remain on the working surface of the drive, oriented in the direction of the previous external magnetic effect. The residual magnetization of these areas is relatively small and cannot be recorded by a standard device. However, with a detailed analysis of the fine structure of the magnetic field created by the studied section of the working surface of the drive, traces of previous external magnetic effects are detected quite easily. These traces allow, if necessary, to restore the information destroyed by the erasure procedure.
A somewhat more reliable result is provided by writing new information over the destroyed one. The destruction process takes quite a long time, but even in this case the original information can be restored using special methods.
Physical destruction of HDD with a correctly set up technological process ultimately leads to complete and irreversible loss of data stored on the HDD, but this approach is too labor-intensive and time-consuming.
The following approaches (heating the magnetic carrier to the Curie point, destruction of the working layer by chemically aggressive environments) allow for complete and irreparable destruction of information (although sometimes together with the HDD), but require such specific and expensive equipment that only a few corporate users can afford.
The most promising method of destroying information on HDDs at the moment seems to be the effect of an external magnetic field.
What does the market offer? Most of the industrial developments known today in the field of destruction of information on magnetic media are based on bringing the material of the media to a state of magnetic saturation.
Destruction of information occurs due to magnetization of the media by a pulsed, short-term, powerful electromagnetic field of a certain magnitude and orientation.
It is well known that after the external influence ceases, the orientation of magnetic domains can be partially preserved. The residual magnetization of the carrier material is then recorded by devices that can be used to restore previously recorded information. In addition, the design features of the HDD can significantly weaken the short-term pulse electromagnetic field.
The user needs very specific guarantees of destruction of recorded information. “Guaranteed” destruction of protected information should be understood as the impossibility of its 100% restoration by qualified specialists using any known restoration methods.
Analysis of possible methods of restoration of previously recorded information
Searching for the above methods in open sources is a futile exercise due to the specifics of their application. However, it can be assumed that the methods of restoring destroyed information currently available to specialists will differ mainly in their physical approaches to recording the fine structure of the magnetization fields of the information carrier. For example, it is possible to use devices based on the Barkhausen effect to monitor the working surfaces of HDDs, recording the jumpy nature of the magnetization curve at the microstructural level.
It is also possible to use a modification of the PRML (Partial Response Maximum Likelihood — maximum likelihood with incomplete response) technology used in modern HDDs. This technology was developed due to the fact that with existing recording densities it is no longer possible to clearly and unambiguously read a signal from the disk surface — the level of interference and distortion is very high. Instead of direct signal conversion, it is compared with a set of samples, and based on maximum similarity (likelihood), a conclusion is made about the reception of a particular machine word. The use of PRML technology together with correlation processing increases the probability of restoring information destroyed by a magnetic field.
It should be noted that the technological features of modern HDDs also contribute to the restoration of destroyed information. Head movement drives allow for small radial movements «inside» the track, making it possible to track the center of the servo track circle. This achieves the best head position for reading from each track, which, on the one hand, significantly increases the reliability of the read data and eliminates the need for time-consuming correction procedures, and, on the other hand, allows reading the «tails» of previous magnetic effects using special hardware and software.
Methods for restoring destroyed information, applied both to the entire carrier and to its individual fragments, allow analyzing records destroyed as a result of multiple rewriting (according to some data — up to five layers /1/) of new information on this carrier.
The availability of specialized technological stands, appropriate software and hardware containing playback amplifiers with an exceptionally low level of intrinsic noise make the task of restoring destroyed information quite real. Naturally, the equipment required for restoring information in HDDs is quite expensive.
Are there any guarantees that it is impossible to restore the destroyed information in full? Before answering this question, let's consider some features of the HDD operation.
Some features of the HDD operation
The devices of modern HDDs are practically standard for all manufacturers. They do not have specialized hardware for determining the position of the heads relative to the disk surface. Service and stored information are applied and read by the same heads. Precise positioning is achieved by processing the signal from the heads themselves by the engine control circuit of the movement of the heads. These HDDs do not have marks for the beginning of rotation and the position of the heads associated with the mechanics of the corresponding drive.
Information on the working surfaces of the drive is stored as a sequence of places with variable magnetization, providing a continuous data flow when reading them using sequential reading. All information and its storage locations are divided into service and user information. Service and user information is stored in track areas called sectors. Each sector contains a user data area — a place where you can write information that is subsequently available for reading and a servo data zone, written once during physical formatting and uniquely identifying the sector and its parameters (used or not, physical address of the sector, ECC code, etc.). All servo information is not available to normal read/write procedures and is absolutely unique depending on the model and manufacturer of the drive.
Unlike floppy disks and old HDD drives, modern drives undergo primary, or low-level, marking (Low Level Formatting) on a special high-precision factory technological stand. During this process, service marks — servo information — are written to the disks, and the usual tracks and sectors are formed.
When the drive is started, the microprocessor of the controller starts working. First, it performs a self-test and, if successful, starts the spindle rotation motor control circuit. The disks start spinning, dragging along the air layers adjacent to the surfaces, and when a certain speed is reached, the pressure of the air flow on the heads overcomes the force of the springs pressing them to the disks, and the heads «float up», rising above the disks by fractions of a micron. Since there is a servo marking in any zone of the disks, servo pulses begin to arrive from the heads immediately after the start of rotation, and the controller judges the rotation speed of the disks by their frequency.
The rotation stabilization system also monitors the flow of servo pulses, and when the nominal speed is reached, the so-called «capture» occurs, during which any deviation in the rotation speed is immediately corrected by changing the current in the motor windings. During the movement of the head positioner, the servo pulses coming from the heads are monitored, and the control system always “knows” how many tracks the heads have passed over.
The heads are held over the selected track in a similar manner — when deviating from the track center, the magnitude and shape of the servo pulses change over time. The control system can eliminate the deviation by changing the current in the windings of the head positioner motor. Thus, the servo markings are a kind of reference points in the process of writing and reading information.
When exposed to a cyclic powerful external magnetic field, both the data stored on the drive and the service information (servo marking) will be destroyed, which makes it problematic to use most technological procedures for restoring destroyed information on a specific HDD. For the same reason, in the case of forced re-marking of the HDD, the positions of the sectors will be shifted relative to their position during the previous marking. The magnitude of the shift is random and depends on the position of the disk-head system at the time of recording the initial mark during low-level re-formatting. This fact also significantly complicates the possibility of restoring destroyed information by multiple reading and subsequent correlation processing of the obtained data.
Therefore, to obtain certain guarantees that the destroyed information cannot be restored in full, it is necessary to make sure that the magnetic field strength at the working surfaces of the drive is sufficient for their complete saturation.
Practical measurements of the characteristics of the influencing field
In the case of HDD, the external magnetic field acts as an analogue of the field created by magnetic heads during recording. If the characteristics of the external field significantly exceed the intensity of the field created by the heads, the magnetic domains will be reoriented and the information will be destroyed. It should be taken into account that when a drive is exposed to a pulsed magnetic field, the magnitude of the magnetic field strength at the working surfaces will depend on the thickness of the upper and lower covers of the HDD case, the duration and amplitude of the pulse.
Figure 1 shows a structural diagram of the setup that allows you to estimate the degree of attenuation of the external field by the HDD design.
1. setup that creates a pulsed external magnetic field
2. the HDD under study
3. measuring Hall sensors
4. microammeter with op amp
5. oscilloscope
Fig. 1
For the experiment, a typical Western Digital 2 HDD with a capacity of 1.2 GB was selected, with the upper and lower case covers each 4 mm thick. Pre-calibrated identical Hall sensors 3 and 3’ were placed between the magnetic surfaces on the upper cover and inside the HDD case (Fig. 2).
Fig. 2
The sensor readings were recorded by a pointer microammeter 4 and an oscilloscope 5. Installation 1 functioned as a generator of a cyclic weakly alternating (with a frequency of ~ 1-1.5 Hz) pulsed magnetic field. A total of 10 HDD demagnetization cycles were performed with the sensor readings recorded. The average values of the relative losses (weakening) of the magnetic flux inside the drive case with a pulse action duration of 1-1.5 seconds amounted to 25-30%. Such significant losses even for such long pulses are due to the weakening of the magnetic field by the metal covers of the case and the magnetic surfaces of the disks, which is consistent with the calculated values obtained in /2/.
The general appearance of the measuring device and the test HDD is shown in Fig. 3.
Fig. 3
Conclusions:
- Assessing the efficiency of destruction of semantic information stored on HDD is a rather complex non-standard task.
- The proposed approach to assessing the efficiency of devices for destruction of information on HDD using an external magnetic field is not comprehensive, but it allows us to assess the degree of weakening of the external field by the drive case and thereby obtain certain guarantees of destruction of previously recorded information.
- There is an urgent need to develop a package of regulatory documents defining the criteria for destruction of information on HDD at the semantic and physical levels.
Literature
1. Boldyrev A.I., Stalenkov S.E. Reliable erasure of information — myth or reality? //Information Security. Confidential No. 1, 2001.
2. Besedin D.I., Boborykin S.N., Ryzhikov S.S. Preventing leakage of information stored in hard disk drives//Special Equipment No. 1, 2001.