Monday, April 20, 2009

April maker challenge 10- Self-destructing USB drive

So, since DHS can swipe your stuff at a security checkpoint for no good reason, I've been thinking I might like to make a self-destructing USB drive.

There are two possible tacks for this: one, a "snappable" drive where there's a small ampule that one would crush (a la cold war suicide pills) that connects an on-board 3V lithium battery backwards across a couple of pins, roasting some silicon and making the drive pretty much irrecoverable. I guess in the end, it would be difficult to completely wipe out the entire flash matrix, but it's a start. This has a disadvantage in that you need to KNOW someone is ABOUT to take your flash drive away in order to activate it.

The other method is a simple wire and switch method, where the drive is modified to reverse the 5V and ground unless the user does something to reverse that. The easy way is to put a switch on the drive which has to be flipped; that of course draws attention to the mechanism. A subtler method involves an internal reed relay that requires a magnet to be close to it in order to operate safely. That's less discoverable, but you're more apt to accidentally forget to do it and kill the drive yourself.

Of course, if one were to productize this, it would fail instantly, because DHS would become aware of it and all would be lost. You also need to make the hack relatively invisible; if it's not, you'll draw additional attention and make it MORE likely that the drive is confiscated.

This is, of course, the Sunday project. Another will follow later today.


  1. How about a password prompt on an encrypted drive -- you type in one password and -- whomever -- can only see a dummy partion filled with innocuous files. Meanwhile, your real stuff is still encrypted.

    Or, 3 bad password attempts = electromagnet triggered from inside the case?

  2. I believe the dummy password USB drive is already in existence. A magnet won't erase the drive- you really need to cook the silicon to have any great success.

    Most of the methods for protecting USB drives against intrusion are minimally effective- they can be defeated by simply removing the memory chip from the device, copying the data off it, and attacking the encryption from there. A hardware based self-destruct is tighter, but can still be circumvented. This would only work until the black hats start looking for it.

  3. How about an rfid implanted in your wrist which the usb drive looks for when plugged in or BZZZT!