Last Updated on March 23, 2022 by Dave Farquhar
It was 1997. I was working my first full-time job, and my phone rang with my first crisis.
“What happened to the K drive?” the caller asked.
I glanced over at my network drive cheat sheet, which listed all of our shares and what server they were on. In those days, most of our servers still had 300-400 megabyte drives and that meant every file server hosted, at most, a couple of shares. There was no K drive on our list. I was afraid this was about to get interesting.
So I put the caller on hold and asked one of the office’s more experienced veterans about the K drive. He gave me a puzzled look and said we decommissioned that server years ago.
The K drive was hosted on an old IBM PS/2 Model 80 with OS/2 3.0 installed on it. The thing about those old OS/2 servers was that they ran until something went wrong with the hardware. In the case of these then-10-year-old Model 80s, you’d be surprised how infrequently that happened. As best we could tell, when the server was decommissioned, whoever was doing the work got distracted and didn’t haul the server off. So one of the users plugged it back in, turned it back on, and continued using it.
Stuff like that still happens today, though we like to think it doesn’t. This server was more prone to it, since back then, file servers lived anywhere we had adequate power and cabling, which meant some of them were out in the open, where non-sysadmins could touch them. But it happens in datacenters too. If a system is powered off, one of two things happens: Someone plunders it for parts, or they turn it back on.
Today, I use ping sweeps and victory pings to reduce the chances of this happening.
In this case, an end user plugged it back in. So the server soldiered on until it was a decade old. Then the hard drive crashed and my phone rang. There wasn’t much we could do, of course. But the news director had files on the drive that he needed, and he had a lot of political clout, so the order came down to recover the data. We didn’t have any money–there was a reason we still had 386-based IBM servers hanging around in 1997–but orders were orders.
I called Ontrack. We faced a number of challenges. It was an EDSI drive attached to a Microchannel controller, and the drive was formatted HPFS386, which was slightly different from run-of-the-mill HPFS used by the desktop versions of OS/2. If there was ever a more obscure combination of outdated stuff, I never saw it. It was every poor decision IBM ever made, in a single box. We even had a token ring network.
Ontrack told us they could handle it, but we would need to send them the drive and the controller card, and be prepared to send them a Microchannel machine too, while we were at it. They thought they might have one, but would have to look. So I filled out their questionnaire, shipped off the drive and controller and tracked down an IBM Model 70 to ship. The “80” in Model 80 may have been a reference to the machine’s weight. They were big and heavy. We weren’t going to ship one of those. The Model 70 was the much smaller and lighter desktop version.
They found a system, so I never had to mail the Model 70.
About a week later, we received a box in the mail. Inside was the drive, the controller, a note stating the drive was no longer functional and we shouldn’t try to use it, a bill for about a thousand dollars, and half-full CD containing the contents of the drive. We had our data back. And it only cost $3 per megabyte to get it.
That summer one of my projects was to build a new file server with large drives running on current hardware.
When people are dismissive of Shadow IT, I tell them this story. It’s one of the best ways I’ve found to get systems rebuilt onto suitable hardware.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.
2 thoughts on “My first experience with data recovery”
A few years ago I had a guy call me up and ask if I could recover some images from a Secure Digital media card. He said that there were some files on the card, but he couldn’t see any images when he placed the card in his system now. I told him to bring it by and I’d see what I could do. The next day when I came into the office I found an envelope with a note attached to the outside stating this was the SD card in question. I went to remove the staple that attached the note to the envelope and it wouldn’t come out. I then realized that in the process of stapling the note to the envelope, he had put the staple through the middle of the SD Card. Needless to say, I didn’t have any luck recovering any images.
Oh, boy, does that bring back some stories.
The worst was when I was working retail (Software Etc., Assistant Store Manager) when a mother brought in her son and her son’s disk (the 3 1/2″ variety). I was informed that the young man had done his homework but when mom went to work to print the documents, nothing was there.
After verifying that this was a Mac disk, I grabbed my Mac-Proficient part-timer who happened to be in that night, he grabbed one of the better disk recovery packages, and started to go to work on the disk. Meanwhile, I stood back and explained the process to the mother, and tried to find out what had happened.
After about fifteen minutes of her insisting nothing went wrong, I had her go back over everything she’d done. “He gave me the disk and I put it on the fridge so I wouldn’t forget it.”
“Wait a minute – you what?”
“I put it on the fridge.” The son is now sitting there with his head in his palms, his 20+ pages of homework flashing before his eyes.
“How did you put it on the fridge?”
“I used a magnet, silly.”
“But these are computer disks…”
“I know, I had to use the BIG Magnet…”
Comments are closed.