Is there such a thing as a "Digital doomsday device"?

[no1_vern]

The FBI decided they had to assault the Dotcom Compound in Australia with massive power, and speed because they believed that Kim Dotcom had a "Digital Doomsday Device" that would instantly erase servers around the world.

Mr Wormald said he was told by the FBI that Dotcom "carried a device with him to delete servers around the world". Earlier evidence stated no such device was ever found.

Mr Davison, who had called it a "Doomsday" device, was told the device could have been triggered in seconds from any computer, laptop or phone in the possession of about 20 people on the property.

What do you think?? COULD there ever be such a device?

[Whir]

Absolutely. It would only be his servers though.

[Interrupt]

I should know, I designed it. Dumb question. Heh, just kidding...

But honestly? Maybe not a doomsday device per say... but it depends how you define that. Similarly it is possible to cause solar flares which do emit large amounts of electromagnetism (consequentially - and often - disrupting radio waves and electronics).

My friend specialized in designing EMP weapons in the military but noted they usually require too much power and the yield is generally little (now a-day it takes quite a bit of punch to restart a single computer let alone a server farm). But should the right sort of power source be used to create a sustained/strong electromagnetic pulse, it may be possible (quite unlike most movies where EMPs do major damage... was sad to hear this).

There are, of course, more practical things. Like botnets to consider... plus as I noted in my security piece on IPv6 on my website, as IPv6 is adopted to a larger degree, so too will security technician's need to explore adequate protection for both home users and servers. As with any new technology, unless it is studied thoroughly and things like firewalls are ready for it (to guard against it and to provide support for it), there are a lot of inherent security risks (IPv6 has a bit of a problem with types of DDoS).

[no1_vern]

So, you believe there could be a hand held switch(or a device that can send a signal) that, when pressed, could/would erase all of the selected servers(by that I mean all of the evidence of illegal activity on those servers) around the world?

I mean, even EMP is only line-of-sight. There would be no way for an EMP to reach every selected server around the earth.

[Interrupt]

True... and no I don't know about the hand held switch. That I doubt. But I do think things can disrupt our technology as a whole, globally, all at once. Like something that causes a massive solar flare, or one caused by itself. But yeah, doomsday switch, not sure on that one.

[no1_vern]

Well, that is what I was asking about because the FBI certainly believes that criminals have such a device, so someone must have a proof of concept working model somewhere, shouldn't they?

See, I was going to laugh at the FBI for thinking such a device actually existed, but then, I thought, wait, what if I AM WRONG??

[Taxmancometh]

There's no way a device like that would exist. You need a real person in front of a computer to manually remove data. Such a device if existed would have to be coded for that exact use. This isn't the X-Files here.

[Interrupt]

It's like this. I'm where it's at. If I don't know about a mastermind criminal with a doomsday device it doesn't exist. Can it? If I find out about it, maybe.

I'm the cyber kingpin, ya know?

[GroundZero3]

Creating a virus or bot that talked to a command center waiting for instructions (such as removing files) is nothing new. All bots these days do it from Zeus, conficker, etc however those are installed manually or by infection

Do I think he had this device on his servers? No

Naming is doomsday just makes it sound scary and grab people's attention

[tony_j15]

Why is everyone over thinking this and talking about EMPs and calling this X-Files? If you have access to your own server, then all you have to do is create an executable that will reformat the hard disc.
Here's one example.

[no1_vern]

Um, because the fear the FBI had was the device would remove evidence from ALL THE SERVERS around the world he had access to. Which is impossible. His at his location, yes, at his local server farm, maybe. Around the world?? Impossible(as far as I know).

The best scenario I can see is that it is FBI FEAR MONGERING.

[Whir]

Why is it impossible? If they are all servers he has access to, of course he can have a program loaded on them that could erase the data.

I don't know about instantly or thoroughly though. You really have to mash a hard drive with 1s and 0s to permanently erase data.

[tony_j15]

the fear the FBI had was the device would remove evidence from ALL THE SERVERS around the world he had access to. Which is impossible. His at his location, yes, at his local server farm, maybe. Around the world?? Impossible(as far as I know).

The key words here are "servers" and "he had access to." It doesn't matter where the server is located. If you have root, or if the host has it set up to where you directly control the HDD with no backup in place/or you opted out of that option, then it is completely doable.
I'm not sure why you think this is impossible. Have you ever dealt with servers yourself?

[Interrupt]

Agreed. My main assumption was getting access, hence botnets or malicious code on said servers. But I maintain that I don't think a doomsday device is possible (with the exception of nuclear payload to the sun causing massive solar flares or *insert random scifi catastrophic event here*). But a doomsday device, one device that... on earth... can do this? I don't believe it.

Plus that whole access argument is moot. To my knowledge no person or group has access to every server and/or administrative access to every device on earth. That's stupid.

Almost as dumb as the notion that "the government monitors and controls everything." Come on. I have a network that isn't even connected to the internet as a whole I use for testing!

I guess doomsday to me means something else. I'm talking about all electronics, including servers online and off, dead. Which will naturally occur the day the earth's magnetic polarity switches as a whole one day... man made or not. Geology class told me it'll occur in the distant future or something....

[GroundZero3]

Um, because the fear the FBI had was the device would remove evidence from ALL THE SERVERS around the world he had access to. Which is impossible. His at his location, yes, at his local server farm, maybe. Around the world?? Impossible(as far as I know).

The best scenario I can see is that it is FBI FEAR MONGERING.

Impossible? What is your role in technology these days? You do realize that its not complicated to make some software that calls home at your desire times or have it setup to listen for instructions.

psst some reading for you

Botnet - Wikipedia, the free encyclopedia

The Mystery of Duqu: Part Six (The Command and Control servers) - Securelist

Symantec: New ZeuS botnet no longer needs central command servers

Experts take down Grum spam botnet, world's third largest | Security & Privacy - CNET News

We dont know the extent of his reach into what exactly what his control over the the servers were afaik. With the amount of money he was making your guess is good as mine. To answer your question to do it is not hard, a small set of code and that listens or checks for instructions is not complicated

One thing I wil admit to, if the servers were taken off line fast enough data destruction of a hard drive takes a good amount of time to do a certain amount of wipes were the drives where the data is not recoverable.

[Interrupt]

That's true. Imagine if botnets/malicious code was shipped - for example - in server software/firmware, preinstalled and the attacker(s) had remote access to this (Stuxnet's possible deployment is coming to mind; realize I know that Stuxnet was designed for a very specific system, I mean in deployment only). Or forget shipping out with it from a manufacturer, just the basics of what GZ is saying: malicious code that somehow finds its way on the right systems worldwide. Botnets, malicious code, root keys, etc... if written to deliver a crippling payload could potentially be a big threat.

If you could somehow infect big enough systems or the right systems, GZ is right. It would be devastating. Tier 1 and 2 providers? Interrupt service/cripple the internet?

I was saying unlikely because affecting that many systems to have the end result of a "doomsday scenario" is improbable. But possible? That's another story. Still... I have a tough time thinking of that as a "doomsday scenario," but I do think it'll be very crippling to the internet.

Again that's part of the problem. How do you define a "doomsday scenario," OP? Stopping electronics worldwide/crippling technology like that or just crippling the normal course of business on the internet? I think those two are very different... anyone else agree?

[GroundZero3]

Doomsday to their case, which sounds like it was already doomed from the start last I heard

The article is written in a way that doesn't say if they are talking about wiping the data from his servers or what. I didn't read it as wiping ALL of piracy records all over the world from all servers because that isn't possible. I read it from the standpoint of wiping all the servers he was using/accessing of piracy evidence

[aldtech]

The key words here are "servers" and "he had access to." It doesn't matter where the server is located. If you have root, or if the host has it set up to where you directly control the HDD with no backup in place/or you opted out of that option, then it is completely doable.
I'm not sure why you think this is impossible. Have you ever dealt with servers yourself?

+1