$2,000,000 Clean Room! - DriveSavers Data Recovery Tour - YouTube

You'd never know it from the outside

But in there through those doors is one of the world's oldest and most

advanced data recovery companies. Drive Savers headquarters here in Novato, California

features almost a hundred employees

Almost that many security certifications and a two

million dollar ISO five clean room and

they sponsored us down here to have a close look at how it is they take this and

Turn it in to this

So let's go inside

( Intro Music plays)

We're gonna kick things off in the museum

as

Long as our escort says that that's okay

Security is a huge

Deal at Drive Savers not just on the outside of the building, but also throughout it, so guests get these incredible

badges that actually change color over time

eventually turning red so that anyone who sees it will know to - kick me out or call the cops and

everything in here is on a need to access basis with biometric security on secure spots and

Annual background checks for all staff members So these guys have recovered data from pretty much

everything that you would normally think of - hard drives phones laptops SSDs and

From a lot of things that you probably wouldn't think of

defibrillators photocopy machines and even a TiVo so the museum here contains many of their biggest success stories both

in terms of the importance of the data

That was recovered, uh they once saved Twisted Sisters Christmas album and twelve episodes of The Simpsons

Including the conclusion of the who shot mr.. Burns cliffhanger during a national contest to guess who did it and

in terms of the difficulty so

run over by an 18-wheeler check, lit on fire

Check buried in a mudslide check that too - this one that you're looking at right now was actually pulled from a sunken

Cruise ship after sitting underwater for two days, it had the owner's memoirs

Successfully recovered from it now. Let's talk about how they do it

Consultation and in some cases even diagnosis with an analysis of what data they expect to get back is free

so you send in your drive, we're shipping sorts it into a colored bin according to the priority of the job and the uhh (cough)

Cleanliness of the drive or device and you might think to yourself ah come on. It's a hard drive

how dirty could it be, but they've actually had to obtain a Geiger counter to evaluate the

radioactivity of drives coming out of nuclear disasters

And through some of their forensics work

They've even seen devices come through here that were found on murder victims

One phone apparently had the camera element gouged out

Before being placed back on the victim's body in an apparent attempt, to get rid of the photos

So yeah drive savers got that **** back good work idiot

Hope prisons treating you well, from shipping your bin travels to one of a few different places

and we'll go through those in a minute, but

Everything will eventually get the cloning treatment and that starts here drive savers keeps a huge inventory of spare

Wiped donor drives because, you dramatically improve your chances of recovery if you're working with a bit 4-bit

Digital copy of your data set it gives you the time to analyze more than just what files were there and then dig into

Who accessed them when, what did they do?

These kinds of things can be particularly important in cases of corporate intellectual property protection for example

Where there might have been some attempt to destroy data or cover up a data access

The folks in this room also do the initial analysis of raid arrays using

Software tools like the one you're looking at here to rebuild the array logically and determine which drives are probably working fine

Versus which ones will likely need physical repairs before making a cloning attempt, and they've got the hardware for everything from

Reconstructing a - a four drive home Nazare to this over here. This is a 45 drive j baud

That's on standby waiting for I don't know maybe another

96 drive server that got gallons of water dumped on it due to a sprinkler system malfunction because, yeah

That was a thing that happened

but as you saw in the museum a

Lot of the hard drives that come through here need a lot more than a little bit of software rika jiggering so

Welcome to the clean-room!

Or strictly speaking. This is the inventory room and the cleaner was on the other side of the glass, but but this stuff's cool

Too in here, they've got basically every hard drive. You could imagine. They've got two and a half inch!

they've got three and a half inch!

They've got Todd the latest helium sealed drives and all the way from the latest to look at these

Clunkers, I mean look at this, this is called a mini scribe

I guess you know relative to this guy

It is pretty mini, but basically the point is

Whatever the text on the other side of the glass inside that is o5 cleanroom so that is less than 100

Thousand point one micron particles per cubic meter ten thousand times cleaner than a normal room, whatever they need

They put a request onto this little cart. It comes out here. We load it up

We fire it back in there and whether it's a brand new driver an ancient one they start the process of

Rebuilding one working drive from the donor and the recipient

Now they did put away some of the proprietary equipment that they use, uh for example

They found a way to work on helium sealed drives, which won't function at all in regular air

That's seven times more dense and so they wouldn't show us like I don't know how they either

Reseal them or put them in a helium chamber or something, but this place is still

incredible, so thanks to the

34 filtered fans air is circulated in here so quickly that it's not only clean

But they can actually do soldering work

Anywhere in this room without disrupting anyone else's sensitive recovery operation

incredible, and an

operation it is

They actually agreed to let us do an actuator swap so

Stay tuned for that video because I'm super stoked for you guys to see it. Anyway for now let's continue our journey so then

With the drive physically working, I mean it's copying data. They can just ,send it back to you, right

wrong so this guy right here is

Working, but it is not reliable drive savers wouldn't be able to keep their warranty approved service status with

Every major hard drive vendor for very long if they pulled that kind of a stunt so the next step, then is

Logical recovery where, maybe not all but some of the data should be recoverable even in cases of severe physical

Damage, like we saw downstairs in the museum, and we're going to head over there

But first we need to make a quick stopover in flash memory town now hard drive recovery is complicated

Flash memory hoho well, that's a whole other ballgame son.

So what you're looking at here is raw ones and zeros off a flash chip

So you can think of it kind of like a QR code?

except that there is no app for your phone to read it and

Making matters even more difficult this middle spare area part right here

Well, that contains information about where the block numbers are where your ECC belongs etc. It's such a really good stuff except

Oh wait

That gets intentionally scrambled in many cases as a security measure

So figuring out which bytes are bad and getting the whole thing to turn green

Takes a lot of knowledge and then to do it quickly takes years of

Experience and even getting it to that point isn't trivial in many cases flash memory chips require

proprietary not to mention expensive readers and

They come from devices, but don't always want to give them up easily including everything from

standard Apple or MDOT 2 to SSDs and computers to, camcorders

Mp3 players like what year is it?

I know right. and even bear flash chips that are soldered on to the motherboard like in some of the latest Mac books

THANK YOU APPLE and the craziest part is coming back to device security again on a

Device with a security module, like an iPhone for example, so you can see in this footage

They're taking apart and iPhone 10 for us that might later

Be used as a known good for a customer recovery attempt. You could actually need at least

FOUR components to even hope to pull data off of it the NAN flash itself, which needs to be de

solder from the board and

The baseband I see the controller which you can actually see from this disassembled A8 chip

actually sits under the RAM with contacts on the top and bottom and

The ROM. So four parts, which means that if you were to hope to pull data from a badly damaged, one of these

You would need to desolder, clean, reball, and resolder all of these four components

successfully to a donor phone and did I mention by the way that even the couple generations old A8 processor already had

eleven-hundred contact points, so they apparently haven't attempted an operation like this with the ten YET

But they think that it might be possible (#MIND BLOWN LINUS)

Finally we're in

Logical land now stuff without any physical damage to the hard drive itself may end up coming straight here like

Let's say for example

You plug the wrong power supply into your external drive enclosure like this and it released all of its magic blue smoke

Tella he actually sent this drive to drive savers four years ago

But ended up opting not to go forward with the recovery service

So as you can see from what we pulled off of this drive. It's clear that for some people

It's not necessarily going to make sense necessarily

to pay for data recovery if all you've got that's

Not backed up somewhere is

Clips from a Cheech and Chong live concert. With that said, even around here at Drive savers where their bread and butter is

failed or corrupted devices, they still absolutely

preach the principles of data

backup, because

the cold hard truth is even if you are an extremely skilled data recovery

engineer there are still things that can take out your storage

permanently. So I think a perfect example of that is our host today, Mike, ended up losing

pretty much all of his data in the Santa Rosa fires. So even though he's an executive here at DriveSavers

there was nothing he would have been able to do about that if he hadn't had an

off-site backup. So at the end of the day, that's the takeaway guys.

Make backups of your data; the three-two-one principle should never be ignored

But in the event that something goes terribly wrong

Drive savers has got your back. I want to thank them for making this video possible

I want to thank you guys for watching and you can check out the link to drive savers in the video description (bloopers time!)

Yeah, no no. No I think I can I think I can do it no problem this time. OK OK (SUBSCRIBE FOR MORE AWSOME CONTENT)