Fail of the Week: Careful Case Mod is all for Naught

Today’s entry comes to us from [Robert Tomsons], who was kind enough to document this crushing tale of woe so that we might all learn what true heartbreak is. If you’ve ever toiled away at getting that perfect surface finish with body filler, this one is going to hurt. In fact, you might just want to hit that “Back” button and head to safety now. There’s probably a pleasant story about some 3D printed thing being used with a Raspberry Pi of some sort that you can read instead.

For those of you brave enough to continue on, today we’ll be looking at what [Robert] thought would be a simple enough project. Seeing the board from a USB 3.0 external hard drive kicking around his parts bin, he had a rather unusual idea. Wanting to add an extra drive to his computer, but liking the idea of being able to independently control its power, he decided to integrate the external drive into machine’s front panel. This would not only allow him to power off the secondary drive when not in use, but it meant he could just plug his laptop into the front panel if he wanted to pull files off of it.

All [Robert] needed to do was make it look nice. He carefully squared off the edges of the external drive’s back panel to roughly the size of the computer’s 3.5 inch drive bay opening. He then glued the piece in place, and began the arduous task of using body filler to smooth everything out. It’s a dance that many a Hackaday reader will know all too well: filler, sand, primer, sand, filler, sand, primer, sand, so on and so on. In the end, the final result looked perfect; you’d never have thought the front panel wasn’t stock.

It should have been so easy. Just snap the case back together and be done with it. But when [Robert] finally got the machine buttoned back up and looked at the front, well, it’s safe to say his day couldn’t get much worse. Maybe the glue was not up to the task. Perhaps it was how excited he was to get the case put back together; a momentary loss of muscular coordination. A few extra foot-pounds of energy per second, per second. Who can say?

[Robert] says he’ll return to the project, but for now he needs a break. We agree. Interestingly, he mentions in his post that his body filler work was inspired by [Eric Strebel], a name that is well known around these parts. Considering how good it looked before it exploded, we’ll consider that high praise.

Cracking an Encrypted External Hard Drive

As far as hobbies go, auditing high security external hard drives is not terribly popular. But it’s what [Raphaël Rigo] is into, and truth be told, we’re glad it’s how he gets his kicks. Not only does it make for fascinating content for us to salivate over, but it’s nice to know there’s somebody with his particular skill set out there keeping an eye out for dodgy hardware.

No word on how the “Secret Wang” performs

The latest device to catch his watchful eye is the Aigo “Patriot” SK8671. In a series of posts on his blog, [Raphaël] tears down the drive and proceeds to launch several attacks against it until he finally stumbles upon the trick to dump the user’s encryption PIN. It’s not exactly easy, it did take him about a week of work to sort it all out, but it’s bad enough that you should probably take this particular item off the wishlist on your favorite overseas importer.

[Raphaël] treats us to a proper teardown, including gratuitous images of chips under the microscope. He’s able to identify a number of components on the board, including a PM25LD010 SPI flash chip, Jmicron JMS539 USB-SATA controller, and Cypress CY8C21434 microcontroller. By hooking his logic analyzer up to the SPI chip he was able to dump its contents, but didn’t find anything that seemed particularly useful.

The second post in the series has all the gory details on how he eventually gained access to the CY8C21434 microcontroller, including a description of the methods which didn’t work (something we always love to see). [Raphaël] goes into great detail about the attack that eventually busted the device open: “cold boot stepping”. This method allowed him to painstakingly copy the contents of the chip’s flash; pulling 8192 bytes from the microcontroller took approximately 48 hours. By comparing flash dumps he was able to eventually discover where the PIN was being stored, and as an added bonus, found it was in plaintext. A bit of Python later, and he had a tool to pull the PIN from the drive’s chip.

This isn’t the first time we’ve seen a “secure” hard drive that ended up being anything but. We’ve even been witness to a safe being opened over Bluetooth. Seems like this whole “Security by Obscurity” thing might not be such a hot idea after all…