DonationCoder.com Software > Post New Requests Here

IDEA: Self Distruct

(1/4) > >>

Uncle John:
I've been thinking about this idea for a program for quite a while but have been hesitant to share it since the program could be used for good as well as bad purposes (ie. virus). On the other hand isn't that the case with all technology. So here goes...
If you are as old as me you will remember that the starting scene from every episode of the TV series mission impossible starts the same way. Secret agent Jim retrieves a tiny tape cassete from some hidden location in a public place (e.g. under a shelf in a phone booth) places it in a player and listens to his instructions for his next "impossible" mission. At the end of the recording the voice says something like "this tape will self destruct in x seconds". Shortly after the cassete fizzles and dissolves. The fizzling is a great visual effect but the main point is that the information on the tape was destroyed.
I'm sure that there are scores of people around the world that wished they could destroy the data held on the hard disk of the laptop or USB flash drive drive that has been lost or stolen and that is where my idea comes in.
There are scores of remote access programs around that will allow you to operate a PC over the internet. Why not have a program running on the remote PC that will poll for a destruct command initiated by the authorized custodian of the data? If program receives the command it will automatically delete the specified data on media in question regardless of where it might be.
Given the astonishing fines (and jail terms) organisations place on unauthorised access to data nowadays and the many stories in the media about lost PCs with sensitive data etc., I'm sure my "self destruct" idea will be very popular. 

scancode:
I'd go for correctly implemented encryption. No need to pull the kill switch ;)

Deozaan:
See Skrommel's DoOrDel.

f0dder:
See Skrommel's DoOrDel.
-Deozaan (October 12, 2008, 03:45 PM)
--- End quote ---
"Bypassing it is simple", says the page.

+1 to scancode, proper encryption is the way to prosperity.

40hz:
I'd go for correctly implemented encryption. No need to pull the kill switch ;)
-scancode (October 12, 2008, 03:38 PM)
--- End quote ---

Agree with scancode & f0dder.

Encryption's far better than deletion for security. Encryption can be done in one pass. t would take multiple read/writes to securely delete something such that it would be difficult to recover. And the huge amount of disk activity would be enough to tip somebody off that something unusual was going on. Anybody with a modicum of technical knowledge would put two and two together in about a minute and just kill power to the box. Encryption could be set to silently run in the background and do its work without unusual disk activity.

There was a program called Dead Man's Switch that did something similar except it activated automatically if you didn't contact it. Basically, it would initiate a number of actions (i.e. send out e-mails, encrypt files, etc.) if it didn't hear from you after a predefined interval. It was originally written around the time of Win2K. I don't believe it's being maintained any more (the author was probably worried about liability if it ever malfunctioned) but it is still available for download if you google it. Use with caution since it's dependent on the system time reported in Windows. If you (or some piece of malware) monkeys with your date or time settings, it can accidentally be triggered.

The real weakness with this type of software, however, is that it only stops casual thieves and morons. That's because it relies on the stolen device to be running in order for it to work, A real data thief will just pull the drive out of the machine and mount it on another PC so that none of the executables will be active. Then he can browse what's on it at leisure. Once he grabs what he wants, he'll just wipe it with something like DBan, install a Linux distro, and head on over to a flea market (preferably out of state) to dump it.

In order for what you're proposing to be usably effective, it would have to be hardware-based, controlled by the BIOS, and use to a serialized hard drive keyed to only work with a specific motherboard. That puts it in OEM territory. I believe there are already some laptops that implement full disk encryption using such a system.

(Hmmm...finally starting to get a little worried about that 8GB JPG "Art Collection" you've got, eh? ;D)

Navigation

[0] Message Index

[#] Next page