Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


  • Content count

  • Donations

  • Joined

  • Last visited

Community Reputation

4 Neutral

About pointertovoid

Profile Information

  • OS
    none specified
  • Country

Recent Profile Visitors

2,328 profile views
  1. pointertovoid

    CPU Kernel Page Table Isolation bug disclosure

    Not necessarily. The weakness results from the CPU restoring imperfectly its state when an exception occurs. Speculative execution makes restoration difficult, but alone it doesn't imply a weakness. From Intel's list, the Core 2 for instance seems immune, with the design flaw beginning at Core i3/i5/i7. I trust Intel's list (...which can evolve) better than arbitrary claims from other sources, which often rely only on the presence of speculative execution, a very old feature indeed. I wonder: exceptions occur much more frequently than after a violation of memory protection, including during legitimate operation of the OS and applications. If the restoration of state is faulty, then the CPU must introduce erroneous behaviour in the machine. This hasn't been observed before?
  2. pointertovoid

    Microsoft patches Windows XP to fight 'WannaCry' attacks

    In the very few past hours, eBay and Paypal show the same symptoms of bad operation as during the two last attacks by Wannacrypt and its successor. Just in case a new wide attack has started, take your precautions!
  3. pointertovoid

    Which FW400 CFcard reader?

    I've just tried on a 32 bits Windows Seven that I installed minutes before alone on its disk. I suppose the session has administration rights because it accesses the Device Manager. Nearly the same happens as with W2k and Xp. Minor change: Seven installs its v6.1 driver when I insert a CF and runs long enough to show me it comprises disk.sys and partmngr.sys, after what it freezes too. Disconnecting then the reader doesn't heal.
  4. pointertovoid

    Which FW400 CFcard reader?

    Meanxhile I've had a Firewire 400 (1394a) reader from Lexar. It worked right after connecting to my mobo (chip TI Tsb43ab23), without adding drivers, on W2k-Xp that brought the OHCI drivers, and on Linux (Ubuntu 14, GPartEd and others). Said to be fast, but it was slow on my computer. I can't exclude that Lexar changed the chip over time. Sold again. I've just received a FW800 (1394b) card on Pci-E and a CF-card reader on FW800 and they don't work. Please help! ---------- The Pci-E card is a new Iocrest SY-PEX30016 with a TI chip XIO2213BZAY. Both W2k and Xp install their OHCI driver which is said to suffice for FW800. Everything looks fine in the device manager, as described by Iocrest. I also tried the Unibrain Firewire driver on W2k, it installs too and the device manager shows it. Linux starts with the card, I can't analyze more. The CF reader is a Sandisk extreme Firewire SDDRX4-CF bought used from a Mac user who claims it works. About zero doc available from Sandisk, I shall remember that. If I connect the reader when the OS runs, no additional disk reader is shown by Win nor Linux, but they run. Same if I boot the OS after connecting the reader. If I insert a CF (both 32GB UDMA 7 and 4GB UDMA 4, both formatted), the device manager refreshes after 10s as it uses to when detecting a new hardware, then Windows freezes but Linux doesn't; the device manager and task manager stop before the applications. I have no time to access the Disk manager. The Cpu fan doesn't accelerate. If I insert the CF then connect the reader to the running machine, the same happens as if inserting the CF. If booting with the reader and the CF, both Windows and Linux freeze. The Unibrain driver does nearly the same: it fails some seconds later, giving time to see on the device manager that Windows tried to install a disk driver but failed. ---------- I suppose that the new FX800 card is sound, as it gets its driver and detects the reader. A sound SDDRX4-CF is rumoured to work with Windows 98-Seven with the built-in drivers and shouldn't freeze Linux. Comments, ideas, suggestions, explanations...? I'm in the mood of returning the reader to the seller but wouldn't like to be unfair.
  5. You can see some images where the magnetic polarisation is read at a small scale, for instance here http://aip.scitation.org/doi/full/10.1063/1.4944951 especially the Fig. 5 http://aip.scitation.org/na101/home/literatum/publisher/aip/journals/content/adv/2016/adv.2016.6.issue-3/1.4944951/production/images/large/1.4944951.figures.f5.jpeg at a perfect scale for hard disk drives.
  6. OK. The argument with the second law doesn't apply and was pseudo-science. The second law has nothing to do with puzzles, and everything to do with entropy, internal energy, temperature, enthalpy and the likes. You know, the integral of dQ/T. Now, the time needed. The attacker doesn't need to read every atom. Once he has found where the information was imperfectly erased on the whole track, that is, a bit outwards or a bit inwards, he needs to read a bunch of atoms per bit only at that imperfectly erased circle. The speed of a tunnel effect microscope can be over 10,000 atoms per second; it would seem logical that spin-sensitive STEM is about as fast, but I don't have the figures. The scale at a Hdd isn't what you describe. If the contiguous read is 150MB/s at 3.5" and 7200rpm, bits are some 20nm long including sync and redundancy, which still makes 100 atoms long, and tracks for 500GB platters are 180nm apart or 1000 atoms. Even if not every atom was oriented (this happens at a bigger scale with several Weiss domains) and some uncertainty remains, reading 100 atoms at one proper radius suffice to get the information free of noise. Nothing of a puzzle here. A badly (=single-pass zeros) erased HDD still contains the sector sync, the redundancy, the information bits recoverable by the spin-sensitive STEM. Once the attacker has read the sectors, he can reconstitute also the folders and files, still well-ordered. Reading a complete 500GB platters is still slow, but we don't have to image individual atoms here, rather groups of 100, and this must be faster. The reading machine being anyway specialized to rotate the platter instead of translating, it can also have many read tips. And since the partition table, partition header and file system is readable, the attacker can read only the files he wants. The spin-sensitive STEM is just the answer to smaller bits and perpendicular recording. All the rest is identical to information recovery on a damaged HDD or a damaged partition and is banal.
  7. pointertovoid

    Tor is defeated

    Thanks! I'll make a test with Tor at https://panopticlick.eff.org/ . Further observation meanwhile: Paypal refuses to open a session from Tor, so there is some means to distinguish it from other browsers.
  8. I take good note of Nist's statement, paragraph 2.3 on page 6: "Basically the change in track density and the related changes in the storage medium have created a situation where the acts of clearing and purging the media have converged. That is, for ATA disk drives manufactured after 2001 (over 15 GB) clearing by overwriting the media once is adequate to protect the media from both keyboard and laboratory attack." Though, this document is from 2006. Did they have spin-sensitive tunnel effect microscopes back then? https://en.wikipedia.org/wiki/Spin_polarized_scanning_tunneling_microscopy the first referenced article dates from 2009. Such a microscope lets observe the magnetic polarization of single atoms, for instance at locations where the write head put the sensitive data, and that the erase pass didn't overfly accurately enough.
  9. What lets you suppose and even write that? I'm an expert for electromagnetism and hold two MsC for electrical engineering, including microelectronics.
  10. Now that sounds like a pseudo-science argument: "The 2nd law of Thermodynamics describes such a fact." Beware I'm a physicist and I'm easy with thermodynamics, as more people here may be. And citing that law didn't impress me Quite the opposite. Jaclaz has provided articles that did not tell what he claims. In fact, the author of the original paper still recommends presently two multi-pass erase software. Sorry but, after two pages of arguments and references, your one-line strong statement isn't convincing.
  11. pointertovoid

    Tor is defeated

    And no, I can't find a link, because my memories were wrong. The Tor team recommends Tor as it always did. Complete and sincere apologies. What stays is that the newspaper's blog can presently censor me despite Tor.
  12. Thank you for your well-argumented and documented opinion!
  13. pointertovoid

    Move the "Program Files" in Xp?

    Thank you!
  14. pointertovoid

    Move the "Program Files" in Xp?

    Hello you all! I couldn't find the option to move the "Program files" folder in TeakUI v2.10 (also known as TweakXP) running on Xp as I used to do in W2k, so I moved the folder using TweakUI v1.33 (the one for W2k). Meanwhile the XP works imperfectly, and I don't have the computer at hand to experiment further. Hence the question: Can the "Program files" folder be moved in XP? Is it safe to do this?
  15. pointertovoid

    Tor is defeated

    Sad, but... From my observations, Tor is defeated in Europe. I'm covertly censored on one newspaper's blog. First noticed as some keywords combined with my name triggered an automatic censorship that raised a false "error 503" (further experiments showed that my messages passed through without my name, or by reformulating the contents, while my name and the keywords repeatably trigger the so-called error 503, even by retrying seconds apart). For some time I could continue posting by using other names. Then my IP address was censored, but I could go on by hiding my IP address using Tor. Just like in any other dictatorship, you know. Since Bernard Cazeneuve's visit to De Maizière and the subsequent European agreement (to combat terrorism of course), even Tor doesn't get through. From my observations, it could be that the European governmental agencies have identified nearly all the nodes of the Tor network. Keep also in mind that the Tor team now advises not to use it.