ApolloHoax.net
Off Topic => General Discussion => Topic started by: Bryanpoprobson on May 02, 2015, 02:30:46 AM
-
Apparently Ryanair has had €4.6M taken from it's accounts via a bank in China. However the way I heard it is that the amount was only €5, the rest was fees and charges. :D I'm sorry I couldn't resist, I'll get my coat. :)
-
Apparently Ryanair has had €4.6M taken from it's accounts via a bank in China. However the way I heard it is that the amount was only €5, the rest was fees and charges. :D I'm sorry I couldn't resist, I'll get my coat. :)
was reading about ewaste in Ghana and other countries like China and how accessing hard drives by criminals allows them to have access to sensitive information.
-
I always keep or totally destroy my hard drives. :)
-
I disassemble mine, and extract the neodynium magnet inside. They are great fun and works wonders on a whiteboard.
-
I use a sledge hammer to protect data on discarded drive. A friend has a drive chipper that he uses when commercially recycling commuters.
One source of leakage has been in hard drives that are use in coppiers. For years people that really should have been taking more care simply sold off old copiers while other would buy for referb and export and scan the hard drives in the process.
I didn't know Ryanair had such a bad reputation. Spirit airlines is notorious for exorbitant fees charges to the unaware and caginess in informing passengers of them in advance.
Welcome to the Internet age.
-
A friend has a drive chipper that he uses when commercially recycling commuters.
Bloody hell, that sounds like a scene from Fargo.
-
I use a sledge hammer to protect data on discarded drive.
I have used just an ordinary carpentry hammer, which reduces some drives to something close to dust. But others seem to be made of much sterner stuff. I just continue to store them.
Different technologies, I suppose.
A friend has a drive chipper that he uses when commercially recycling commuters.
What Luke Pemberton said!
-
A friend has a drive chipper that he uses when commercially recycling commuters.
Bloody hell, that sounds like a scene from Fargo.
>:(
Were there a a lot of typos in that movie? 8)
-
There's a much easier and far less violent way to destroy data on an old hard drive. And it can even be safely reused.
For many years, all standard ATA hard drives have supported a "secure erase" command in firmware. It writes zeroes across every block on the disk. It cannot be interrupted by removing power; when you power it up again, the erase operation continues. This means that if you're in a hurry, you need not actually wait for the erase operation to finish. (It can take hours for a large rotating drive.)
A compromise approach that doesn't tie up your computer is to start the erase, then pull the drive and plug it into a power supply by itself to let the erase finish.
On Linux, you issue the two-command sequence
hdparm --security-set-pass foobar /dev/sdx
hdparm --security-erase foobar /dev/sdx
where /dev/sdx is the device name (be absolutely SURE you get the right one!) The erase command requires that a security password first be set on the drive; that's the reason for the first command. Also, the drive cannot be "frozen"; this is a command that, once issued, disables these commands until power is cycled. Some BIOSes issue the freeze command at boot to protect the drive against malware and accidents, so you'll have to turn it off.
I just happened to do this a half hour ago with a spare SSD that I was recycling into another machine. Secure erase on a SSD is very fast, taking only a few minutes.
-
Were there a a lot of typos in that movie? 8)
No, but I always remember watching the wood chipper scene with an Australian minister, and he laughed. He did have a dark sense of humour.
-
No, but I always remember watching the wood chipper scene with an Australian minister, and he laughed. He did have a dark sense of humour.
Any viewer without a dark sense of humor is probably long gone before that scene. It took me a while to count all the dead bodies in that movie. Maybe not as many as at the end of Hamlet, but it was a big pile.
Favorite line: "And I guess that was your accomplice in the woodchipper, eh?"
Woodchippers were a common sight around my neighborhood as a kid. The power company sent them with crews for free whenever you wanted to get rid of a tree. But I never saw one in quite the same way after Fargo.
My second favorite scene in the movie is near the beginning. Margie visits the site of the first three murders and correctly deduces the whole sequence of events while her idiot deputy can only stand there holding the coffee. Then she throws up from morning sickness, not from all the gore.
-
Okay, completely off topic of Ryanair, but on the Fargo discussion.
Does anyone here believe Margie was considering an affair with Mike Yanagita? Because I heard that suggested during discussion of the movie on a site I frequent when Fargo was Movie of the Week, and I'm not buying it.
-
Does anyone here believe Margie was considering an affair with Mike Yanagita?
I stay completely out of such discussions. After watching the Avengers movie this weekend with my wife and daughter, my silence was notable in the post viewing film dissection of who got together, should have gotten together, were the pairings believable and why.
Margie visits the site of the first three murders and correctly deduces the whole sequence of events while her idiot deputy can only stand there holding the coffee. Then she throws up from morning sickness, not from all the gore.
This is one of the best things about Fargo for me. It was a reversal of the typical cop show cliche where the hardened and desensitized man has to go home and stoically be the warm family man.
-
There's a much easier and far less violent way to destroy data on an old hard drive. And it can even be safely reused.
I have used a different procedure (specifically, the Unix "dd" command) to copy random data to the entire hard drive. However, I don't do this very often, since I am usually getting rid of a drive after it has failed. If it's still working, but I'm getting rid of the computer, I'll usually just pop it into the new computer as a spare drive, unless the bus technology on the new computer is incompatible with the drive.
-
Oh sure, I've also done dd if=/dev/zero of=/dev/disk bs=1M quite a few times.
Or dd if=/dev/urandom of=/dev/disk bs=1M if you feel like it.
But the security erase has the advantage of doing it in the drive firmware so the computer doesn't need to be involved. In fact, you don't even need a computer to finish the process once you've started it. All you need is a power supply.
Also, overwriting doesn't do what you think it does when the target is an SSD.
-
Also, overwriting doesn't do what you think it does when the target is an SSD.
Not a situation I've had to face yet, but, since you brought it up :) what does it do? Also, does "overwriting" refer to one method or the other (that is, the "dd" method or the firmware method), or to both?
-
The big difference between solid state flash memory and conventional magnetic disks is that magnetic disk sectors can be selectively rewritten; flash can't. That changes everything.
Flash memory is organized into pages, typically 4 kiB each, analogous to magnetic disk sectors. Flash and magnetic pages/sectors can be read randomly, but a flash page can only be written once. Flash pages can be reused only after being erased, a slow (milliseconds) operation that must be done on a large block of pages at once. Block sizes vary, but are typically 256 kiB or more.
SSDs have controllers to emulate the conventional magnetic disks they replace. They automatically map virtual disk sectors to physical flash pages and erase blocks (groups of pages) as needed to free up space for additional writes. If you write sector 10 on a brand new drive, the controller will assign a flash page to hold it that could be anywhere in the physical flash memory. If you then overwrite sector 10, the controller will assign a new flash page, write it with your new data, and map it so it will read back as sector 10.
Here's the crucial part: the controller will not immediately erase the flash page holding the previous version of sector 10; it will simply mark it as no longer in use. When the supply of free pages runs low, the controller will find a block of physical flash memory with the smallest number of active pages, copy those still-active pages to another block, and erase the block. (Remember, only an entire block can be erased; individual pages cannot be.)
You see where this is going? Writing zeroes onto the virtual disk sectors doesn't actually destroy the data in the flash memory, at least not right away. It simply assigns fresh pages to hold the zeroes you're writing and marks the old pages to be erased and reused at some future time.
One of the early big problems with SSDs is that the SSD controller had no way to know when you deleted a file; the only way it knew you no longer needed the contents of a given sector (page) was when you actually overwrote it with new data. This caused a lot of unnecessary copying of discarded data, which can really slow down writes; the problem is called write amplification.
This led to the TRIM command, which lets the file system tell the drive that the data in certain sectors is no longer needed. This greatly simplifies life for the controller when it decides to erase a block because it need not copy out TRIMmed pages. While the spec requires that a TRIMed virtual page immediately read back as zeroes, it does not require the immediate erasure of the physical page with the previous data. So even with TRIM, you can't be totally sure that you've actually destroyed anything. A sufficiently sophisticated forensic analysis that bypasses the controller and reads the physical flash pages directly might still find it.
And it gets still worse. Some controllers compress your data to use physical flash more efficiently and achieve faster I/O speeds. So writing binary zeroes, which compress very well, over the entire virtual drive might not even touch much of the data previously stored in physical flash.
The bottom line is that the best way to destroy everything on the SSD is to use the special secure erase command. It's also much faster than overwriting.
And even then you might not want to trust the drive firmware to do what it's supposed to do, e.g., because it's been hacked by some 3-letter government agency. So here's what to do if you're truly paranoid:
1. Issue the secure erase command. This is pretty fast on an SSD, taking typically only a few minutes.
2. Fill the entire drive with random data (not zeroes) to defeat any data compression.
3. Read back the random data to ensure it's exactly what you wrote. (Generate (pseudo)random data with a keyed cipher to make this easier.)
4. Issue the secure erase command a second time.
This will work unless the drive is at least twice as large as advertised to give malicious firmware room to save your previous disk image while still storing and recovering the random data you wrote in step #2. The SSD market is very competitive, so no manufacturer is going to label his drive as containing only a fraction of its true capacity.
Of course, there's a much simpler solution to all this: never write plaintext to the drive in the first place. Always use a disk encryption system like LUKS, Filevault or Truecrypt. Then all you have to do to make the stored data unrecoverable is to destroy all copies of the cipher keys.
-
One of the early big problems with SSDs is that the SSD controller had no way to know when you deleted a file; the only way it knew you no longer needed the contents of a given sector (page) was when you actually overwrote it with new data. This caused a lot of unnecessary copying of discarded data, which can really slow down writes; the problem is called write amplification.
I guess this was a problem with any file system not specifically designed to deal with it. If I understand these things correctly (a questionable proposition), then at the hardware level, there's no such thing as marking disk space unusued; there are only overwrite operations. Knowing that a particular part of the disk was unused would require the disk to understand what particular file system had been written upon it; is that correct?
I further suppose that the introduction of the TRIM operation you describe does not require a revised filesystem, but rather an update to some of the OS routines, but works only if the various applications access the disk using file-based operations, rather than sector-based operations. On the right track?
And it gets still worse. Some controllers compress your data to use physical flash more efficiently and achieve faster I/O speeds. So writing binary zeroes, which compress very well, over the entire virtual drive might not even touch much of the data previously stored in physical flash.
LMAO. So you write a trillion zeroes to the disk, and it overwrites maybe 12 bytes :)
The bottom line is that the best way to destroy everything on the SSD is to use the special secure erase command. It's also much faster than overwriting.
And even then you might not want to trust the drive firmware to do what it's supposed to do, e.g., because it's been hacked by some 3-letter government agency. So here's what to do if you're truly paranoid:
1. Issue the secure erase command. This is pretty fast on an SSD, taking typically only a few minutes.
2. Fill the entire drive with random data (not zeroes) to defeat any data compression.
3. Read back the random data to ensure it's exactly what you wrote. (Generate (pseudo)random data with a keyed cipher to make this easier.)
4. Issue the secure erase command a second time.
This will work unless the drive is at least twice as large as advertised to give malicious firmware room to save your previous disk image while still storing and recovering the random data you wrote in step #2. The SSD market is very competitive, so no manufacturer is going to label his drive as containing only a fraction of its true capacity.
The solution I might move towards (which should be viable for me, but perhaps not for everyone) is just to keep old drives. Maybe use them as bookends.
Of course, there's a much simpler solution to all this: never write plaintext to the drive in the first place. Always use a disk encryption system like LUKS, Filevault or Truecrypt. Then all you have to do to make the stored data unrecoverable is to destroy all copies of the cipher keys.
I've heard of these systems, and need to investigate further. I am mainly OS X-based these days. There is a "secure erase" function, but (i) it is painfully slow, and (ii) it only works on files that are deleted by manual action through the GUI. Better than nothing, I guess, but a long way from perfect.
-
The solution I might move towards (which should be viable for me, but perhaps not for everyone) is just to keep old drives. Maybe use them as bookends.
A very large hammer will permanently erase ANY hard drive.
-
at the hardware level, there's no such thing as marking disk space unusued; there are only overwrite operations. Knowing that a particular part of the disk was unused would require the disk to understand what particular file system had been written upon it; is that correct?
Exactly right.
I further suppose that the introduction of the TRIM operation you describe does not require a revised filesystem, but rather an update to some of the OS routines, but works only if the various applications access the disk using file-based operations, rather than sector-based operations. On the right track?
Yes, but it's rare to directly access a disk containing a filesystem except with tools for filesystem integrity checking and/or repair.
There are two approaches to using TRIM. The most obvious is to have the filesystem automatically issue it whenever a file is deleted. Copy-on-write file systems can issue TRIM commands for rewritten blocks, unless of course they're needed for a snapshot.
The problem is that on some SSDs TRIM is rather slow, and might block at an inconvenient time while it performs garbage collection (copying of remaining pages and erasure of blocks). TRIM only needs to be done often enough to maintain an adequate supply of erased pages for new writes. So some systems let you manually trim when you've got the time. Linux provides the fstrim command that works on XFS, among others. It just feeds the current file system free block list to the drive in a series of TRIM commands.
The solution I might move towards (which should be viable for me, but perhaps not for everyone) is just to keep old drives. Maybe use them as bookends.
Nah. You still run the risk of having them lost or stolen. I do recommend the secure erase command; it's fast on SSDs and I've never heard of it actually being compromised by a three-letter-agency (NSA, FBI, CIA, BND, GCHQ -- okay, four). But all bets are off if you're the North Korean nuclear weapons development agency....and in that case I never told you any of this anyway.
I've heard of these systems, and need to investigate further. I am mainly OS X-based these days. There is a "secure erase" function, but (i) it is painfully slow, and (ii) it only works on files that are deleted by manual action through the GUI.
On OSX, just use Filevault. After Ed Snowden I'm not sure I fully trust Apple these days, but it's certainly easy to use.
The "secure erase" command on OSX was designed for magnetic disks, so it simply overwrites data before erasing it. That's why it's slow. Given all the caveats just discussed, this is strange since most newer Macbooks now come with SSDs. Supposedly, OSX automatically invokes TRIM on Apple-supplied SSDs, and that solves the problem. But I'd want to verify this before I really rely on it.
On the other hand, Filevault (if it works as advertised) is an even better solution. It saved my butt three years ago when my last Macbook was stolen. All the data was encrypted and backed up, and the machine itself was four years old and rapidly failing so basically I lost nothing but the value of the SSD I had retrofitted into it. Oh, and the accessories in my bag. I had a really nice 405 nm laser pointer in there.
-
Does anyone here believe Margie was considering an affair with Mike Yanagita? Because I heard that suggested during discussion of the movie on a site I frequent when Fargo was Movie of the Week, and I'm not buying it.
I know this is a bit dated, but...
Absolutely not. She was simply being sympathetic, and politely backed off when she realized Yanagita was trying to take advantage of her.
Margie appeared almost naive at times, and that was another great aspect of her character. She reminded me of Detective Columbo, whose adversaries always underestimated to their great detriment. Yet she seemed honestly taken aback when she sees Jerry Lundegaard driving away from the dealership: "He's fleeing the interview! He's fleeing the interview!"