Radio Controlled Hard Drive Security

[Samimy] has put together this really neat video tutorial on building a Radio Controlled secure hard drive. How can a hard drive be radio controlled? That’s the first thing we thought too. He has torn apart a remote-controlled car and is using the guts to remotely switch on power to the drive. This means that the drive is only active if you boot the computer after you put the fob in the hidden security system. It looks like it would be fairly effective. We’re curious though, if he is putting the entire drive assembly inside his PC, why rely on batteries for the circuit? Why not pull from the PC power supply? Another neat upgrade might be connecting to an internal USB connection on the motherboard so a reboot isn’t necessary.

Check out the entire video after the break.

[youtube=http://www.youtube.com/watch?v=9BLqC8CGKy0&w=475]

46 thoughts on “Radio Controlled Hard Drive Security

  1. Um, this is only “secure” as long as no one opens up the computer and sees the mysterious wooden box inline with the HDD. From there it’s trivial to short the relay, bridge across it, or connect the HDD to another molex. Even if there was absolutely no way to use the computer’s internal supply, all you need is a motorcycle battery and some clips. Jeez…

    I do think that more stuff should be radio-controlled though so ++ to that.

  2. @macw

    this protects against someone going threw your files
    could be your mom or your kids or your “significant other” or boss
    im quite sure this is not made to keep the MPAA out

  3. Neat idea for one. I hate to be the internet tough guy this time but there are so many things he could’ve done better. Power from inside the case, usb interface for the harddrive, maybe a nice latching circuit for the relay.. maybe have two connections for the remote, put key in one (forward) relay closes and latches, put key in the other (reverse) relay opens and the hdd loses power.

    Combine all of that with the Make article about putting flash storage inside an old hard drive case and you could even hide the receiver in there, so things more or less look stock inside the computer.

  4. This is a nonsense project. Why do you need a remote controller if the both sender/receiver is going to be in the pc case? You can just put a relay between HDD wires as shown and power the relay from outside directly with the 3.5mm jack without needing any R/C circuit.

    This is nothing more than false sense of security.

  5. @BiOzZ

    If it’s someone who is clueless about computers, like your mom, then putting the files in a hidden folder or on a renamed disk image is totally fine, and allows full access. They won’t know how to find stuff that’s marginally hidden.

    If it’s someone tech-savvy you’re worried about, obviously this won’t work because we’re tech-savvy and we are poking holes in it.

    If it’s someone like your boss, he’ll just take the computer to IT and they’ll open it up as a matter of procedure and find your “additions”.

    It’s basically way overkill for anyone it would be useful against, and nowhere near secure enough for anyone else. You got secret files, just put them on an encrypted disk image on your main drive and they’ll be secure against anyone who doesn’t have a supercomputer and years of time, all for the total price of $0.

  6. @Concino

    the transmitter is hidden in the room with a security key to turn it on. In order to operate this you need to put the key (or 6 volts) into an extra jack on the dude’s stereo system. Clever way of hiding the transmitter but the rest of it is p. weak

  7. @macw

    I must have missed the part that he was putting the remote in the stereo system. I thought it was a strange looking PC. :)

    It’ll not be a good day for him when the battery dies out right in the middle of a Windows Update, by the looks of the project I can safely guess he is running windows.

  8. @macw

    you could be a computer genius that does not mean you are able to rip out a hard drive than load it in to another computer … browse it than stick it all back in within a time period and do it in a way where i would not notice

    just the same as my car has a key … no if i left it in the middle of DC for 2 weeks it would not still be there but if i park it in a parking lot for 5 hours chances are it will not be touched simply because its not easy and chances of getting caught is far higher

    and besides if you dont know the hidden drive is there and no drive shows up on the computer most likely you would not know its there and ripping open a computer just to check is risky and troublesome

  9. You could just put a toggle switch in place of the wooden box on the red wire of the molex connector and hide it on the back of the PC or something. This would be much easier, more efficient, and achieve the same end result.

  10. I don’t understand this project at all. There is 0 security here. It requires you to shutdown/startup the computer to change state… Simply you could have just disconnected the power physically from the drive and achieved the same results with the same “security”. I’m not sure why since he put that giant box in the computer that he didn’t just run a control line to a port on the computer not being used for audio… many cases have mic/line-in/headphones/etc jacks, he could have pulled one of them (not from the mb, but extensions on the case) and inserted his “key” there.

    Also, he’s powered the whole device with standard power. He could have made his fob unique by outputting a specific voltage, having his “remote” test that voltage and then decide whether or not to turn on the signal… and better yet, power the remote and box from internal power and he could remove the key while using the drive.

    On a serious note. Do not do this at home… When your batteries begin to die… your hard drive power will “flicker” and if you’re writing data when this starts to happen… can you say “data corruption”?

  11. Let me add… This would be a SPECTACULAR IDEA for remote storage…Odds are no one would go looking for it. A Wi-Fi enabled disk array stored…in the attic or basement… turned on by remote.

  12. Well, just remembered as well. Most of the modern HDD now have HDD password (not a BIOS password). HDD stores this in the HDD and if you cannot pass the right password to the HDD controller, it just does not let you access to the HDD content at all. This usually works with the boot HDD at the BIOS level. I am not sure if there is a tool out there that would enable/disable the HDD within OS by sending LOCK/ENABLE commands.

    Also some HDD manufacturers implement built-in encryption on their HDD controllers. That’s another way to secure the HDD.

  13. he couldn’t use the regular psu to feed power to the RF device then the hard drive because it would’ve overload right? he would had to add a custom resistor for such madness

  14. you can make the relay power itself once it’s activated. so you will need only short single pulse of remote controller and you can be sure that small batteries that are powering the remote control will not get depleted while PC is on. you will be still able to shut the relay by turning computer off or by disconnecting it for a moment.

  15. Clever idea! Caleb, I like your improvement ideas, using the PC Power supply, and an internal USB port would be improvements.

    Another idea would be to have your transmitter be USB powered. You would want to have a switch on it, so just plugging it in wouldn’t connect your hidden drive.

    Of course anyone with physical access to the box can bypass this remote control.

  16. a technical note: you do not need to reboot after powering on the drive – sata protocol supports hot plugging devices. It’s up to your OS to rescan the controller – any decent OS can easily be forced to do that.

  17. I kind of like it as a concept, but I have to agree that it isn’t fully implemented on a few levels.

    -and yeah using RC frequencies for stuff like that is just asking for interference, especially when your receiver is sitting right next to an RFI generator. (the PC)

  18. Use the relay on a power or data line for a USB port or use a multi-pole relay on all lines, and then you can make an all-in-one black box drive inside the computer.

    Just wire it to an external USB port connection on the MB or pull the plug inside the case if it won’t be missed.

  19. @seth-
    Truecrypt has back doors.

    The big kids have (well, had) boxes with SCSI in the middle that xor scrambled/unscrambled data based on external keys loaded into static cmos ram with drain resistors. In those days the drives were tiny (<60 MB), so who knows what the state of teh art is.

    Dunno the algorithms, but even if you had the box, without the external keys/factors, you had a big job ahead of you to get the data out. With the onset of USB and micro sd, this would be pretty straightforward to re-implement.

    Seriously, does no one read Gibson?

  20. @alan turing’s dog – “Truecrypt has back doors.”

    Did the voices in your head tell you this when you had your tinfoil hat on or off?

    Any reliable source for that little tidbit?

  21. I’m thinking this could be done with a wireless network storage. maybe add and an avr connected to a tilt sensor and a really big magnet. all your storage could be remote and if it was tampered it would self-destruct… or wipe… don’t broadcast the ssid and no one would know its there use a different crystal to change the frequency and maybe make it a digital signal… maybe train the avr to understand Morse code from your remote…
    hide this porn server in the attic or in a crawlspace.

  22. Someone should make the RC controller a red calculator, and it would deactivate the hard drive when someone entered nine nines, took the square root and then pressed INT.

    That would make 2010 more like 2010.

    Explanation: In the book “2010: the Second Odyssey,” Heywood Floyd’s red calculator was a remote control for a power cutting device that he planned to use if HAL went crazy a second time. It activated in the way mentioned.

    You know what else would be fun? If said device would do something else if you replaced 5318008 for the nine nines.

  23. There is some talk that this device is useless against tech savy people. Probably right, if they get an idea that there is something they should be looking for.

    This RC device is sort of a solution, as you could turn it on and off without opening up the box you hid the HD.

  24. There is some talk that this device is useless against tech savy people. Probably right, if they get an idea that there is something they should be looking for.

    This RC device is sort of a solution, as you could turn it on and off without opening up the box you hid the HD. Once they find it, though, you’re sunk.

    This would probably work better in the fashion I mentioned in the previous comment: turning off rogue computers… Provided said computer doesn’t have arms or an Indian programmer who you call to when it stop worki–

    FFFFFFFFFFFUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU–

    Explanation: HAL 9000 was made by an Indian programmer who, in “2010,” went to the Discovery and helped fix HAL. He also intentionally disposed of Dr. Floyd’s power cutter.

  25. I guess that’s neat, but a quicker and easier method would be to splice in a switch and hide that. The wiring would be easier to hide and a switch can be placed anywhere and hidden, or converted (like the reset switch could be changed to an on off switch and used).

  26. @ Richard Ballard:

    Or maybe a magnetic switch and a magic magnetic ring?

    You could even have the switch under a specific part of the desk so the system only works when you place the ring (or a magnet) or your hand wearing the ring on a certain spot to make it all work.

    THAT would be pretty darn slickeroo right there.

  27. Regardless of all the semi-negative comments up to this point…

    There is a lot of potential for modified versions of this concept- I have one in mind that I plan to start on tomorrow.

    I really wish people would stop using the HAD comments as a forum to grade other people’s hacks and just use the HAD posts to fuel their own creativity. Kinda the point of it all I thought.

  28. @Tom

    Yes. Because that’s how backdoors work in cryptography right? There’s some a piece of code that just implements a backdoor, herp derp. You wouldn’t be able to easily give a single section of code, analyse how it encrypts the data. The way truecrypt act sort of make me suspicious howver I doubt there is a backdoor.

Leave a Reply to antonioCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.