Commentary | Adam Lanza’s hard drive was recovered but the FBI has said the hard drive was damaged. Information recovery is proving difficult as Lanza took either a hammer or a screwdriver to the hard drive before embarking on his murderous rampage. But I question whether early media reports that the hard drive data is unrecoverable are accurate.
Adam Lanza’s hard drive must hold some sort of secret. As previously reported by The Inquisitr, the crafty little bugger apparently wanted to erase any trace of how he made his plans or who he had been conversing with on the internet. Although, he may not have realized that his Internet Service Provider (ISP) records all of this information and with the proper warrant the FBI can retrieve all of this data. Although, it’s possible that Lanza ran a sophisticated network of proxies along with encryption protocols in order to maintain his internet privacy.
Still, this level of planning makes me wonder whether his supposed mental illness has anything to do with his actions. After all, Adam Lanza was supposedly intelligent as he entered college at the early age of 16, although he averaged “B” grades. But I question whether Adam Lanza was smart enough to know, or at least diligent enough to research, how hard drives function and how data is potentially recovered.
The outside of a typical hard drive is just a metallic casing, a hard drive controller, and communications pins. The real guts of the hard drive are contained within, with several disc-shaped pieces of metal called platters storing all the data electromagnetically. A read-write head moves rapidly over the surface of these platters, not touching them, but still reading and writing the data.
The real question is whether Adam Lanza’s hard drive was disassembled before he gave it a beating. As long as the hard drive platters are mostly intact the electromagnetically recorded data should be recoverable. Data forensics experts can rebuild the hard drive by replacing the damaged parts. Thus, it is fully possible that the data on Adam Lanza’s hard drive is recoverable.
Popular Mechanics ran a test of their own to see what level of damage a platter-based hard drive can take and still have the data be recoverable:
“First, we took two laptop drives, loaded them with test movie and music files, then beat the heck out of them until we heard the signature clicking of mechanical hard-drive failure. Then we submerged one of the drives in custom- made storm-surge floodwaters (salt water, construction debris, oil) and let it soak for four days.
We sent both hard drives to Kroll Ontrack Data Recovery, which sells data-rescue services to both corporate clients and consumers. Ontrack’s Jeff Pederson analyzed the drives in the company’s clean room and found that the read/write heads in our dry drive were bent from our abuse and that we had scratched the platters. Our flooded drive was wet, but the platters were undamaged. Pederson replaced the heads and performed a recovery.
The results? Pederson was able to save 99 percent of the data from the dry drive and 100 percent from the flooded drive.”
Of course, it’s possible he had a Solid State Disk (SSD) hard drive and I have little experience on how easy it is to recover data from smashed flash memory cells. This new technology is still relatively expensive compared to platter-based hard drives although the FBI has not released information detailing the exact type of the hard drive. If Adam Lanza was a PC geek in addition to being a gamer it’s likely he would want the higher speeds associated with a SSD hard drive (this writer is using a SSD/platter hybrid hard drive as the primary combined with a RAID 0 SSD configuration).
Many SSD hard drive failures are in fact unrecoverable. If the remapping tables that keep track of data in memory cells get trashed the data is effectively randomized and mixed up with data blocks which were marked as corrupted and unusable even before the SSD failed. Many SSD models also come with internal encryption that will make the lives of data forensics experts difficult. An article on Forensic Focus describes in more detail all the problems associated with recovering data from a SSD.
The final question is whether Adam Lanza’s hard drive used software-based data encryption or whether he employed data erasure techniques before physically smashing it. On a platter-based hard drive the Department Of Defense requires secure data to be overwritten many times to be considered truly erased. This is because when you “delete” any object the file is not truly deleted. The physical space the file is occupying is just marked as being available for new information. Even when this space is overwritten electromagnetically, it’s possible to recover lower levels of data if you have the right NSA-inspired technology. But even the FBI will be stumped if every single sector of a hard drive is overwritten with garbage data many times.
People on Twitter are expressing their anger at finding about Adam Lanza’s hard drive:
Adam Lanza should not get the mental ill label. He is a terrorist, he took the time to destroy his hard drive – pre-meditated murder.
— For_The_Masses (@For_The_Masses) December 17, 2012
I’ve also seen some people on the internet claim they are suspicious of this announcement that Adam Lanza’s hard drive is unrecoverable. Their ideas tie into conspiracies related to Adam Lanza’s father who is tied to the LIBOR scandal. According to comments on Free Republic they also believe that the emerging picture of the young man’s beliefs and motivations do not fit into the spin the media wishes to give this story:
“What they found implicated the left… you can bank on it… too many strange coincidences in with this guy. Something smells as bad as Benghazi smells.”
“Sounds like the further they get into this, the less it looks like they can paint him as a gun-toting, Bible carrying birther. As a result, evidence is being Hillaryed.”
Do you think Adam Lanza’s hard drive will be recovered? What secrets do you think we will find on the computer of the Sandy Hook elementary school shooter?