Risk
5/24/2007
03:34 PM
Sharon Gaudin
Sharon Gaudin
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Vegas BBQ -- Burn, PC, Burn

Picture a beautiful sunset over the desert, the glow of the Vegas skyline in the distance. Then a towering wave of flames leap into the air that crackles with the heat -- a man just set his computer on fire.

Picture a beautiful sunset over the desert, the glow of the Vegas skyline in the distance. Then a towering wave of flames leap into the air that crackles with the heat -- a man just set his computer on fire.And I'm not talking about a little fire. This was a 1,700-degree blaze that engulfed ioSafe's network attached storage device with four hard drives inside.

Come on… How many of us have had violent fantasies about setting our computers ablaze at one time or another? Well, this wasn't one of those situations, but it sure was a heck of a lot of fun to watch. And what was more interesting was that once they put the fire out and cooled the box down a bit, the ioSafe guys were able to retrieve the data that was on the hard drives inside.

No, seriously. I'm not even kidding. They put the hard drives in a new machine, fired them up (pun intended), and pulled up the information. Good as new.

You can see it for yourself in our image gallery of the demo.

I have to say it was the best damn demo I've ever seen. All the other companies hitting Interop with PowerPoint presentations and funky costumes need to rethink their marketing plans a little. The ball of fire in a vacant lot outside of a place called Screw Balls was one nice touch.

Here's the deal: ioSafe is a small company that makes disaster-proof hardware. Robb Moore, the CEO of ioSafe, told my colleague Barbara Krasnoff and me that it's producing products that protect data from fire or flood. As we headed out to the demo site (oddly Mandalay Bay didn't want the fiery demonstration at its show floor booth), Moore told us that the drives are wrapped in a protective casing that would allow them to withstand up to 30 feet of water for 30 days.

But we were in the desert, so he decided to show off its fireproof capabilities instead. This was their first public demonstration of it.

Moore says ioSafe's technology is like an airplane's black box for your data. Aimed at the SMB or branch and remote office market, it has two products. One is the ioSafe S1, a single disk solution for personal backup or small offices. It also has the ioSafe R4, which holds four drives.

The $15,000 R4 was the victim for our demo.

When we first arrived at the demo site, the ioSafe guys took some pictures of all of us. Then they uploaded the images onto one of the drives in the R4. The goal was to set the machine on fire and then pull those same images out again after as proof that they weren't pulling a fast one on us.

To show us what would happen to an unprotected drive, they laid one in a cooking pan on top of the R4.

As a safety measure, they covered the unit on all four sides with a metal grating. We could still see it plainly. Then using a blow torch and a propane set up, Bill Alexander, the director of engineering, started the fire. It built quickly. Flames climbed into the night sky. The acrid smell in the air was thick. After a few minutes, Moore used a temperature gauge and showed me that the fire was up to 1,647 degrees Fahrenheit. The temperature continued to climb. He said it hit 1,700 degrees.

Moore and Alexander both explained to me that the front of the storage unit has a spring-loaded door. When the temperature around the machine, which is built with fireproof gypsum, hits 200 degrees, a trigger snaps the door shut.

After 10 minutes, they shut down the burn. The unit glowed inside the metal grating. The cooking pan on top glowed even brighter with the heat. Actually, the handles on the cooking pan melted off and the sacrificial drive was barely recognizable.

They took the grating off, lifted the weighty unit down to the sandy ground and hosed it down for a minute or two to cool it. After that, they took the drives out and laid them on a table in front of a fan to cool them before they put them inside another machine. After just a few minutes, I touched one and it was only slightly warm.

Alexander popped the hard drives in and within a few minutes we were looking at the pictures they took of us when we arrived at Screw Balls.

"It's the one thing you can't get insurance for to get it back," said Moore. "You have a fire and you can get new desks and chairs but you can't get your data back."

It was the most interesting technology I saw at the conference. And it was the coolest demo I've ever seen.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1556
Published: 2014-09-12
Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3.2-1955 allows remote attackers to inject arbitrary web script or HTML via the name parameter to photo/photo_one.php.

CVE-2014-2008
Published: 2014-09-12
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.

CVE-2014-2009
Published: 2014-09-12
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log.

CVE-2014-4735
Published: 2014-09-12
Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php.

CVE-2014-5259
Published: 2014-09-12
Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
CISO Insider: An Interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant