Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/24/2007
03:34 PM
Sharon Gaudin
Sharon Gaudin
Commentary
50%
50%

Vegas BBQ -- Burn, PC, Burn

Picture a beautiful sunset over the desert, the glow of the Vegas skyline in the distance. Then a towering wave of flames leap into the air that crackles with the heat -- a man just set his computer on fire.

Picture a beautiful sunset over the desert, the glow of the Vegas skyline in the distance. Then a towering wave of flames leap into the air that crackles with the heat -- a man just set his computer on fire.And I'm not talking about a little fire. This was a 1,700-degree blaze that engulfed ioSafe's network attached storage device with four hard drives inside.

Come on… How many of us have had violent fantasies about setting our computers ablaze at one time or another? Well, this wasn't one of those situations, but it sure was a heck of a lot of fun to watch. And what was more interesting was that once they put the fire out and cooled the box down a bit, the ioSafe guys were able to retrieve the data that was on the hard drives inside.

No, seriously. I'm not even kidding. They put the hard drives in a new machine, fired them up (pun intended), and pulled up the information. Good as new.

You can see it for yourself in our image gallery of the demo.

I have to say it was the best damn demo I've ever seen. All the other companies hitting Interop with PowerPoint presentations and funky costumes need to rethink their marketing plans a little. The ball of fire in a vacant lot outside of a place called Screw Balls was one nice touch.

Here's the deal: ioSafe is a small company that makes disaster-proof hardware. Robb Moore, the CEO of ioSafe, told my colleague Barbara Krasnoff and me that it's producing products that protect data from fire or flood. As we headed out to the demo site (oddly Mandalay Bay didn't want the fiery demonstration at its show floor booth), Moore told us that the drives are wrapped in a protective casing that would allow them to withstand up to 30 feet of water for 30 days.

But we were in the desert, so he decided to show off its fireproof capabilities instead. This was their first public demonstration of it.

Moore says ioSafe's technology is like an airplane's black box for your data. Aimed at the SMB or branch and remote office market, it has two products. One is the ioSafe S1, a single disk solution for personal backup or small offices. It also has the ioSafe R4, which holds four drives.

The $15,000 R4 was the victim for our demo.

When we first arrived at the demo site, the ioSafe guys took some pictures of all of us. Then they uploaded the images onto one of the drives in the R4. The goal was to set the machine on fire and then pull those same images out again after as proof that they weren't pulling a fast one on us.

To show us what would happen to an unprotected drive, they laid one in a cooking pan on top of the R4.

As a safety measure, they covered the unit on all four sides with a metal grating. We could still see it plainly. Then using a blow torch and a propane set up, Bill Alexander, the director of engineering, started the fire. It built quickly. Flames climbed into the night sky. The acrid smell in the air was thick. After a few minutes, Moore used a temperature gauge and showed me that the fire was up to 1,647 degrees Fahrenheit. The temperature continued to climb. He said it hit 1,700 degrees.

Moore and Alexander both explained to me that the front of the storage unit has a spring-loaded door. When the temperature around the machine, which is built with fireproof gypsum, hits 200 degrees, a trigger snaps the door shut.

After 10 minutes, they shut down the burn. The unit glowed inside the metal grating. The cooking pan on top glowed even brighter with the heat. Actually, the handles on the cooking pan melted off and the sacrificial drive was barely recognizable.

They took the grating off, lifted the weighty unit down to the sandy ground and hosed it down for a minute or two to cool it. After that, they took the drives out and laid them on a table in front of a fan to cool them before they put them inside another machine. After just a few minutes, I touched one and it was only slightly warm.

Alexander popped the hard drives in and within a few minutes we were looking at the pictures they took of us when we arrived at Screw Balls.

"It's the one thing you can't get insurance for to get it back," said Moore. "You have a fire and you can get new desks and chairs but you can't get your data back."

It was the most interesting technology I saw at the conference. And it was the coolest demo I've ever seen.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15570
PUBLISHED: 2020-07-06
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
CVE-2020-15569
PUBLISHED: 2020-07-06
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.
CVE-2020-7690
PUBLISHED: 2020-07-06
It's possible to inject JavaScript code via the html method.
CVE-2020-7691
PUBLISHED: 2020-07-06
It's possible to use <<script>script> in order to go over the filtering regex.
CVE-2020-15562
PUBLISHED: 2020-07-06
An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.