Atomic I/O letters column #97Originally published 2009, in Atomic: Maximum Power Computing
Reprinted here August 25, 2009 Last modified 16-Jan-2015.
I am wondering about "secure data erasure" schemes. The Gutmann Method, for instance, purportedly overwrites data 35 times with varying junk data patterns.
A quicker alternative, the US DoD 5220-22.M method, only overwrites it 7 times, and is therefore considered less "secure".
Why isn't replacing all the data just once enough? Surely if the hard-drive (or whatever) is filled entirely with 0s, or 1s or a random combination thereof, you shouldn't be able to recover any of the original data at all, should you?
The basic idea is that when data is overwritten only once, the fuzzy blobs of new data bits deposited on top of the fuzzy blobs of old data bits may allow some of the old data to peek out around the sides. There's no way to recover that data with an ordinary computer, but it's barely conceivable that you could do it by removing the drive's controller board and connecting the moving parts up to more sensitive hardware.
(I talked about this in this old I/O column.)
The 35 passes of the full "Gutmann method" are, as Peter Gutmann is perfectly happy to explain, much more than you need to erase any kind of data on any hard drive anywhere in the world, to the point where you can quite confidently bet your life that nobody can recover it.
The reason why it's much more than you need is that the Gutmann sequence includes several different kinds of overwriting, each for a different kind of drive. It includes, for instance, a special overwrite flavour for MFM ST-506 drives, from when 10Mb was a lot of disk space.
Gutmann has acknowledged that these fancy overwrite strategies are a complete waste of time if you're trying to wipe data on a modern drive. All you need to do to achieve maximum data obliteration, on a modern drive that uses "Extended Partial Response Maximum Likelihood" to tease ones and zeroes out of the minuscule signal from the read heads, is overwrite the data with fairly-random data a few times.
Even after you do this, it's still barely possible that someone might be able to read the data back. They almost certainly couldn't do it by just plugging the drive's own read/write hardware into a more sensitive controller, though. They'd probably have to extract the platters and attack them with a magnetic force microscope, or something.
But this would be a very major undertaking. Physicists are divided about whether it'd even be possible. One study has concluded that even with an atomic force microscope, it is functionally impossible to recover data from a modern hard drive even if the data's only been overwritten once.
So it could well be easier for an attacker to just kill everybody in your building and make it look like an accident, than for them to recover twice-overwritten deleted data.
If the NSA-or-whoever had to read a whole ordinary modern consumer hard drive to find the data they were looking for, by the way, they'd have to plough through an awful lot of data they didn't care about. If, to give an idea of the amount of data involved, someone decided to draw up a map of a current consumer hard drive's data, with each bit-region taking up an area of one square millimetre, that circular printout would have a diameter of more than two kilometres.
(About 2.26 kilometres, for a "500Gb" drive. More then three kilometres, for a "1Tb" drive.)
And likewise, if you've got a reading system that takes only a millionth of a second to read each bit (I'm not sure, but I think it could take quite a lot longer), you and your colleagues in Langley, Virginia would be sitting around for 46 days, if you had to read a whole 500Gb drive.
Is vacuuming the inside of a desktop or laptop computer a Good Idea or is it considered harmful?
On the one hand, getting rid of the absurd amounts of dust is obviously good. On the other hand, lots of pages warn of the generated static electricity. Another blog recently warned that fans spinning in the vacuum-cleaner's air-stream might act as generators and induce a computer-killing current.
In the past my solution has always been propping up the open case in an open window and just blowing as hard as I can. Of course the case hanging halfway outside the window is just a terrible freak accident waiting to happen.
Old-fashioned belt-drive vacuum cleaners actually work as pretty good Van de Graaff generator, and can build up quite large static charges. Even modern cleaners with direct-drive impellers are going to build up some charge, though, just from the air rushing through the tube. You could probably make a static-safe vacuum cleaner by using a metal tube - possibly with no attachment on the end - and earthing the tube (or just hooking it up to the computer's chassis with an alligator-clip lead), but I haven't tried that.
Modern vacuums that have truly variable suction, as well as the old-style "curtain setting" that just opens a vent in the tube, should actually work very nicely for cleaning computers if you can deal with the static problem, and are careful. I'm sure you can also buy intrinsically "ESD safe" vacuum cleaners. The little Dremel-sized battery-powered ones (some are now USB powered!) are probably ESD safe, but have so little suction as to be essentially useless. As I mention in this column from many years ago, though, you can get attachments for full-sized vacuum cleaners that give you a dainty little tube for cleaning small objects. I can't find any stores here in Australia that still stock these adapter kits, but a quick eBay search turns up a few.
I'd only bother going down this path if I had to clean out a lot of computers, though. What I suggest you try is a more refined version of your out-the-window technique.
Take the computer outside, and blow the dust out of it with a can of air-duster, or for almost as good an effect...
...one of those big "rocket" puffer bulbs (as mentioned in this piece).
Or blow the dust out indoors, and just take the computer away after you've finished blowing it clean, and vacuum the floor where it was.
If you're using air-duster, bear in mind that you can indeed destroy fans (though probably not the computer itself) with air-flow, coming out of an air-duster can or going into a vacuum cleaner. Anything that makes the fan spin much faster than its stock speed, in either direction, is bad. People cleaning computers with air-duster can easily do this to a CPU-cooler fan.
(As I mention in the How To Destroy Your Computer piece, an air compressor isn't a good idea for computer-cleaning, unless you've just drained all of the rusty water out of the tank, or have a very reliable water trap in the hose. And even then, you'd have to be careful to avoid blowing components right off the motherboard.)
I am currently shelling out big bucks for CompTIA A+ accreditation, and one of the recurring questions that comes up centres around "Bob leaves his laptop plugged in to the AC adapter most of the time, but when he unplugs it runs out of power quickly. What steps should you take?"
The answer is usually to clean the battery contacts and cycle the battery a few times, "cycling" being defined as turning the sleep function off and leaving the laptop till it shuts down due to low battery, not completely flattening it.
My question is: Am I being led astray down the path of "memory effect", or is this some sort of calibration issue I've never heard of?
At least they didn't say anything about "memory effect".
It's actually likely to be impossible to completely flatten a lithium-ion battery, as opposed to loose lithium-ion cells. The built-in protection circuitry in all normal LiI batteries will disconnect the output when the voltage gets low. I noticed this even with a battery that I was discharging through a simple resistor, when I wrote my review of that ridiculous Batterylife sticker thing.
There are two possibilities in the classic "my laptop's been plugged in for months, and now it has 20 seconds of battery life" situation.
1: The battery is genuinely dead. Perhaps it still had 40% of its new capacity the last time it had to power the laptop for any length of time, but LiI batteries have a hard lifespan limit no matter how you treat them, and once they've hit that limit, they're dead. In this case, cycling the battery will do no good, but obviously also no further harm.
(The lifespan of a lithium-ion battery used to, quite commonly, be only a couple of years, as I explained in this piece. They're usually quite a lot better, now.)
2: The cells in the battery have some life left, but the capacity-monitoring firmware in the battery, in the laptop, or both, has become deranged, believes the capacity is much lower than it is, and is cutting off output way too early. In this case, cycling the battery may in fact help - though not because of any chemical effect.
I don't think there are any other options on this particular list, so you've nothing to lose. If a battery's really toast, cycling it a few times won't take very long anyway. A few minutes to drain it (run the distributed.net client or Super PI or something to speed things up), a few more minutes for the computer to believe it's full again.
The other is supposedly 1400VA, yet of rotten quality, so that it will not switch to battery in time when a brownout occurs. Let's call this one Al.
I have a PC, an LCD monitor and an ADSL modem/router, all of which I want to be able to use through power outages lasting 20-40 minutes. My problem is:
Al, even though it has supposedly adequate capacity for this task, won't switch to battery power fast enough, so I end up with a freshly reset PC every time the mains is out.
Sam, on the other hand, intervenes on time, but is helpless after 15 minutes.
I developed two theoretical, yet untried to date, solutions:
The first is to connect Sam and Al in series - Al to the wall, Sam to Al, PC (and the other stuff) to Sam. This should work, I suppose, yet there might be two issues: First, I don't know if I isolate Sam and hence the PC from earth in this setting, and second, connecting UPS units in series is not the most power-efficient way to use them.
The second solution would be to connect both Al and Sam to the wall, and connect their outputs in parallel to the PC. However, I am not sure if this is a safe way to go.
Separating the pieces, i.e. connecting the PC to Sam and the LCD and modem to Al in a sort of load-balancing setup is not an option because the power requirements of the PC and the other stuff are not even roughly equal. LCD draws 45 watts, modem something negligible. On the other hand the PC with the Core 2 Duo and GeForce 8something, sucks incomparably more power, enough to bleed poor Sam dry in less than 20 minutes.
What would you suggest apart from getting a decent new UPS, though I know that is the sensible way to go?
Both of your theoretical solutions are, I'm afraid, asking for trouble.
Connecting the UPSes in series may actually work, for suitably small values of "work" - if attempting this Stupid Electrical Trick, make sure that each UPS in the chain has a lower rating than the one behind it, to reduce the chance that all but the last one won't just overload. As a general rule, though, it's a bad idea to connect power-protection devices in series. It's not the UPS features that're a problem here, and you ought to have an OK earth too, but the surge-protection stuff could have difficulties.
(The most diverting version of this idea is several UPSes connected in a circle, all clicking away like crazy until one dies.)
Your UPSes-in-parallel idea, in contrast, will lead to instant disaster. You'd have the output of one UPS driving the input of the other during switch-over, and they'd be outputting slightly out-of-sync AC in mains mode (because of phase-shifting by protection hardware) and very out-of-sync AC in battery mode (because they've got no mains reference to sync to, then). And there are probably other things wrong with it too that I haven't figured out yet.
So what do I suggest, apart from getting a decent new UPS?
Get a lousy new UPS!
Usually the only thing wrong with old UPSes is that their battery is dead, which I've firmly established is eminently curable. And if you can get a seller on eBay or wherever to remove the old dead batteries from a used UPS before they send it to you, even the shipping shouldn't be very expensive.
If I were you, I'd ditch the more-powerful UPS with the switch-over problem, and run the less-powerful UPS from bigger batteries with the same voltage as its stock ones. And, if the less-powerful UPS doesn't have enough grunt to power all of the gear, get another UPS to run from big batteries too.
There's one risk I didn't think of when I wrote the UPS-upgrade piece, though; I'll mention it here as well as add it to that article.
Small, cheap UPSes are not expected to run for long periods of time at full power, because their standard batteries don't have enough capacity to run them for long periods of time at full power. In other words, they have a relatively short "duty cycle".
If you swap in batteries with much higher capacity, a UPS will be able to run for much longer. If it's not having to deliver a large fraction of its rated power then this is unlikely to be a problem, but if it's heavily loaded, it may overheat and fail, or even catch fire.
This shouldn't be a problem with any UPS that has a cooling fan, like the old APC Smart-UPS 1400 that's hooked up to most of the stuff in my office. It also shouldn't be a problem with any UPS that has add-on batteries available as an optional extra. But bear it in mind if you're connecting car batteries to cheap UPSes. Err on the side of caution, and keep the total load well below the UPS's rating.