Hopefully this will catch on with Rust developers.
Self-destructing thumb drive can brick itself and wipe your secret files away
If you’ve ever watched Mission Impossible, where Jim Phelps gets instructions from an audio tape that catches fire after five seconds, TeamGroup has an external SSD with your name on it. The T-Create Expert P35S is a portable USB-powered SSD that comes with a self-destruct button, which wipes all your data and physically renders …
-
-
Saturday 22nd November 2025 17:04 GMT ThatOne
Re: Or...
Too expensive! And slightly unreliable, since that battery will eventually die.
It's just a marketing shtick anyway. It's easier and cheaper to keep a heavy hammer within reach and smash the memory chip to smithereens, but you'll have to admit it doesn't sound as cool as "I have a self-destructing USB stick"...
-
-
Monday 24th November 2025 04:15 GMT Eric 9001
Re: Or...
Depending on the type of flash memory, sometimes the actual flash storage circuitry is so tiny that you're unlikely to destroy the storage by snapping the plastic packaging in half.
Many businesses offer a service for data recovery from microsd cards that have been snapped in half; https://web.archive.org/web/20250517210419if_/https://www.eprovided.com/data-recovery-blog/micro-sd-card-broken-in-half/
I believe the process consists of using a microscope to look for the traces and then using probes or soldering to connect to the traces and dump the data off.
If that data is important to someone, they'll likely be able to get it even with the NAND chip snapped in half.
For self-contained destruction of a flash drive without relying on electrical power, it seems only extremely harsh chemical or explosive destruction will reliably destroy a flash chip in a short amount of time, but you don't want to be carrying around chemicals harsh enough to foul plastic and metal, or explosives in your pocket do you?
Maybe it'll be most reliable and not that unsafe to include a battery and a charge pump that delivers BIG CHUNKY VOLTS though the flash chip, but such battery could go flat and therefore would require an indicator that confirms the wiping worked (a backup option where any USB-C port that supplies power that doesn't rely on specific software may work - but there is always the chance that the power supply doesn't successfully handshake and therefore provides no power, or that only USB-A ports are found in short order).
-
Monday 24th November 2025 14:38 GMT collinsl
Re: Or...
Proper encrypted drives to my knowledge just accomplish physical destruction by glueing the encryption chip to the surrounding case - if you prise the case away you also destroy the keys by destroying the chip they're stored in, which should be sufficient to protect the data on the storage.
-
Tuesday 25th November 2025 00:13 GMT Eric 9001
Re: Or...
Proper encryption doesn't really include storing the keys unencrypted on the device - although it's fine if long keys are stored encrypted.
Encryption key storage glued to the case isn't very reliable - after all, it might be possible to heat the case to soften the glue and then prying it open won't damage the chip.
In the case of using encryption, there's no point using a special expensive flash drive - just use LUKS with a normal flash drive or usb HDD, as the encryption keys are stored encrypted in a header.
Crytographically solid encryption makes it impossible to access the stored data unless you know the key - but attackers often demand the key as well (even if the chip storing them is destroyed) - thus maybe it's best to use both encryption and physical destruction of the NAND.
-
Wednesday 26th November 2025 08:09 GMT Anonymous Coward
Re: Or...
You don't open the case of a drive you suspect may have anti tamper traps until you've purchased a few more of the same brand, model etc and worked out how to bypass the anti tamper features.
And, from experience of the above, some encrypted devices and anti tamper features are laughably poor (I have one encrypted thumb drive that implements biometric access control but stores the fingerprint in SPI flash, you can desolder and replace it with the flash from a different drive that was "locked and encrypted" using a completely different set of fingerprints)
-
-
-
-
-
Sunday 23rd November 2025 14:22 GMT Roland6
Re: Or...
Surely, the suicide circuit should be primed without power or obvious change to the device, so that on next attachments to a power source, it self-destructs and burns out the USB port on the host providing power…
Being a little more serious, suspect they couldn’t include a battery as it needed to satisfy the safety requirements of the airlines.
-
-
-
-
Sunday 23rd November 2025 01:25 GMT Tim99
This may be against "accepted wisdom", but I now use microSD cards in a reader for storage rather than thumb drives. In the past six years or so, I have never had a failure. Several thumb drives did bork themselves. I suspect that it might be because of the prevalence of microSD cards in video security and dashboard recorders, where continuous recording/rewriting is required? Thumb drives do indeed tend to be WO devices - Try booting and running a Raspberry Pi from a thumb drive compared to the microSD; it will run much hotter...
-
-
Friday 21st November 2025 23:28 GMT rgjnk
'Not by accident'
Slide & push is the sort of thing you could do just by having the thing loose in your pocket, it's hardly a great protection against deleting by accident.
I've got some nice secure USB devices but I'm not too keen on ones that lose the data I've spent extra money on protecting.
All sounds a bit like a toy overall.
-
This post has been deleted by its author
-
Saturday 22nd November 2025 05:16 GMT doublelayer
I would suggest never, since all you need to do to get data without it self-destructing is not push the button. Anyone who gets physical possession of one of these before the user pushes the button won't need to disassemble it. They'd just need to plug it in and copy away. If the button works, then anyone who gets possession only after the user pushes the button will likely disassemble it but, doing so won't help. The only reason why disassembly would help is if the button doesn't actually self-destruct the drive.
-
-
Saturday 22nd November 2025 05:04 GMT MaChatma CoatGPT 2.0
In my experience...
...thumb drives tend to expire of their own volition. The exception being a couple of very physically small Sandisks that get used to transfer files from house to car. These have often ended up in the washing machine and get puked up in perfect working condition at the end of the cycle.
-
Saturday 22nd November 2025 10:33 GMT blu3b3rry
Re: In my experience...
The sandisk ultra fit ones are surprisingly robust given how cheap they are. I've had several also make it through the washing machine and are still working almost a year later - mine get hammered with read/writes and apart from getting scorchingly hot appear to tolerate the punishment okay. One or two have started to die after many years but not bad for £9.00 each.
The Samsung fit drives are far faster for the same,price, though.
I can think of more secure ways to keep your data safe than this, though - just a standard flash drive encrypted with Veracrypt is likely enough for most people.
For sensitive personal stuff I picked up a Datashur USB drive that is encrypted via a keypad.
Works in any device I connect it do as it's all hardware based. Destroying the data doesn't even require a computer, just enter the PIN incorrectly a few times.
-
Saturday 22nd November 2025 15:19 GMT Jonathan Richards 1
Re: In my experience...
Just ordering one of these might bring you to the attention of The Authorities, I would have thought. A bit like that oh-so-secure messaging platform that crims were relying on.
Surely it wouldn't be hard to devise a discreet and discrete USB killer, involving a fat capacitor and a usb socket?
-
Saturday 22nd November 2025 17:15 GMT ThatOne
Re: In my experience...
> Destroying the data doesn't even require a computer, just enter the PIN incorrectly a few times.
I'm not sure entering the PIN, correctly or incorrectly, will do anything if it's unpowered... It definitely needs power to check the PIN and to erase (securely?) the data.
-
Monday 24th November 2025 14:46 GMT collinsl
Re: In my experience...
They rely on two principles to secure their data:
1. The data is encrypted on the chips with AES-256 or higher
2. The chip holding the encryption keys is glued to the case such that if you attempt to get the circuit board out the chip with the keys is destroyed, rendering the data unrecoverable.
3. That if given physical access to a device any adversary can overcome any protection you put in place, so you store and account for the drive such that if it's ever stored data of a high enough sensitivity then it never leaves the secured facility ever again unless it's shredded into tiny pieces or melted into slag.
Three. Three principles. And nice red uniforms oh damn...
-
-
Sunday 23rd November 2025 01:16 GMT Anonymous Coward
Re: In my experience...
I conducted a few experiments on an SD card just for giggles. I put some innocuous data on it then subjected it to various torture tests. So far it has survived (all data still readable):
- Heat (in the oven) at roughly 85 degrees C for 15 mins (85 degrees because that's a common high-end industrial spec)
- Immersion for several hours in tap water
- Freezing at -18 degrees C
- Soaking for an hour or so in a mild water/detergent/bleach solution (similar to a washing machine)
- A washing machine cycle at about 40 deg C (in a garment pocket)
- 30 seconds in a microwave at 1000W (I couldn't believe that one, so I repeated it two more times and it still worked).
The damn thing seems to be indestructable.
That also means that the Mister Robot episodes where the guy destroys his storage devices in a microwave are not realistic.
As far as I can tell, if you want to be absolutely sure that a memory card is unrecoverable, you need to incinerate or pulverise it into ash/dust.
-
-
Saturday 22nd November 2025 05:31 GMT the Jim bloke
another product for the gangsta oligarchs
along with the gold Iphone clone and bulletproof Lamborghini's
something for the person who has everything, except taste, self esteem, a clean police record or a legal income..
this is so far from real data security its not even funny.
and if you are going for physical destruction, intense thermal would probably work quite well at the scale of a USB stick - except that would conflict with commercial air travel, and the target customers for this actually dont all own private jets...
-
Saturday 22nd November 2025 05:38 GMT Malcolm Weir
I checked with the cranky sod who designs our security stuff (using a mirror), and this is of absolutely no use to anyone, because you cannot test it. Is the data gone? Who knows? You can dismantle the bricked thing and apply forensic techniques to see if you can get any useful bits off the carcass, but that only tells you about that that particular device self-bricked... Maybe the next unit you get all forensic on will yield different results? For physical destruction of a flash device, you need an incinerator... and not just any old incinerator, but a calibrated incinerator.
-
Saturday 22nd November 2025 09:29 GMT Like a badger
I don't know, but I wonder if the warranty is void if the owner presses the button and it doesn't erase the data? Fabulous product for the maker if the warranty is void by the process of trying to activate self destruction.
"Yeah, I know it didn't work, but the warranty ended by you pressing the red button, and that was before the self destruct didn't work".
-
-
Monday 24th November 2025 02:04 GMT Malcolm Weir
Re: you need an incinerator
While those would be fairly effective tools to break the thing, the calibrated incinerator is the only way to make sure (you could drill in such a way as the wafer gets dislodged but not damaged, for example). This boring bit of trivia brought to you by NATO STANREC 4570 and NIST SP800-88...
-
-
Monday 24th November 2025 14:49 GMT collinsl
Re: you need an incinerator
That's not the point. The point is that you must comply with the rule in the way the rule is written, otherwise if something does go wrong you're the one up in front of a tribunal/court/court martial arguing why you thought your system was better than the one proscribed.
Arse covering is strong in government circles.
-
-
-
-
-
Saturday 22nd November 2025 06:49 GMT Anonymous Coward
Ooer!
I once wrote the manual for a system with a self-destruct switch. Included suitable Warnings and Cautions per the relevant standard. These highlighted dire consequences that the client hadn't thought through. A true Dilbert moment. The switch was removed from the production version.
Just sayin'
-
-
Monday 24th November 2025 02:19 GMT Malcolm Weir
Re: Ooer!
Yup. Security Level 4 (& therefore level 5) requires:
"The cryptographic module shall contain tamper response and zeroization circuitry that shall continuously monitor the tamper detection envelope and, upon the detection of tampering, shall immediately zeroize CSPs. The tamper response and zeroization circuitry shall remain operational when CSPs are contained within the cryptographic module."
(A CSP is a Critical Security Parameter, so keys and the like. Whacking them is results in crypto-erasure).
This means that Level 4 & 5 devices basically tend to have three power domains: normal power, battery backup for moving the thing around and surviving innocuous power outages, and capacitors that have enough juice to bork the thing when someone cuts the red wire.
-
-
-
Sunday 23rd November 2025 22:32 GMT doublelayer
Re: Ooer!
There could be reasons. A lot of ships have seacocks that open into the ship itself. On military ones there are almost always specific ones intended to make destruction possible. Civilian ones still have them, and they can still flood the ship and sink it even though they're not designed specifically with that in mind, and no matter how drunk the sailors are, I think they tend not to hire those who don't know when not to open them. The cargo ship in the film could have been an old military cargo carrier whose self-destruct system was installed for that and left available, or it could be a system that has other purposes but can be configured in such a way that it destroys the vessel. Either way, there would likely be plenty of ways for the crew to do things that fatally damaged their vessel, so I'm not sure that having a single, better-managed one is much of a risk when a malicious crewmember has all sorts of other ways to kill it.
-
-
-
Saturday 22nd November 2025 09:38 GMT Bebu sa Ware
Some old tech might obviate the need to plug it in
- Surround the electronics with thermite.
- Imbed a percussion cap in the thermite.
- A spring loaded firing pin with a trigger and safety catch.
Retract safety. Push trigger…
I would imagine you might not want hold on to the device one it starts self destructing but then I wouldn't be too keen to hold the self destructing compact cassette tape either.
Must have gone through a lot car tape players.
I thought at the time (early 1970s) that cassettes didn't need any assistance to self destruct.
-
Saturday 22nd November 2025 10:20 GMT Anonymous IV
Re: Some old tech might obviate the need to plug it in
How about making the USB flash drive slightly thicker by incorporating a lithium battery next to the memory chips?
Pressing the Magic Red Button could drive prongs into the battery, and the subsequent fire would obliterate all traces of data - and a whole lot else...
-
Saturday 22nd November 2025 11:48 GMT Anonymous Coward
Where were the grown ups ?
I mean this sort of shit would be expected in a place that didn't have any product marketing resources.
But the way I see it, this POS will only have 2 fates.
1) It will be seized by "the man" and divulge all it's secrets.
2) The defendant will have actually managed to wipe it, and therefore be jailed for obstruction or it's various synonyms. Which in most jurisdictions carries the same penalty as the core offence.
Whats wrong with decent encryption and plausible deniability ?
-
-
Monday 24th November 2025 16:28 GMT Anonymous Coward
Re: Where were the grown ups ?
Depending. You may be able to force me to divulge the password that allows you to view my well curated supply of Rather Embarrassing Pornography[1]. Hopefully you will not have the capability to detect the hidden partition or steganographically hidden secrets.
[1] While there is no actual shame in various fetish pornography (possibly the "porn" aspect?) many will find hiding such things not unreasonable
-
-
Saturday 22nd November 2025 22:46 GMT doublelayer
Re: Where were the grown ups ?
It depends on your jurisdiction and specific laws, but in some, law enforcement can demand encryption keys, punish you if you don't give them, and report your delay in giving them as evidence of your guilt. In some jurisdictions, destroyed evidence can't be assumed to be against you, nor is it evidence of obstruction unless they can prove that it was against you or that you had been given a legal order not to destroy things before you did. If there's any jurisdiction with both of those, this could theoretically be better. However, in that place, a normal encrypted drive and an emergency drill to destroy it would still be better.
-
-
Saturday 22nd November 2025 12:31 GMT Anonymous Coward
Two thoughts
First, it's just a gimmick, hence the manufacturer doesn't care if it's practical or even works in real-world circumstances.
Second, it's a plant: every buyer of this gadget is immediately added to a police/security agency watch list ... and maybe the device has a bug and tracker hidden inside ... and maybe it infects every computer it connects to via clever spyware delivered over the USB interface.
-
-
Saturday 22nd November 2025 22:49 GMT doublelayer
If we assume someone with a need to quickly destroy data, then destroying the hardware is generally the fastest way to ensure destruction of the data. Yes, deleting a cryptographic key can often be done quickly, but then you need to demonstrate the security of the place storing it and the strength of it and that you can't still pull anything out of RAM, whereas if you can demonstrate that the thing where the data would be is now so broken that no data is coming off, you can skip those parts. In practice, that's not enough here, but a lot of secure erasure does take the form of complete destruction of the hardware containing that data.
-
Sunday 23rd November 2025 12:58 GMT An_Old_Dog
Possible Legitimate Uses
Consider: a journalist in a country with a repressive government. (Not that I would trust this thing...)
Myself, I'd just swallow the micro-SDMMC card I'd been keeping the data on and hope for the best. Those things are tiny, and it's an atypical thing to subject arrestees/kidnappees to full-torso X-ray scans.
... or to have someone physically-inspect their faeces.
-
Saturday 22nd November 2025 21:19 GMT PRR
Naomi Wu explored this concept, but from a better angle. A hot-box which blows-up any USB device plugged into it.
https://www.youtube.com/watch?v=Gg0sdeAwN5A
> Sometimes the only way to keep data safe is to make sure it’s gone before the bad guys can get to it- or you.
Door-switches, trip wires, more thoughts.
BOOM!: https://youtu.be/Gg0sdeAwN5A?t=643
Yes, the sparks/arcs could be internal jumpers failing before the chip is destroyed. More testing needed.
-
-
Monday 24th November 2025 02:12 GMT Not Yb
Modern flash memory can frequently survive digestion.
SD cards have been known to survive a full trip through the human digestive system. It's just plastic and impure silicone, and most modern plastics are highly resistant to stomach acid..
An anecdotal 'anonymous source' example of a microSD card that survived mostly intact, and with a bit of work by a good recovery service, they got the data off. https://petapixel.com/2016/06/13/swallowed-64gb-microsd-card/
A sourced story about the Canadian Hang Glider who was charged with obstruction and held until the object was recovered: https://www.cbc.ca/news/canada/british-columbia/b-c-hang-glider-pilot-apologizes-for-fatal-flight-1.1276082 However, due to the guilty plea, the police didn't need to release the recovered data (if indeed there was any)
There aren't many people who have told a journalist about this sort of thing, but it clearly seems like it's not a guaranteed method of destruction.
-
Sunday 23rd November 2025 17:55 GMT BasicReality
Interesting idea, Not something most would have any serious use for. The problem is that it only self destructs when connected to a PC. If it's going to short out the internal storage, they'd better have some damn good guarantees it won't short out the whole PC as well. It really needs to be able to hold enough charge to work separate from a computer.
But seriously, who really needs something like this?
-
Monday 24th November 2025 01:49 GMT Not Yb
Wonderful, and will help catch some of the dumber criminals.
Police roll up.
Criminal sees them coming, and hits the destruct button to destroy the evidence.
Police now know that the (possible) criminal was definitely up to SOMETHING suspicious.
In countries with stricter control of citizens, merely owning such an obviously suspicious thing could be a "go to jail" offense.
-
Monday 24th November 2025 12:43 GMT hammarbtyp
As part of our device security conformance we needed to provide a way to decommision our devices which have the firmware installed on a CFAST card.
we did a lot of research on how CFAST cards can be erased so that the data cannot be recovered, but it was never clear how permamnt any method would be. Certainly the old spinning rust methods of wipe, random data, wipe, repeat were not recommended since flash memory moves data around and you cannot be sure that it does not still exist.
So in te end we documented at end of life the user should take a drill to the disk, and provided photos on the procedure.
Similarly here. If you want a disk you can destroy, then get a cheap plastic one, and snap it in half when needed, then gind the component under your heel. Physical destruction will always trump electronic wipe as long as you don't intend to re use the disk in the future
-
Monday 24th November 2025 15:15 GMT CorwinX
Anyone know if it's volts or current...
... or both that would completely, irrevocably, fry memory?
Quoting...
"A piezoelectric spark can generate a voltage of
thousands of volts, with common ranges being 1,000 to 3,000 volts or higher, though the current is very low. This high voltage is needed to ionize the air in a small gap, creating the spark needed to ignite a fuel source, such as in a lighter. For example, a gas lighter uses this high-voltage spark, which can be in the range of 3,000 volts, to light the gas."
Pair a memory stick with a cigarette lighter piezoelectric mechanism?
Additional advantage. Lighters need a fair bit of deliberate force appled so they're safe to carry in your pocket.
-
Monday 24th November 2025 16:29 GMT Marty McFly
It is a nothing product, prove me wrong
Its apparent primary function is to self destruct when told to do so. To validate its primary function will break the warranty. Therefore it can never be tested.
If the magic button is pressed purposefully to destroy the device and nothing happens, no problem, they will just warranty it and send a new one. Nevermind that the spy hunters now have physical possession of the secret code list, along with the spy who carried it. Anyone want to bet there is a hold harmless clause in the EULA?
The only way to actually validate performance is to buy a large quantity of them. At regular intervals pick a few and destroy them. If any failures happen then the rest of the devices can be assumed to be faulty and therefore should be replaced.
In that regard this is actually a genius product to sell lots of them....assuming the primary function is something legitimately needed.
-
Monday 24th November 2025 16:39 GMT Marty McFly
Hollywood needs this
Because transporting the most secret data, unencrypted, on portable media, is the best way to do things. Seriously, what super spy wouldn't enjoy wearing a dark suit and dark glasses, ride around in armored limousines with glamorous body guards, fly private jets into secret military bases, etc. The only thing they need is a self-destructive USB key, handcuffed to their wrist.
Enter the Hollywood movie plot where Ethan Hunt is trying to destroy the USB key and is desperately searching for PC to plug in to, meanwhile Chinese hackers stay one step ahead of him with a super virus that disables USB ports on nearby computers. The plot thickens when our spy finally escapes the villains with a MacBook, only to find it is equipped with USB-C ports and is not backward compatible with USB-A. The movie ends when the voluptuous double agent is seduced by the hero and admits the device EULA in unenforceable....
Seriously Hollywood, see the icon. This is really a dumb movie idea and I am mocking you.
Biting the hand that feeds IT
