A View from David Zax
Toshiba's Self-Wiping Hard Drive
The company announces a drive that’s smart enough to lock down data—or even automatically erase it.
Do you ever feel, walking around with your laptop, as though you’re tempting fate? For many of us, everything is on there—e-mail, personal information, photographs, perhaps financial information. And what if it’s on loan from the law firm or hospital where you work? In cases like that, you’re probably carrying around extremely sensitive data. What if the laptop got stolen?
Toshiba has you covered. The company recently announced a hard drive that’s smart enough to lock down data—or even automatically erase it—if anyone who isn’t supposed to access the device tries to. The drive, which was recently exhibited in Japan and should be available for purchase by the second quarter of this year, allow users to choose from a wide menu of security options. According to Toshiba (via ComputerWorld), you can set select data on the drive to be encrypted, and you can set different mechanisms for triggering a wipe: you might have it wiped every power cycle, for instance, or if an uncertified host connects, or if the drive receives several invalid requests to unlock itself. Toshiba claims the ability to trigger a wipe in that last case is an “industry first.”
This isn’t just a standard wipe, either. The usual method is to overwrite the data on the hard drive several times. That’s not very secure—simple shareware tools can be used to undo the erase, according to Geek.com. The special Toshiba wipe doesn’t just mangle the data; it throws away the keys needed to decipher it. This is called a “crypto-erase”—the same thing Apple will do for you if you lose your iPhone.
The new line of drives, which bears the unpronounceable name MKxx61GSYG, will come in five sizes, ranging from 160 GB to 640 GB. If you’re a Mac user, Wired points out that the next OS version, 10.7 Lion, is expected to have a similar feature—but that having it built into the hard drive itself gives an added layer of security.
“Digital systems vendors recognize the need to help their customers protect sensitive data from leakage or theft,” said Toshiba’s Scott Wright, product manager of the company’s Storage Device Division. When he says vendors see the “need,” he doesn’t mean it lightly. This market hasn’t been built just by demand but by legislation: increasingly, laws and other regulations demand a certain level of data security.
There’s one troubling scenario, of course: what if you somehow erase your own data—by being dense enough to enter the wrong password repeatedly, for instance? Seems unlikely, but if it troubles you, you’ll just have to decide which worries you more: data breach or data loss.
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today