What size EMP device would be necessary to wipe all data in a Google-sized server farm, without major physical damage?
I'm not sure if it's even feasible, but I have a server farm in my book, of a size that puts it on par with Google's. I want to wipe out all the data stored on the hard drives, without destroying the servers themselves, most likely using an EMP device. This is assuming the device is within the farm itself, basically an emergency wipe.
An example data center is Pryor Creek (Mayes County), Oklahoma , 980,000 square feet. Google, for security purposes, doesn't release a lot of data. Let's say at least a few hundred thousand servers, as that matches what I have in my book.
If this is possible:
- What sized capacitors would it need? How long would it take to charge said capacitors?
- What are we looking at for coils? I've read 10-12 coils of copper tubing would create a rather massive field.
If it is not possible, I'd have basically the same questions, but for destroying the server farm. I'd prefer to leave the hardware intact, but can live with it if not.
Another idea beyond EMP would be welcome, as well, if an EMP device were not feasible. If this is the case, it would have to be something that is hidden from all the techs working on the farm, installed in secret by an extremely small team in the case of emergencies.
Effectively, the owner(s) want a secure way to instantaneously wipe every bit of data stored on the server, hardware based and in no way connected to the system. A kill switch. Better if they could kill it without destroying a farm's worth of servers.
This post was sourced from https://worldbuilding.stackexchange.com/q/131364. It is licensed under CC BY-SA 4.0.
1 answer
An EMP is probably not the right mechanism here - it will almost certainly result in large amounts of the precious smoke escaping from the sensitive electronics in the servers (and drives) but assuming it's a typical google data center then the bulk of the data is going to be stored on spinning rust and therefore will likely survive. It will be difficult, expensive and time consuming to recover since you'll need specialist forensics experts working on it though so this might be "good enough" for your purposes.
What you want is a pulse degausser - basically these create a rapidly alternating, incredibly powerful magnetic field that demagnetizes the drive platters rendering it an unrecoverable paperweight. The drives will have to be replaced afterwards (technically the manufacturer could recreate the servo track to make the drive re-usable but it's probably be cheaper just to buy new drives!) but the majority of the other components should survive. This though does have the opposite problem to the EMP idea - SSD drives and other flash-storage technology will shrug it off so you'll need to have an alternative strategy in place for those.
If we're into the realms of money being no object then a bespoke setup where each SSD was mounted in a modified version of a crusher like this would do the job - again the drives will be toast but there's very few other ways to destroy an SSD securely in rapid fashion, and 9 secs is going to take some serious beating.
Edit: Just seen an update from the OP on criteria.
What I'm looking for is a hardware based solution to wiping out all the hard drives that's not likely to be detected by people working on the hardware. Software could, and would in the context of the story, be found and purged.
If secrecy surrounding at least the existence of the "fail safe" hardware prior to the "wipe" is required then the degausser option would still work - build it into the frame of the racking, sure it'll look a bit more robust than your average server rack but the owners could fob any questions off as it being for "Earthquake hardening" or something. Obviously post-wipe anyone with access to the drives is going to know what happened - a complete lack of data and the telltale demise of the servo track is a dead give away that the drive has been degaussed.
It does make any SSD drives more difficult to deal with though - crusher devices aren't exactly svelte and most techs are going to wonder why the "drive enclosure" for each SSD drive is a 12" or so tall. So for this I'd suggest a slightly different approach:
Have all data on the SSD drives be encrypted with something along the lines of AES, keep the key for that encryption on a separate drive that you keep out of the path of the day to day techs that is located in a crusher. When the fail safe is triggered you have key drive crushed at the same time as terminating power to any systems with the key in memory.
With the key gone the SSDs are left perfectly intact (saves on your BCDR budget a little bit :P ) but the data is, to all intents and purposes lost.
If you're wanting to use the EMP for The Rule of Cool you could have that take out the systems that have the key in memory if you want :)
0 comment threads