jaclaz

Who knows? I really have NO idea what you are talking about. Last time I checked it the DOS utility to upgrade the firmware (which is also the ONLY safe way to update it) had no "menu", let alone a "Download data option" in it. jaclaz

I will try again to disambiguate (or at least find a common dictionary , I will readily agree to disagree on *anything* , as long as the thing on which we disagree is clearly identified). You are seemingly confusing "volatile" (in the sense of "volatile environment" with "read only"). A "repair tool" may (or may not) be "volatile" but CANNOT be "read only". A "forensic sterile tool" may (or may not) be "volatile" but MUST be "read only". A repair tool even if "volatile" may well leave behind "traces", or change *something* on the "internal" PC's hard disk as you reported for ERD / DaRT and the link I provided about the WinPE 4.x that jtalbot35 reported. There is nothing "good" nor "bad" about it, it is simply the way a given tool behaves (by design or otherwise), someone using that tool should be aware of what is changed on the target system. A "forensic sterile tool" by definition, and no matter if "volatile" or not, needs to change NOTHING on the target. A "forensic sterile tool" is used for forensics. A "repair tool" is used for repairs. You can - generally speaking - use a "forensics" tool for "repairs" (by disabling the settings/filters/whatever that make it originally "sterile"). You can - generally speaking - use "repair" tool for "forensics" (by enabling the settings/filters/whatever in order to make it "sterile"). A windows based PE is ALWAYS (by definition) "volatile", it can be tweaked towards "forensics" (and thus made READ ONLY and "sterile"), or tweaked towards "repair" (and thus forfaiting the "sterile" and READ ONLY). A Linux Live is also (by definition) "volatile". Both a Windows PE and a Linux Live distro can be booted from CD/DVD (and the CD/DVD is NOT changed in any way="volatile") whether they will "leave traces" on the hard disk is another matter, which is very relevant for "forensics" but of little or no importance for "repairs". BTW you can have a "volatile" environment also with a "full" XP: which you can use for "repairs" but that you CANNOT for "forensics" (as it is evidently NOT "sterile"). ERD or MSDart are intended for "repairs" and they are "volatile" and they may well leave traces on the PC's hard disk. Your reply to joakim: May not be entirely true. Certain PE implementations like the earlier System Internals ERD and the later DaRT leave something, at least a folder and possibly some registry entry. I never did do a formal test of this so I am just guessing that it is a date/time/stamp tattoo. A proper audit should be done to see what if anything persists. A perfectly sterile forensic PE tool should leave nothing on the target system without prompting. seemed to imply that anything in the original thread or specifically in joakim's reply was related to "a perfectly sterile forensic tool" or that you considered ERD or MSDart a "perfectly sterile forensic PE tool" (which they are not). Hence the idea that you were mixing together different things. Consider this carpenter's example : joakim: When you paint your walls, no traces are left once you have removed the bucket of paint, the ladder, the brushes and the paper you used to protect the floor. CTH: Hah, but last time I spray painted my room I found tiny drops of paint on the windows. A perfect sanitization of a hospital room should leave no traces. jaclaz: CTH, joakim was talking of painting the walls, and of painting them with brushes, not about spray painting them and not about hospital rooms. jaclaz

What if the name "PRISM" actually came from an actual prism splitter of optical fibers? An unrelated image , just to provide some colour to this post : A more related (but dullish) image B) : Some actual references : http://www.huffingtonpost.com/2013/06/06/nsa-prism-data-mining_n_3399310.html http://seattletimes.com/html/politics/2004001159_spying08.html http://en.wikipedia.org/wiki/Mark_Klein https://www.eff.org/files/filenode/att/SER_klein_decl.pdf At least it would make sense lexically. jaclaz

Charlotte, sorry to say so , but you are seemingly talking of things that you have (evidently) not much experience with, mixing liberally different things. There are tens of valid "forensic" Linux Distro's. And at least one, the WinFE, based on NT PE technology. Everyone can build a WinFE from their (licensed) Windows 7 (or 8 ) sources or WAIK, contrary of what dencorso thinks not only through the Winbuilder .scripts/projects, but also "manually", after all the "whole" thing are a couple Registry keys, a couple references: http://praetorianprefect.com/archives/2010/04/winpe-3-0-forensics/ Among the forensics Linux distro's I personally like Caine: http://www.caine-live.net/ BUT the WHOLE point of a "sterile forensics tool" is that it is READ ONLY on the "target" PC's devices, so it is NOT suitable for "repair" (which a "normal" PE or ERD is). Carpenter's comparison : A syringe (and it's needle) is a sterile medical tool, a hammer is a non-sterile carpenter's tool, to plant nails into wood you use hammers and not syringes. jaclaz

Yep, it sure can happen to any and all manufacturers, it's just a matter - as I see it - to not buy the latest model and check what has happened to others that got the model you want to buy. Particularly in this case, I have BAD news Seagate is NOW Samsung, any drive you buy next can be either Samsung or Seagate (or both or viceversa or *whatever*) , example: http://forum.hddguru.com/viewtopic.php?f=1&t=25629 About cables, you have to think about the frequencies involved, if you think about it almost every component in a modern PC is dealing with frequencies that are in the radio (or TV) ranges and above them, I suspect that even a very slightly defect in shielding or insulation of a cable (like the SATA ones) can produce an issue, which BTW may also be "local", in the sense that the same cable in a different case (and possibly with a different set of bends) may work alright, or by simply straightening it before re-installing it the tiny defect "mends itself". You'll never know. Think at the good ol' times when you had snow on your TV set if a connector or shielding was even slightly defective... (progress is that when the same happens on DTV you either have "random" pixelization or downright completely loose the image ). jaclaz

As a matter of fact a sterile forensic PE tool cannot even mount hard disks like devices, as windows (also a PE ) will write the Disk Signature to the disk (if there isn't already one). http://www.forensicswiki.org/wiki/WinFE http://www.ramsdens.org.uk/ http://winfe.wordpress.com/ But the point is different, the kernel is loaded with the /minint switch that makes a lot of things (including the Registry) "volatile", thus you need an "external" way/method/tool/whatever to "keep" the changes. As an example you can install a program in a PE alright, but unless you run a backup tool on the Registry (and you replace the previous Registry with the saved one before rebooting to that PE through some "other" OS), at reboot everything that was in the Registry will be gone. Do not confuse "completely read only" with "volatile" . jaclaz

@buyerninety You can stamp your feet as long and as hard as you want , but if the flashing program runs under DOS, it runs under DOS and DOS has no way to distinguish a floppy from a floppy image loaded to memory by grub4dos or from an El-Torito floppy emulation. If the recovery bootblock is used instead, then that is another thing. If the flashing program does NOT run under DOS (i.e. it is a self-booting file, a windows .exe or *whatever*), again it's another thing. jaclaz

Naah , they have satellites to do that, since years. jaclaz

That's why they are making 'em smaller and insect like , the damages in case of collision will be neglectable . jaclaz

Sure , and PreCrime will soon be established.... : http://en.wikipedia.org/wiki/Minority_Report_(film) @submix8c be VERY afraid of the consequences of what you are THINKING! jaclaz

Well, as long as the "quirky" whatever comes as a floppy disk image running *any* real mode OS (please read as DOS, FreeDOS or similar) the grub4dos or El-Torito boot CD approach will work alright. Really? I thought our down under friends were too busy with other activities : to throw away PC's along the roads.... jaclaz

NIce article. THREE things are IMHO evident: contrary to the intitial thought, there is actually a need (or at least a market) for a drone buzz detecting device : Mr. John Villasenor is definitely a lawyer : Now I would guess that if someone is "putting a stepladder up against my home without permission, climbing up the ladder, and then photographing" the public street, I have all the rights in the world to kick him/her out of my property. (right idea, wrong example) strangely enough the nice paper by Mr. Villasenor comments on Arizona's, California's and Oregon's trespassing Law provisions but fails to cite Texas and other southern states : This latter point makes me think that maybe there could be a new, emerging (niche) market for Automated Air Defense For Backyards (AADFB). Basically you assemble together the "Drone Shield" with this : jaclaz

To paraphrase "growing old is tough but beats the alternative", what do you suggest, a nice set of 7200.11's and 7200.12's? I wonder if you are aware of the related issues: http://www.msfn.org/board/forum/169-hard-drive-and-removable-media-issues/ jaclaz

Naah, it's just Murphy's Law, it is - if I remember correctly - the second or third major malfunctioning in the last several years, not at all bad when put into perspective. No. That is a continuity tester, nothing but a "special" Ohmeter (or even less that that, a bunch of leds on one side and some battery power on the other). That can diagnose an interrupted cable or bad contact, but it is of no use for detecting high frequency "data leak" or "intermittent issues", if you prefer with a cable that does not pass the tester you won't get bus/controller errors, you would simply not see the disk, or have read/write errors. Sure , that's all good advice. jaclaz

Just for the record, you can normally use grub4dos and a floppy image to flash the BIOS, and/or a plain "CD from floppy". A quick and easy way to make such a CD is hinted here : just combine the header with the floppy image and burn to CD. jaclaz

http://dailycaller.com/2013/06/07/new-xbox-by-nsa-partner-microsoft-will-watch-you-247/ Only seemingly OT: Many, many years ago I received as a gift a dog puppy that was just separated from it's mother (probably a bit to early). After having the puppy crying all night long, an old friend, a farmer with lots of experience with cattle and animals, suggested to put at night in the puppy's basket a hot water bottle with some warm water inside it and an old alarm clock (tick - tick - tick) wrapped in a blanket. It goes without saying that we (including the puppy) could sleep alright since. What will be needed additionally? http://todbot.com/blog/2009/10/07/scary-shifty-servo-eyeballs/ Just imagine the potential for a small antropomorphic upper body and head with automatically (randomly) moving eyes, a heartbeat and something to keep it at around 36.5 C (if needed), it would be a bit scary at first, and will take some serious estate on your couch, but imagine the satisfaction when: a Forrester Research (sponsored by MS) will declare how 95% of US teenagers have difficulties to concentrate (jusdging form the results of recorder eye movement analysis) a "civil rights" organization will sue MS for breaking the privacy of population a group will start a class action against MS affirming that their sons and daughter actually suffer from random eye movement AND that the XBOX is what caused it jaclaz

There have been technical issues, now everything should be back to OK. Once upon a time, when the fast storage was SCSI, one of the historical Authors on Byte, Jerry Pournelle: http://www.jerrypournelle.com/ used to say something to the effect of "whenever something is wrong with SCSI disks, it could be anything but it is always the cables": http://www.jerrypournelle.com/chaosreports/Recommended.html#Storage What has been will be again, what has been done will be done again; there is nothing (much) new under the sun. No, the issue is likely to happen only at the very fast frequencies the actual data transfer requires, I don't think that a suitable tool would be affordable . Yeah, sure , at a geekitude level of 93.7% . jaclaz

Well, no , that was my point . JorgeA has (had/will have) difficulties in UPLOADing an image (as attachment) not in LINKing to one AFAICU. jaclaz

Your point being...? jaclaz

Yep, but that is the output of running fdisk. I asked you the log of TESTDISK, instead. jaclaz

No. The: Prepares a hard disk to boot and install to the *whatever* hardware it is next booted on. Nothing of the "old hardware" is "kept" if not the drive letter (see the note by cdob about migrate.inf). http://support.microsoft.com/kb/241803/en-us http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/winnt32.mspx?mfr=true The only issue may be if the source has not integrated the correct drivers for the SATA/AHCI disk (if any) which may force to install in "IDE compatibility mode" (if available). jaclaz

That kind of log entry is normally connected (pardon me the pun) with drive connections, i.e. cables or connectors. Since you have several Hard disks I wouldn't completely rule out some form of interference between the cables. The cost of some five good quality SATA cables should be worth the attempt of replacing them all (and cleaning carefully the connectors on MB and disks). The BSOD may be something completely UNrelated and possibly a one time only issue. jaclaz

You fell in the usual "trap" that programs like Gparted (or Partition Magic, or similar) provide. Since you have before you a nice, graphical representation of the disk you expect that you will be able to do *whatever* you think fit, completely ignoring what is "behind it". This usually resolves in "havoc". Partitioning/re-partitioning/re-sizing parittions, etc. is a COMPLEX thing to do and these tools only SEEMINGLY make it easy. Using more "random" programs, which you (and we) are not perfectly familiar with is a good way to make things worse. What you should do right now is to run TESTDISK on that dirve (with a log), DO NOT WRITE anything to the disk, i.e. DO NOT attempt to repiar that disk, and post the TESTDISK log. This way maybe we can get an idea of the actual situation of your disk and of your current partitioning (right now it is not clear at all what is the current status). http://www.cgsecurity.org/wiki/TestDisk jaclaz

The good thing about a good article is that a sentence is often clearly explained by the following one : It seems to me however that a comma is missing in here: this sounds better to me : jaclaz

Well, then - no offence whatever intended - irrelevant data. I presume that it is a digital multimeter. Such an instrument has a "stabilizer" or if you prefer a "cache" or a "retarding circuit" to allow the LCD to display a number, what you read is actually an "average" over a (small, but not small enough) interval. For all you know the drop could be (briefly) well below 100 volts. Filming an analogic voltmeter would give you (at 30 frames per second) maybe half the precision needed to measure a drop voltage @60 Hz (you have to consider the hysteresys of the actual instrument), but in any case better than any common digital multimeter, which measures RMS: http://www.newton.dep.anl.gov/askasci/eng99/eng99515.htm Fluctuations in AC within 5% (which is what you described) should not produce "flicker", which should be noticeable when the fluctuation reaches (or nears) about 10%. jaclaz