Risk
5/24/2007
03:34 PM
Sharon Gaudin
Sharon Gaudin
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Vegas BBQ -- Burn, PC, Burn

Picture a beautiful sunset over the desert, the glow of the Vegas skyline in the distance. Then a towering wave of flames leap into the air that crackles with the heat -- a man just set his computer on fire.

Picture a beautiful sunset over the desert, the glow of the Vegas skyline in the distance. Then a towering wave of flames leap into the air that crackles with the heat -- a man just set his computer on fire.And I'm not talking about a little fire. This was a 1,700-degree blaze that engulfed ioSafe's network attached storage device with four hard drives inside.

Come on… How many of us have had violent fantasies about setting our computers ablaze at one time or another? Well, this wasn't one of those situations, but it sure was a heck of a lot of fun to watch. And what was more interesting was that once they put the fire out and cooled the box down a bit, the ioSafe guys were able to retrieve the data that was on the hard drives inside.

No, seriously. I'm not even kidding. They put the hard drives in a new machine, fired them up (pun intended), and pulled up the information. Good as new.

You can see it for yourself in our image gallery of the demo.

I have to say it was the best damn demo I've ever seen. All the other companies hitting Interop with PowerPoint presentations and funky costumes need to rethink their marketing plans a little. The ball of fire in a vacant lot outside of a place called Screw Balls was one nice touch.

Here's the deal: ioSafe is a small company that makes disaster-proof hardware. Robb Moore, the CEO of ioSafe, told my colleague Barbara Krasnoff and me that it's producing products that protect data from fire or flood. As we headed out to the demo site (oddly Mandalay Bay didn't want the fiery demonstration at its show floor booth), Moore told us that the drives are wrapped in a protective casing that would allow them to withstand up to 30 feet of water for 30 days.

But we were in the desert, so he decided to show off its fireproof capabilities instead. This was their first public demonstration of it.

Moore says ioSafe's technology is like an airplane's black box for your data. Aimed at the SMB or branch and remote office market, it has two products. One is the ioSafe S1, a single disk solution for personal backup or small offices. It also has the ioSafe R4, which holds four drives.

The $15,000 R4 was the victim for our demo.

When we first arrived at the demo site, the ioSafe guys took some pictures of all of us. Then they uploaded the images onto one of the drives in the R4. The goal was to set the machine on fire and then pull those same images out again after as proof that they weren't pulling a fast one on us.

To show us what would happen to an unprotected drive, they laid one in a cooking pan on top of the R4.

As a safety measure, they covered the unit on all four sides with a metal grating. We could still see it plainly. Then using a blow torch and a propane set up, Bill Alexander, the director of engineering, started the fire. It built quickly. Flames climbed into the night sky. The acrid smell in the air was thick. After a few minutes, Moore used a temperature gauge and showed me that the fire was up to 1,647 degrees Fahrenheit. The temperature continued to climb. He said it hit 1,700 degrees.

Moore and Alexander both explained to me that the front of the storage unit has a spring-loaded door. When the temperature around the machine, which is built with fireproof gypsum, hits 200 degrees, a trigger snaps the door shut.

After 10 minutes, they shut down the burn. The unit glowed inside the metal grating. The cooking pan on top glowed even brighter with the heat. Actually, the handles on the cooking pan melted off and the sacrificial drive was barely recognizable.

They took the grating off, lifted the weighty unit down to the sandy ground and hosed it down for a minute or two to cool it. After that, they took the drives out and laid them on a table in front of a fan to cool them before they put them inside another machine. After just a few minutes, I touched one and it was only slightly warm.

Alexander popped the hard drives in and within a few minutes we were looking at the pictures they took of us when we arrived at Screw Balls.

"It's the one thing you can't get insurance for to get it back," said Moore. "You have a fire and you can get new desks and chairs but you can't get your data back."

It was the most interesting technology I saw at the conference. And it was the coolest demo I've ever seen.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-4988
Published: 2014-07-09
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

CVE-2014-0207
Published: 2014-07-09
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

CVE-2014-0537
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-0539
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-3309
Published: 2014-07-09
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.