Frustratingly, the author titled his post "Bitcoin Private Key Necromancy" but titled his Reddit submission "I wrote a tool to pull private bitcoin keys off dead harddrives" which is a far better title.
If the hardrive wont power on but the filesystem is ok you can still send it to a recovery company for something like a few hundred bucks.
-Hi i've just received the data you recovered from my hard disk, thanks, but I can't find my wallet ...
-Dont know what you are talking about.
I had a quotation for a 500 GB HD recovery a few months back, it was 400 euros (France).
It was a flat rate, problem could be the controller or mechanical : same price.
But I guess it depends on the company, didn't try it anyway so I dont know if it was reliable or not (no BTC on this drive!).
I've got 2 HDDs sitting in the bottom of my freezer (notorious, Seagate 7200.9s) waiting to be recovered. If you have that contact please send it to me. I'm only finding 1500-2000euro quotes.
Many hard drive failures are caused by its PCB and can be easily solved just by replacing it with a new one.
Finding a Matching Hard Drive PCB: http://www.hddzone.com/conditions.html
I assume you already knew this, as you keep them on your freezer... and that this may not be applicable to your case, but this could be useful for other people anyway.
I'll give it a shot. In this series Seagate changed the platter coating. So after around 3 years the coating starts to flake off and get jammed between the head and surface.
It is pointless to swap a PCB on Seagate drives these days. Most likely it will not help. The odds are 1:50 that a compatible PCB will be a good match. There is a procedure that is a procedure to perform the proper swap and that requires tools, recovery equipment and knowledge of PCB architecture. On certain drives (some Seagate models ver IV or V) you should never swap a PCB. If you do, the drive will be toast. Same applies to some Hitachi / IBM drives. If data is critical - do not experiment.
...and before you pick a company, do your homework. There is a number of fly-by-nighters who have no clue what data recovery is. Cute and fancy website is an easy catch these days. Don't fall for its appeal, talk to the techs, see how well the conversation goes. Don't settle for the cheapest quote. A good engineer pays higher bills for his "better" equipment, so if data is important, make sure it's done right by the reputable data recovery engineer. Remember, sometimes there is only one attempt and it has to be done right.
Best of luck!
It has the iPhoto library from the months before and a few years after my son was born. All I have from that period is whatever I emailed to friends, family, and Facebook. Music was restored from my iPod, movies were on DVD/Bluray, so only the leaving 60GB of photos.
Where are you located? Let me know and I'll suggest a company.
First thing to do is to pull the drives out of the freezer and never ever do that again. Put them into a bowl of rice for 10 hours or so in order to get rid of that humidity quickly.
Why doing that in a first place? What are you trying to achieve? This procedure was applicable only to one model of Fujitsu MPG drives that were selling 10 years ago. Pull the drives out.
Seagates have a number of issues. Let me know what the symptoms are and I will let you know what you might be looking at $-wise.
Sorry I checked through my emails, no way to get it.
1500-2000 sounds very expensive though. Maybe 400 euros is not possible today, I had the quotation 2 or 3 years ago.
I wonder how long it takes for admins at VPS hosting providers to start harvesting private keys from VPS instances, using this tool or, where available, direct filesystem access...
This is similar to asking why more waiters/waitresses don't use credit card skimmers.
I suspect the answer is similarly that, unsurprisingly, most hosting providers are in the business of providing hosting, as opposed to running a front for criminal activities. And that anyone caught running this criminal activity would likely be fired and prosecuted.
And of course that there is an inverse correlation between the type of person interested in petty theft, and the type of person with the skills required to do this and not get caught.
Also, credit card numbers do expire. You could just make a backup copy of somebody's private key and wait a year or two before transferring all their funds to your account, unless they move the money away to a different address themselves.
It's an interesting point. That said, forensics on VPS's / cloud providers is already a big thing. Until now it's mostly been databases, secrets, SSH keys etc. Well-known providers zero their storage... lesser known, not so much.
If you set up your VPS with a hierarchical deterministic wallet[1] or a passphrase-protected private key[2], your hosting provider will be unable to determine your private key.
There's really no getting around the evil maid attack[1], if someone can attack your hardware directly. There's even evidence that a sufficiently clever attack can persist through formatting and re-installing a drive[2] - note, people have also found exploits in network firmware... remotely exploitable exploits. If you can do it by accident[3], then most likely it can be done with malice aforethought.
Edit: adding a strong pass-phrase /does/ give you a significant level of protection; While it doesn't offer protection from an evil maid type attack (where the attacker trojans your server, then you decrypt your key after said server was compromised) it does offer quite a bit of protection, say, from an attacker who has access to old backups but not your production system. So I think a passphrase on all of your important private keys is a worthwhile thing to have.
I just want to make it clear, once you decrypt that key from within a compromised system? all bets are off.
I used to be cavalier about HDD disposal, and then one day I helped a friend recover some files from their apparently dead HDD. We did not recover the files but we did find unencrypted passwords to email accounts and other sensitive information that he had forgotten about.
So while I trust device/disk wiping tools are effective, I'm much less trusting of my own memory about the files on any given storage device. Moreover, and perhaps more importantly it's rarely possible to guarantee that software is consistently doing the right thing with your sensitive data.
Therefore my rule is now to donate unwanted hardware but never to donate or dispose of storage devices without being certain the data is unrecoverable. This is a harder problem than it might at first appear.
Secure disposal of hardware is a problem growing worse in proportion to the number of devices we allow (or by inaction permit) to manage our personal data.
It's straightforward to use, but it's also configurable if you want to be extra certain the data is gone. I think the default is 3 passes of filling the harddrive with random data generated via Mersenne Twister.
Unless you're very paranoid then a single pass of zeroes should be sufficient.
The bigger problem is what to to with a dead hard disk. It's usually easier to buy a new one rather than replace it, but an attacker could perhaps repair the disk to steal the data.
At work we send any non-wipable disk to be physically shredded. At home I think I'd just hold on to all disks indefinitely.
Drive a few nails through the case, it's fun and destructive! When drives were much larger, we used to take them apart, use the platter for mirrors/silly decorations and the magnets to magnetize tools around the office.
A lot of people want a more physically certain level of data destruction than such a command provides. If I saw that a drive wrote 3-5 passed of junk data before zeroing the disk then I would trust it but such firmware level info is rare to impossible up find.
Since when there is private key in AES? And that requires a paranoid person to trust that a company does not holds the keys in escrows somewhere or are by any way retrievable.
To clarify - the hard part is not the destruction of data you know about, it's the identification of data on devices you don't know about, or forget.
Computers with hard disks are obvious, but also consider mobile phones, tablets, games devices (that increasingly ask for sensitive information), PVRs, and so on.
There may be a point, if we haven't already reached it, where I can't dispose of a toaster without worrying about how to wipe its memory.
Don't forget office printers! Some have hard drives or other nonvolatile storage. You know, in case you want to run off a second copy of that fax from 2009.
Yes. It will truncate the file first, then allocate new blocks for the new random data, likely leaving the old blocks lying around.
You can avoid this with the 'conv=notrunc' option of 'dd'[1]. It will overwrite existing blocks instead of truncating (and possibly reallocating):
notrunc Do not truncate the output file. This will preserve
any blocks in the output file not explicitly written by
dd. The notrunc value is not supported for tapes.
I don't know whether a nearly-empty drive is better or worse than average. But the point is, you had a 1000-block file full of secret data and when you do
> secrets.txt
the file is truncated, freeing blocks 1-999 (usually block 0 is zero-filled.) If you proceed to write random data it will go to newly-allocated blocks. Then a raw read of the original blocks will expose your secret data.
With dd and notrunc, the random data goes to the original blocks, overwriting your secrets.
I am related to computer refurbishment charity company. We get also old stuff from other company's and it is always in contract, that hard drives must be at least destroyed mechanically.
No rewriting or deleting. Mechanical only.
We remove platters, break them. After that, the value of data is far less for these things than the cost of recovering.
I tried using this app to find them by dumping the /data partition, but no luck. Apparently it uses a different wallet format:
The wallet file format is not compatible to wallet.dat (Satoshi client). Rather, it uses a custom protobuf format
which should be compatible between clients using bitcoinj.
It may have made a new filesystem and written that to your NAND Flash or eMMC drive partition. So the filesystem itself won't contain any old data.
Depending on the type of filesystem used, it may have walked through all the blocks of the NAND Flash, erased them, and then marked them as 'ready for use'.
If you are very serious about this, your best bet is to (A) stop using the phone now, (B) dump the raw partition contents using the Android tools.
The situation might be better or worse if the phone uses eMMC, but the above holds. The chip itself does the Flash management (wear leveling, bad block detection, etc.). So it can hide more, but there may be leftover data from the old /data partition still in the unused blocks.
I'd love to know if the partition was completely wiped as you describe. It's a Galaxy S2 running Android 4.0.4. It's the /data partition on the internal storage, I think.
I wrote a tool one day (during a long car ride :D) to recover keys from Bitcoin Wallet on Android. It consists of searching for the header of the wallet-protobuf file (always starts with "\x0a\x16org.bitcoin.production") and then parsing the protobuf data.
Once the 256-bit private ECDSA keys were dumped in hex, I didn't even bother finding/writing a converter to WIF format. I just used brainwallet.org for that purpose (pasting the value in "secret exponent", and making sure to select "compressed" as Bitcoin Wallet creates compressed pub keys), then imported the WIF into a local bitcoind instance.
I wish this could help me recover 3 btc I had in 2010 b/c I still have the HDD. My problem is that my disk is extra dead - it stopped spinning completely. I can't use hiren's boot tools with it like I could my other dead drives. I've heard I would have to bring it into a clean room environment for about a grand and have experts recreate the drive.
I have also heard/read about a few people doing this.
If I remember correctly, you need a special tool to pick the platters up out of the drive without rotating them, but aside from that just a new controller/assy.
Thanks, I hadn't really heard about this. Although at current btc prices, it might actually just be cheaper for me to claim them as "lost" on my taxes than try and recover them
If you're considering tossing the drive, please consider mailing it to my address instead so that I can try my hand at recovering the bitcoins. I can cover shipping costs. I'll email you in case you're interested.
Well I'm not sure if moving several times and all other factors have made it exponentially harder to recover the data. It's double wrapped in a thick ziplock inside that shiny metal bag that hdd's come in when purchased out of the box and then in the freezer but of course it's been thawed and refrozen several times by now. I have no idea what the state of deterioration is or how far it'll be if they ever reach that high!
For future note, ziploc in freezer = extremely bad unless you add a desiccant to soak up stray moisture. Get som silica in there stat! Or failing that, white rice wrapped in good tissue/cloth.
I think it would be worth it first to just swap out the controller board on the bottom of the drive. If it isn't the motor itself, then that might fix the drive.
Freezer? I've heard of HDDs that wouldn't spin up, were put in a freezer for 2 days and then spun up. They key is to copy the data off QUICKLY as it dies the moment warms up. So you can't go around doing a "grep -r -i bitcoin /" ...
Is there any tool to brute force/run password lists against wallet.dats?
I have one around that I am adding coins to but just can't remember my own password.
why thye fuck would you keep adding coins to it if you dont know the password?
More likely you have obtained someone elses wallet.dat file that they have encrypted and they do not know you have a copy of this wallet.dat so they are still using it, and you do not know their key but would quite like to access their coins.
send any new coins to a new address, sure you may remember the password but hedge against that possibility with another wallet, please. for my sake, for my sanity, do it for me.
I usually use a similar pattern for my passwords. That way I could probably generate a few hundred combinations and run the list against the wallet. Would of cause be easier if there were a tool for doing that.
Why would they spend time trying all those things and reinventing the wheel when a tool for doing exactly this has existed since time immortal (in bitcoin terms):
i'm pretty sure that once poor or greedy people can get 'day-to-day' value out of bitcoin beyond its pure monetary value as an investment (you don't want to hold onto your stolen goods in hope they appreciate in value) then we will start having many much more serious problems with its thievery...
smart and driven criminals will solve a lot of problems in ingenious ways you never thought of
Frustratingly, the author titled his post "Bitcoin Private Key Necromancy" but titled his Reddit submission "I wrote a tool to pull private bitcoin keys off dead harddrives" which is a far better title.
He recovered about 46 coins.