26 July, 2005

GCHQ dispose of hard disks by dipping into nuclear reactor (allegedly)

I just purchased Net Spies by Andrew Gauntlett from the local Oxfam bookshop. Published in 1999, it covers various issues about Internet privacy, including encryption. What made me buy the book, however, was not the exciting prospect of a pop-sci treatment of the perils of "The Net", but the following anecdote:
Paul Baccus, a technical engineer with an Oxfordshire based data-recovery firm, describes an extreme method of data-erasure: when GCHQ decommission old computers, they adopt a unique and somewhat extreme practice to ensure that no data can ever be recovered from discarded disks. Armed police escort unwanted GCHQ tapes and hard disks from GCHQ directly to the nuclear power station at Sellafield. There, they are dipped into the nuclear reactor, where the high levels of radiation permanently destroys the data. It also renders the remains of the disk highly radioactive further discouraging any attempt to recover residual data.
Yikes! But, hmm, I have to admit, I'm fairly skeptical about this. I mean, the expense of lugging the disks and tapes all the way over to Sellafield with armed police etc -- why not just blow the tapes up on site or something? I do get the feeling Net Spies might be a little flakey on that old minor issue of factual accuracy; I skimmed the book and found the following clanger:
A mechanical device known as the `Enigma machine' encoded the German's orders...Alan Turing, mathematician and father of modern computing, finally cracked the code in 1941 by constructing the world's first computer, which was named `Colussus'.
Well, it was called "ColOssus", wasn't constructed by Turing, and wasn't built to crack Enigma, but the thought was there, I suppose. (MSN Encarta have a similar mistake in their "Computer" article, so perhaps we can be forgiving).

If anyone has any information on GCHQ's methods of data erasure, delusional or otherwise, do let me know (assuming it's unclassified, of course, *cough*).


Anonymous Anonymous said...

About colossus, it was the first ELECTRONIC computer (Conrad Zuse had the first mechanical one), it was designed by Max Newman and build by Tommy Flowers in 43. Colossus was used to crack the Lorenz cipher machine, and not the Enigma. Haha, congratulations to the guy who managed to get EVERYTHING wrong :-)) Or, how some people change history...

7:17 am  
Anonymous Anonymous said...

Oh... Enigma was electro-mechanical, not mechanical, and wasn't broken in '41 but in '32 by Rejewski. Haha, we could make a contest: search for the 40 mistakes. Anyone found another error?

7:26 am  
Blogger Matt Crypto said...

Yes, it's not a simple error, either. You can fix it in two directions 1) replace "Colossus" with "the Bombe", remove the bit about world's first computer, and change 1941 to 1940. Or 2) replace "Enigma" with "Lorenz SZ40", replace "Turing" with "Flowers and Newman", change 1941 to 1943, qualify "world's first computer" etc. It's just a garbled mix of two stories, really.

I guess it's understandable, to an extent. People get told that Alan Turing was at Bletchley Park, BP codebreakers worked on Enigma, Turing was the father of computers, and that an early computing device was built at BP -- these are all true, but people then conclude that Turing built this computer to break Enigma.

11:10 am  
Anonymous Anonymous said...

About the erasure of data, I once heard about a method of recovery based on frozing the harddisk or chip in liquid nitrogen, the slicing the thing (a bit like in medicine) and then analzying the very thin slices with an electronical microscope and other devices. The best is probably to crush everything or melt in a high-temperature oven instead of betting on the radioactivity to erase things (does it really work ? maybe they have been misleaded by EMP vs radioactivity)

4:01 pm  
Blogger College Boy said...

I remember an incident a few years ago where the Justice Department sold some "spare" tapes at public auction. The problem was, the tapes had highly classified information on them including the names of informants. The tapes were never recovered.


12:24 am  
Anonymous Anonymous said...

My understanding is that G.C.H.Q
(is that an Ian Fleming (also at BP) character with the given names George-Cross?-Hardly!) transferred the data onto a laptop which they then left on a London Tube train; the data then 'disappeared' ;-)

Whereas MI6 just put a sticky label in the disc and write /dev/null onto the label ;-)

7:14 pm  
Anonymous Anonymous said...

Colossus was built to decrypt tunny a more advanced enigma, if you want to be picky. the security services said it was decrypting the enigma at the time because the russians started using the more advanced Lorenz machines after the germans disregarded them.

1:19 am  

Post a Comment

<< Home