Neat idea: if you could delete the security key on a self-encrypting drive (SED) then for all practical purposes the data is lost for ever. That's what Toshiba has done, adding a key wipe facility to its SED products. The Toshiba SED drives, such as the 2.5-inch, 7200rpm models announced in July, are designed for use by notebook …
power outage will cost more then just lost productivity.
how about the circuit breaker tripping?
these devices won't be able to be sale in Africa.
It means if the power trips on the copier, for whatever reason, you're going to have to rescan or reprint whatever it hasn't got around to putting onto paper. Tough.
The device is conceptually equivalent to hundreds of Gbytes of RAM. Cheaper, slower to randomly access, and even more certain to 100% self-erase on power-loss.
Other uses? I have read of a Linux software implementation where two servers generate encrypted filesystems and keys for each other, and users' data is mirrored between them. All links through the net encrypted and world-wide multi-hop, close to untraceable. If the opposition, whoever that might be, grab one of the servers and aren't 100% clued-up when they do so, the data is auto-gone, and the other server (far away in a different jurisdiction) is a hair-trigger away from self-destruct with its manager very much up-clued.
The question nobody seems to have asked is . . .
. . . why do these contraptions need to contain hard discs and store documents at all?
And if they are used for a legitimate and necessary purpose, and the "this data will self-destruct in 5 seconds" feature is up and running, what happens when there is a power cut?
Office multifunction printer
This sounds like a really good solution for office multifunction printers, but probably not so great for other things. Our office printer is networked and does digital scanning, printing, faxing and copying, sometimes handling huge print jobs from multiple users simultaneously. If there wasn't a hard disk inside to store print jobs in the queue, it would have to have a massive RAM, which is expensive. At the same time the document feeder can scan a hundred pages and email back to the user in PDF format. If there wasn't enough onboard storage it would have to email them a page at a time.
You can see why having a large onboard storage is really useful. You can also see why it only needs to be volatile - you can always resend a print job or rescan your documents if the power fails. It only has a hard disk because it is cheaper than the equivalent RAM, so making it effectively a volatile hard disk would be advantageous for places that have security concerns.
An online printer/scanner/photocopier can have a very long list of files to print or copy or whatever is currently going on.
Some of these documents will also be very large.
The hard disks are there to store all that stuff, so that a lot of people can print/scan/copy more or less simultaneously.
The reason is that driving a laser printer mechanism is a realtime process..
It used to be done page by page with RAM as intermediate storage, but for advanced features such as producing multiple copies of multipage documents stapled into A5 booklets, then the whole document needs to be buffered, not just one page. And of course, it's prefereable if one person sumbitting a large print job doesn't result in everyone else getting "prniter busy" for the next half hour. Having a hard disk as a buffer solves these problems but creates a security issue. Inventing the volatile hard drive fixes that.
"Tosh has added a facility to have the on-disk security key be automatically deleted when the drive's power supply is turned off."
So this turns non-volatile storage into volatile storage - interesting, but I am not sure how many applications there are for 640GB of volatile storage. Or is the key supposed to be reloaded from somewhere else at power-on (in which case, the security is lost if that non-volatile key is stored elsewhere in the same machine)
Store the key in an RFID chip.
Then inject it into your palm. I can see uses for this...
It is supposed to be used as temporary storage in say large printers that spool documents and do little else.. If the power goes then you just re-print. But when the device is end of life, you can safely dispose of it without worrying about the contents of the hard disk.
As for why these things need disks - we have a printer that has many features on board that require a hard disk, such as document assembly and secure printing (stored until the user goes to the printer and says physically print the doc).
Where I work the security risks are low, but that may not be true for everyone.
A few years ago I floated the idea of a NAS for the paranoid, with a key stored in volatile memory, in response to the legislation requiring a user to hand over a password for encrypted files if required by the authorities. There were various options for backing up/restoring a key if required, or if you were really paranoid you could just run without the key backed up anywhere. The NAS on an UPS, and a controlled shut-down could save the key, but a forced shut-down or yank the power and the key is lost. However you would still likely face 2 years if a judge didn't believe you ever had a key/password.
I imagine that if the law orders you to surrender the password,
then not having or not remembering the password may be not a good legal defence, particularly if you only don't have the password because you carefully arranged that you wouldn't.
For a moment I was hoping this was something to do with their fabled display technology.
I guess that's the final nail in the coffin if they've re-used the acronym? :O(
There must be more to it...
But I read the article and thought exactly the same as above.
Before reading I was thingking that the wipe would be triggered if the cables were unplugged or something.
I know we power down our photocopier each night and that has an HD on it.
Incedentally, Industrial printer/photocopiers need at least small HDs in them just for the document cache when heavily used.
Also you can use them for storing things like letter head templates to save money on headed paper etc. I wouldn't store anything confidential on them but the cache can obviously contain it.
So the key storage circuits can be wired with a battery backup that's good for about a day, and the user needs to remember to disconnect the battery if the device is sold or moved.
"Its uniqueness probably won't last"
unless they patent the act of deletion, right?
Apple most likely has ...
a patent for that.
Here's a better idea
If you implement this then the private sector will still manage to accidentally leave sensitive drives and laptops on trains and buses.
How about self destructing laptops and dongles?
Kind of like how the money travelling to banks gets sprayed with ink after too long.
If the laptop isn't returned to the office after 24 hours it could detonate or burn the hard drive
... they exist already. They call them "Dell". ;)
RE: Self destructing laptop
If a recent article that I have read has any semblance to reality, one could add Acer to that list.
The article's subject was: "The shoddiest laptop manufacturers".
Considering the tone of that article, I think a slight re-write of the subject is in order. Please substitute and `i` for the `o`, and a `t` for the `d`; and you will have hit the subject on the head.
I've been using Acer built laptops for years with no complaints.
I found Packard Bell to be pieces of crap
Ram is so cheap these days why bother... HDD were only put in printers because RAM was expensive and the printer needed 100MB so printers have 1GB hard drives providing more than enough storage, now 1GB ram costs less than a 1GB harddrive. And its Automatically wiped at power off.
RAM wiped at power-off?
Not as well as you might think. Someone might well be able to capture useful data by pulling the RAM from a recently switched-off or live machine and immediately re-powering it in another. You could do the swap in ten seconds, less with practice.
Might pay TV companies provide a large market for volatile hard drives? Except not exactly the same. They'd want ones that have the key battery-backed against power failures, but which self-erase if the drive is ever disconnected from the pay-per-view gizmo in which it is embedded. More secure than DRM techniques, I think.
Multiple birds with one stone...
> Why does my copier/MFP/workgroup printer need a hard drive?
Spool space, yes, but also for a couple features that practically no one uses:
secure print facilities (send your sensitive job to the printer, it spools and holds it on the drive until you enter a PIN)
frequently printed forms/job templates (Never seen this feature in use in the wild, but I know it's there. I've seen the job templates used before, though)
mailbox capabilities (I.E. scan a document to the printer for a particular user, it'll store it until the user comes up to fetch their stuff- also one of the 'never seen in use, but it's there' gags)
temp space for scan to email functions (dead useful for quick and dirty document capture!)
general spooling if the device has fax capabilities and some plonker forgot to feed the device paper (or if someone is printing over 9000 copies of 'war and peace' and is hogging the print engine's time)
It's also used for doing such things as running multiple copies of BIG jobs- example, I had to make a couple copies of a 300 page manual one fine evening that was double sided, hole punched, and collated- could not have pulled it off it the hard drive in that copier failed.
Keep in mind that hard drives are generally only installed on either workgroup or larger class devices as well- most of the canon Imagerunners and HP MFPs come to mind.
the "Secure erase" facility on ATA6 (I.e. UltraATA100, 133, and every SATA drive out there) does the same thing for the large part, which is why it takes only 20 odd seconds to 'wipe' the drive. :D
Hard drives in copiers
I find it really ironic that copiers have hard drives in them. I wonder if the Pentagon knows this? How about the White House? All the federal Investigators over the the years would have gotten gold if they had known this!
The countless personnel departments would never have made duplicate reviews if they would have known this. Most importantly why didn't the copier people inform people that this could happen? Or at the minimum have an option to wipe the data after each copy.
Xerox (and others) should be sued for not informing the end users about this issue.
- Geek's Guide to Britain INSIDE GCHQ: Welcome to Cheltenham's cottage industry
- 'Catastrophic failure' of 3D-printed gun in Oz Police test
- Game Theory Is the next-gen console war already One?
- BBC suspends CTO after it wastes £100m on doomed IT system
- Peak Facebook: British users lose their Liking for Zuck's ad empire