Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


pointertovoid

Member
  • Content Count

    635
  • Donations

    $0.00 
  • Joined

  • Last visited

Everything posted by pointertovoid

  1. Thanks Jaclaz! I'd need more evidence before involving little green men in this story (or elsewhere). And I'd like to know why a mobo with a new battery should lose the date. Or even two mobos. So I'm still interested in testimonies: did other people observe an abnormal clock reset on their mobo? Thank you!
  2. Hi everybody, nice to see you again! I had imagined that resetting a computer's clock might be a way to weaken its encrypted communications, especially if they are as poorly programmed as what the cited webpage gives as an example. Recently at my close relatives, two computers have shown abnormal clock resets. At my old mother, the Cmos' battery was empty. I replaced the battery with a new one from a reputed brand bought in a closed package a quarter hour before, I set the clock, and the computer worked properly. A week later, this computer lost the date again. The computer was far from me, I got the account over my mother. At my nephew, who is comfortable with Pc hardware and can replace a battery, the computer with a recent battery lost the date. I had expected a reset date like 01 Jan 2000 or 01 Jan 1970, as usual with an empty battery, but at my mother's machine it was like 31 December 2001. So: did you observe something similar recently? The alternative explanation would be a malware that sets the computer's clock, possibly to exploit the weakness I outlined above. I could admit a hardware defect drawing the battery empty at one mobo, not at both. Thank you!
  3. Thanks Jaclaz! Yes, that's about what I plan. I had already good Apacer Cf, though I didn't use them for very long. Good experience with Transcend EXCEPT that in their 300x 8GB, they put Mlc chips without warning and contrary to their datasheet that promises Slc. Recently, two Toshiba 32GB 1000x went broken at the same time on two different readers - still not understood, maybe a high-tech Usb virus. So I consider Sata instead of Usb. I already had an adapter, or cartridge, for Ssd on Sata. My bad experience is that the connectors went broken after months, with random bad contacts. Avoid them, everybody - unless someone can report a good specimen he used for an extended period. Meanwhile, I connect and remove my Ssd on plain long cables daily, without a cartridge, and this is reliable over years. So I hope to do the same with Cfast, as I do need a smaller format than Ssd. My main concern would be some incompatibility between signalling voltages or a similar bad joke that plagues Cf cards. You know, Pata ports in 5V and some Cf cards that need 3.3V for Udma, or even fail to transmit properly on 5V. More reports, opinions, comments?
  4. Hello everyone and everybody, nice to see you again! I consider switching from CF (on USB reader) to CFast Flash cards. Has someone experience with them? From what I understand, the electric interface is Sata/6000 or Sata/3000 but the connector differs, needing an adapter card. Correct? Is there any bad joke with Sata and CFast, like the varied signalling voltages that plague CF cards? I plan to buy some Chinese adapter card, as they comprise essentially two connectors and copper lines in between, plus seemingly a regulator. Thoughts? The CFast cards I covet have 32GB and Sata/6000, my mobo has Sata/3000 from Intel's ich10r, ran with W2k and Xp, maybe Seven some day if needed. Opinions? I can live without the hot plug and unplug, and have some 3rd party software to force-eject a disk. Other thoughts? Thank you!
  5. My answer is late and sketchy, sorry... I only tried Nt4 briefly, so this is more repeating what I've read than first-hand experience. Most slipstream tools for 2k and later base on the slipstream capability that Microsoft built in the updates. This did not exist for Nt4. Nevertheless, some enthusiasts did write software to slipstream updates into Nt4, including the Sp6a. Do I remember that at least 3 such exist? I don't have my notices here. I saw a workaround, using an F6 diskette, to provide Lba access to a disk right from the beginning of an installation. Possibly a servicepacked version of acpi.sys on the diskette, plus some text files telling to use it. Whether this can provide Lba48 too? My answer may be 40dB behind what you already know... Apologies in advance.
  6. Not necessarily. The weakness results from the CPU restoring imperfectly its state when an exception occurs. Speculative execution makes restoration difficult, but alone it doesn't imply a weakness. From Intel's list, the Core 2 for instance seems immune, with the design flaw beginning at Core i3/i5/i7. I trust Intel's list (...which can evolve) better than arbitrary claims from other sources, which often rely only on the presence of speculative execution, a very old feature indeed. I wonder: exceptions occur much more frequently than after a violation of memory protection, including during legitimate operation of the OS and applications. If the restoration of state is faulty, then the CPU must introduce erroneous behaviour in the machine. This hasn't been observed before?
  7. In the very few past hours, eBay and Paypal show the same symptoms of bad operation as during the two last attacks by Wannacrypt and its successor. Just in case a new wide attack has started, take your precautions!
  8. I've just tried on a 32 bits Windows Seven that I installed minutes before alone on its disk. I suppose the session has administration rights because it accesses the Device Manager. Nearly the same happens as with W2k and Xp. Minor change: Seven installs its v6.1 driver when I insert a CF and runs long enough to show me it comprises disk.sys and partmngr.sys, after what it freezes too. Disconnecting then the reader doesn't heal.
  9. Meanxhile I've had a Firewire 400 (1394a) reader from Lexar. It worked right after connecting to my mobo (chip TI Tsb43ab23), without adding drivers, on W2k-Xp that brought the OHCI drivers, and on Linux (Ubuntu 14, GPartEd and others). Said to be fast, but it was slow on my computer. I can't exclude that Lexar changed the chip over time. Sold again. I've just received a FW800 (1394b) card on Pci-E and a CF-card reader on FW800 and they don't work. Please help! ---------- The Pci-E card is a new Iocrest SY-PEX30016 with a TI chip XIO2213BZAY. Both W2k and Xp install their OHCI driver which is said to suffice for FW800. Everything looks fine in the device manager, as described by Iocrest. I also tried the Unibrain Firewire driver on W2k, it installs too and the device manager shows it. Linux starts with the card, I can't analyze more. The CF reader is a Sandisk extreme Firewire SDDRX4-CF bought used from a Mac user who claims it works. About zero doc available from Sandisk, I shall remember that. If I connect the reader when the OS runs, no additional disk reader is shown by Win nor Linux, but they run. Same if I boot the OS after connecting the reader. If I insert a CF (both 32GB UDMA 7 and 4GB UDMA 4, both formatted), the device manager refreshes after 10s as it uses to when detecting a new hardware, then Windows freezes but Linux doesn't; the device manager and task manager stop before the applications. I have no time to access the Disk manager. The Cpu fan doesn't accelerate. If I insert the CF then connect the reader to the running machine, the same happens as if inserting the CF. If booting with the reader and the CF, both Windows and Linux freeze. The Unibrain driver does nearly the same: it fails some seconds later, giving time to see on the device manager that Windows tried to install a disk driver but failed. ---------- I suppose that the new FX800 card is sound, as it gets its driver and detects the reader. A sound SDDRX4-CF is rumoured to work with Windows 98-Seven with the built-in drivers and shouldn't freeze Linux. Comments, ideas, suggestions, explanations...? I'm in the mood of returning the reader to the seller but wouldn't like to be unfair.
  10. You can see some images where the magnetic polarisation is read at a small scale, for instance here http://aip.scitation.org/doi/full/10.1063/1.4944951 especially the Fig. 5 http://aip.scitation.org/na101/home/literatum/publisher/aip/journals/content/adv/2016/adv.2016.6.issue-3/1.4944951/production/images/large/1.4944951.figures.f5.jpeg at a perfect scale for hard disk drives.
  11. OK. The argument with the second law doesn't apply and was pseudo-science. The second law has nothing to do with puzzles, and everything to do with entropy, internal energy, temperature, enthalpy and the likes. You know, the integral of dQ/T. Now, the time needed. The attacker doesn't need to read every atom. Once he has found where the information was imperfectly erased on the whole track, that is, a bit outwards or a bit inwards, he needs to read a bunch of atoms per bit only at that imperfectly erased circle. The speed of a tunnel effect microscope can be over 10,000 atoms per second; it would seem logical that spin-sensitive STEM is about as fast, but I don't have the figures. The scale at a Hdd isn't what you describe. If the contiguous read is 150MB/s at 3.5" and 7200rpm, bits are some 20nm long including sync and redundancy, which still makes 100 atoms long, and tracks for 500GB platters are 180nm apart or 1000 atoms. Even if not every atom was oriented (this happens at a bigger scale with several Weiss domains) and some uncertainty remains, reading 100 atoms at one proper radius suffice to get the information free of noise. Nothing of a puzzle here. A badly (=single-pass zeros) erased HDD still contains the sector sync, the redundancy, the information bits recoverable by the spin-sensitive STEM. Once the attacker has read the sectors, he can reconstitute also the folders and files, still well-ordered. Reading a complete 500GB platters is still slow, but we don't have to image individual atoms here, rather groups of 100, and this must be faster. The reading machine being anyway specialized to rotate the platter instead of translating, it can also have many read tips. And since the partition table, partition header and file system is readable, the attacker can read only the files he wants. The spin-sensitive STEM is just the answer to smaller bits and perpendicular recording. All the rest is identical to information recovery on a damaged HDD or a damaged partition and is banal.
  12. Thanks! I'll make a test with Tor at https://panopticlick.eff.org/ . Further observation meanwhile: Paypal refuses to open a session from Tor, so there is some means to distinguish it from other browsers.
  13. I take good note of Nist's statement, paragraph 2.3 on page 6: "Basically the change in track density and the related changes in the storage medium have created a situation where the acts of clearing and purging the media have converged. That is, for ATA disk drives manufactured after 2001 (over 15 GB) clearing by overwriting the media once is adequate to protect the media from both keyboard and laboratory attack." Though, this document is from 2006. Did they have spin-sensitive tunnel effect microscopes back then? https://en.wikipedia.org/wiki/Spin_polarized_scanning_tunneling_microscopy the first referenced article dates from 2009. Such a microscope lets observe the magnetic polarization of single atoms, for instance at locations where the write head put the sensitive data, and that the erase pass didn't overfly accurately enough.
  14. What lets you suppose and even write that? I'm an expert for electromagnetism and hold two MsC for electrical engineering, including microelectronics.
  15. Now that sounds like a pseudo-science argument: "The 2nd law of Thermodynamics describes such a fact." Beware I'm a physicist and I'm easy with thermodynamics, as more people here may be. And citing that law didn't impress me Quite the opposite. Jaclaz has provided articles that did not tell what he claims. In fact, the author of the original paper still recommends presently two multi-pass erase software. Sorry but, after two pages of arguments and references, your one-line strong statement isn't convincing.
  16. And no, I can't find a link, because my memories were wrong. The Tor team recommends Tor as it always did. Complete and sincere apologies. What stays is that the newspaper's blog can presently censor me despite Tor.
  17. Thank you for your well-argumented and documented opinion!
  18. Hello you all! I couldn't find the option to move the "Program files" folder in TeakUI v2.10 (also known as TweakXP) running on Xp as I used to do in W2k, so I moved the folder using TweakUI v1.33 (the one for W2k). Meanwhile the XP works imperfectly, and I don't have the computer at hand to experiment further. Hence the question: Can the "Program files" folder be moved in XP? Is it safe to do this?
  19. Sad, but... From my observations, Tor is defeated in Europe. I'm covertly censored on one newspaper's blog. First noticed as some keywords combined with my name triggered an automatic censorship that raised a false "error 503" (further experiments showed that my messages passed through without my name, or by reformulating the contents, while my name and the keywords repeatably trigger the so-called error 503, even by retrying seconds apart). For some time I could continue posting by using other names. Then my IP address was censored, but I could go on by hiding my IP address using Tor. Just like in any other dictatorship, you know. Since Bernard Cazeneuve's visit to De Maizière and the subsequent European agreement (to combat terrorism of course), even Tor doesn't get through. From my observations, it could be that the European governmental agencies have identified nearly all the nodes of the Tor network. Keep also in mind that the Tor team now advises not to use it.
  20. It wasn't my job and I was questioned over several fully unofficial channels, so I can and do speak about it. The query was about destroying hard disk drives because the owners feared the data could be recovered after erasure. Why they didn't want a multi-pass erasure, I don't know. The query was around 2010, definitely after 2004 and before 2012, but the scrapped disks can perfectly have been older than perpendicular recording - weapons for instance use old hardware often. And given the general degree of paranoia of the people who indirectly asked me how to destroy the Hdd (I strongly suppose the French secret services), it doesn't need a workable method of data recovery: they would destroy the disks just on the remote suspicion of a possibility. This latest linked document supports your claim that perpendicular recording makes one-pass erasure safe. Though, not all technology is known. For instance, tunnel effect microscopes can detect the spin of individual atoms. The latest Pdf's argument was about magnetization force, but tunnel microscopes would read locations where the write head didn't pass exactly over the data to overwrite it.
  21. A single overwrite with zeroes is obviously enough against most attacks. On the other hand, "someone" (which means a secret service or a defence agency) questioned me few years ago over several channels, one of them linked with the French secret services, exactly about how to make disposed magnetic hard disk impossible to read, so at least the interrogation is very real if not the possibility. Also, people should tackle this potential risk depending on who the attacker can be, rather than depending on their own identity or activity. In 2017 you can't reasonably claim that secret services work against terrorists. This is not paranoia, it's thinking honestly within real life. Since overwriting a disk several times is no significant stress - only a big time consumption - I do recommend a safe erase to all people supposing a read attempt by a secret service, just like Peter Gutmann still does in the misquoted paper. ---------- Mind reading machines have been around for at least 30 years, about as long as the imaging radars they probably use to map the brain's activity in real time from a very limited distance. But since one can protect himself against these machines with a tinfoil hat, it's still useful to make disks unreadable, indeed. The study by MIT student is a bunch of nonsense produced by people too little skilled on electromagnetism. They even took argument of the propagation of a magnetic field at 200kHz to infer what should happen to an electromagnetic field at few GHz, the probable band of mind-reading devices. Nor is an attenuation a good argument when the goal is to prevent the acquisition of an image. Interestingly, you can observe how some people tell "tinfoil hat" as a synonym for "whacko". This is a method to suggest that tinfoil hats don't work or address a wrong concern. Better take a few plies of space blanket for you hat: it's more comfortable than aluminium foil and it resists corrosion.
  22. You mean, over 4GB on 32-bit Xp? The Sp3 is a hint to the 32-bit version. So, using the Pae, each task (or application?) can access its own 4GB, like in Server Windows, up to the 64GB Dram, is that it?
  23. Your quote is about using MFM, not about using any method. It stands that the author still recommends multi-pass erasure software. "No attack published" isn't the perfect argument. In 1975 the chief of an embassy's encrypted transmissions invited me in his department and told me about knowing what someone types on the keyboard or reads on the screen through the unwanted radiations. The public heard about "Tempest" in 1995 more or less, and it had been operational meanwhile, since some people used it during their military service. So, yes, things exist that the public isn't aware of, even over decades.
  24. Fun. Offline computers can be useful for games too, but a PIII doesn't run recent ones. And, yes, I'd know someone who uses a computer to type letters, but she has already all she needs. I modernized her computer to 200MHz P1mmx, 128MB FPM, 7200rpm 80GB single-platter disk on RocketRaid-100 for UDMA, and installed W95b and o97 on it. Rock-solid for >10 years, <10s boot time, zero-delay Office. No need to propose her an upgrade.
×
×
  • Create New...