Slashdot Mirror

I'm at a loss to understand what the security issues you would have such that cloud-based password managers are a hazard. And yet, such that you can get away with passwords that you can commit to memory.

Any password you can remember is a password that is already in thousands of crackers' try-these-first password lists. All of the online security breaches of password database have provided a rich and extensive database of passwords that people actually use. No, you need to use a password manager. Like five years ago. But a password-managing device is the worst possible option you can consider. How can you back up your password database?

A good, completely off-line option is Steve Gibson's 'Off the Grid' password generator here: https://www.grc.com/offthegrid.... You could generate a paper grid and use that. It can be reprinted as needed, and even if you lose it, no problem.

Some/all of the cloud-based managers can be used offline. I know for a fact that LastPass does not need to be connected to the 'Net to work. It's free, try it out - see if it works for you. There are 'LastPass Portable' versions, designed to run off a thumbdrive.

For a buck a month, LastPass provides stellar technical support (one of the programmers called me at home to sort out an issue I was having when using 'LastPass for Applications' with the steaming pile of a crap that is iTunes): https://lastpass.com/go-premiu... Their security has been vetted by trusted reviewers, they use best practice encryption and protocols. Perhaps their Enterprise services will fit the bill?

Cheap at twice the price. I can't recommend them enough.

if an attacker is on the INSIDE of your LAN, then you are already boned.

What am I missing?

There are varying degrees of boned. UPnP lets the black hat turn a small exploit into a big one.

Assuming that UPnP is implemented properly

Well yes, there's that too.

There appears to now be a similar, open-source DNS benchmarking program available: namebench. I haven't tried it out, but it looks promising.

I don't have a smartphone.

I think those random password generators and "keeptrackors" is the most convenient and best but I've also considered using https://www.grc.com/offthegrid.htm or that together with something else.

As for the the guy talking down the "bunch of words"-approach I guess one could take words from different languages and then throw in a few extra characters and numbers in a few groups here and there just to mess up if someone only use dictionaries and then it would become somewhat harder (though if one use the same password or the same places for things always it's not all that great anyway.)

if indeed they hadn't guessed already

Don't worry, they have.

(Direct link to relevant resource.)

No, that doesn't help.

The bad guys know all these cute little tricks.

Do not trust certificate authorities. Period. The end. No debate, no bullshit, no anti-government or pro-government or any politics.

I keep posting this link in HTTPS discussions https://www.grc.com/fingerprints.htm

Someone's MitMing my Gmail each time I check >:-(

You think https is secure? How cute.
https://www.grc.com/fingerprints.htm

What makes you so sure?

That they are STILL trying to hide something BIG? Years in the telecom and ISP business, NSA-watching since the Internet went global and way before. I am one of those people who might have become a spook, though I am glad I did not. From its all-to-brief brief mention in David Kahn's The Codebreakers [1967] which I carried around as a kid like some overstuffed bible, my interest was piqued by James Bamford's Puzzle Palace [1982] which introduced the world to the topic of the 'piggyback slurp' and laid out directly NSA's intentions to tap the world. The whole world -- Charter be damned -- from the start.

A few anecdotes from good friends in the telecommunications trade who alluded to special cordoned-off spaces within AT&T's Magens Point cable terminus in St. Thomas US Virgin Islands, drunken conversation in bars with reminders not to speak of such things... a rather suspicious 'underwater landslide' fiber outage between St. Thomas and Puerto Rico c.1995, which I suspected at the time might involve a submarine because a telco friend noticed that after all his voice circuits were back there was an eyebrow-raising 'unusually long period' before the data circuits came up, even though they were physically interspersed and not supposed to be broken out at the carrier level... circumstantial stuff, sure. Pure speculation is as fascinating as the real thing.

Since then, revelations about Room 614A and Hepting vs. AT&T, the little mouse who could have roared all the way to the Supreme Court, had they not declined to hear the case.

I'm not talking about individual stakeouts or FISA warrants or occasional 'oopsies' of a few domestic intercepts. I'm discussing large scale Tier 1 total interception of data with selective routing and forwarding of target traffic onto side channels via 'dark' or leased fiber on a scale that is approaching 'total'. This includes voice too: terrestrially trunked cell calls and landline (there is practically no difference these days, it's all turkeyfart compressed).

Which is why I posted here back in June my theory that PRISM slides were made as part of a limited hang-out. I came to this conclusion because I found the allegation that Internet service providers named grant direct back-doors to NSA to be preposterous (and still do, too much risk of exposure by now). The purpose of the hang-out was for Google and company to discredit the allegations honesty to relegate it to 'hoax' status... and provide a topic that diverts attention away from the total-tap-slurp operation.

Steve Gibson of Gibson Research has come up with another theory that I find interesting, it may fit Occam's Razor better than my own. He presented it recently in Security Now #408: The State of Surveillance, audio and full transcript available. GOOD STUFF. His angle is that "direct access to their servers" means all unencrypted SMTP-mail and HTTP from tap points directly upstream. It is all about fiber and taps. Taps are about splitting light... and that is what prisms do.

If you have a good traffic tap and encrypted intercepts, add a bit of coercion for the providers to divulge their private SSL keys and they can replay the past SSL sessions they have gathered.

It is time for everyone to learn about and implement Perfect Forward Secrecy.

Thar be dragins in our midst. Slay them.
NSA and the Desolation of Smaug

Maybe you should read the spec: https://www.grc.com/sqrl/phishing.htm

It says right on the page that an active attack could be mounted if you use a cross device authentication like you'd use in a public computer setting.

The computer you are accessing the site from it at a phishing site that displays an active QR code to log you into the real site.

Your cellphone you authenticate with is accessing the Internet via a cellular data connection so the IP of the computer and cellphone would be different.

Since a cellular-connected, camera-enabled device can be expected to have a different IP than any cross-device computer you're logging into, the SQRL client will usually be configured not to request any same-IP enforcement from the remote web server. In this instance, same-IP policy driven phishing detection countermeasures will not be available so the user will need to be vigilant about the sites being logged into in these cross-device circumstances.

The IP check would work if authenticating off a single device like a laptop, but it doesn't solve the public computer access problem that Steve Gibson was touting as solved.

Gibson has not learned his lessons. You want a laugh? Check out one of his more recent attempts at "security"

https://www.grc.com/haystack.htm

His argument is based totally on pure brute force, which nobody does. The danger comes from dictionary attacks, and i'm pretty sure this technique can be easily accounted for and a "Haystack" password cracked in a matter of days, if not hours.

The guy just doesn't understand that his problem is not that he's not smart... it's that he doesn't share his ideas with others before he pontificates on them.

Go to Gibson Research Corporation ShieldsUP! website ( https://www.grc.com/x/ne.dll?bh0bkyd2 ) and scan your connection. Plug all the holes so that you have a full stealth on all ports.

If the certificate is correctly issued, it does not matter. NSA can make it's own certificate for example.com but they can't decrypt data from the existing certificate. They need to do full Man-In-The-Middle. This is noisy and can be detected even by half-retards.

What you describe is perfectly possible and in active use. Use this wonderful site to detect such cases: https://www.grc.com/fingerprints.htm Preferably print the page out and keep it in your pocket.

Well okay, but someone could build a *much* better version of that. And mirror it out to other sites. How do you know you can trust the certificate of grc.com?

But as a proof of concept for what all secure site operators and their Certificate Authorities should already be doing, yeah.

If you're paranoid about Man-In-The-Middle attacks or would just like to know whether your own corporation surveils your HTTPS browsing, you can use this checker: https://www.grc.com/fingerprints.htm to confirm whether your certificate fingerprints are the same.

Well, I'm sure in this crowd, a few do [check the certificates].

For those who don't already know it, there is a service at Gibson Research Corporation that helps you do that. https://www.grc.com/fingerprints.htm

It's not as conspiracy-theory cool as magical backdoors implanted in every piece of hardware, but this is how the NSA actually breaks into systems... they do it the same way everyone else does, just on a much larger scale and with even less fear of legal repercussions that the cyber criminals.

Oh really? I don't see "everyone else" spending millions to deliberately subvert encryption standards , either.

  And since the CAs have been co-opted, SSL is laughable. Try Steve Gibson's cert "fingerprint" service and see for yourself. I tried it, and he gets a different cert for www.google.co.nz than I do. Is it the NSA? Who knows, but someone is up in my business >:-(

Then they can make a public and private key for whatever.com. Then they use their fake Intermediate CA Inc.certificate to sign that. Unless you the person visiting whatever.com specifically have an original copy of the real whatever.com certificate public key, and you look at the public key of the certificate every time you visit the website, you'll never notice that the NSA has replaced the real certificate with theirs. As long as they're using the correct Verisign private key, your browser will not detect any problems.

This is precisely why you should be checking site fingerprints and using browser add-ons like Certificate Patrol, in combination with a secure browser (eg: TorBrowser).

If you blindly stumble around the Internet accepting certs, not checking source and destination, you deserve what you get. If you verify the authenticity of your connections, and deny/block/forbid those that don't match, you'll be much closer to the secure environment we're all striving for.

https://en.wikipedia.org/wiki/Homomorphic_encryption and a discussion of it here: https://www.grc.com/sn/sn-376.pdf

The concept has been around for years but it wasn't until the last ten years ago that some brilliant researchers came up with ways to actually make it feasible. The idea is that you encrypt your data, and you can give that data to someone else to perform some mathematically operations on, and the person doing the operations can perform the operations without knowing what data they are manipulating, and the operation results can be sent back to you, and you can decrypt them and use them.

The way someone explained it to me, fundamentally all computer operations are decomposable into a bit-wise AND and a bit-wise NOT (or equivalently, a bit-wise OR and a bit-wise NOT). So if you can encrypt your data and have someone else do lots and lots of ANDs and NOTs for you without decrypting it, you can effectively have them run a virtual computer using your encrypted data. They don't know what the results of the operations mean, but they can send the results to you and you can decrypt them and use them.

All of this is mind-blowingly cool.

All this talk of NZ spying on its own citizens made me wonder - is my SSL traffic intercepted via man-in-the-middle (MitM)?

Using Steve Gibson's cert hash checker https://www.grc.com/fingerprints.htm I checked a few common SSL encrypted sites to see if my traffic was being intercepted. At work it is (not by my employer- I run the network) but at home it wasn't (Slingshot's my home ISP). Google.co.nz was one of the sites that appeared to have MitM interception, whereas my online banking wasn't.

I have to keep reminding myself that HTTPS isn't secure because the CAs can't be trusted

I wonder who's doing the MitM? Our ISP, Orcon? The gubbermint? Google? The NSA? Aliens?

According to Security Now/Steve Gibson, the encryption/security on the MEGA file site is not very sound

https://www.grc.com/sn/sn-390.htm (search for "Java Crypto" to get about 3/4 way through the show) or listen to the podcast..

MEGA is well intentioned Im sure, but the Javascript code in MEGA does not cut it for serious security, and they need to dp waaay better for an email service.
Remember that ALL THE DATA is being retained now, so one crack in the system and there is a way in.

Air tight security is do-able, but needs to be serious - I wish Mega lots of luck.

NAT is just a lookup table used to map addresses of incoming packets... it could be used for any type of addressing.

its only security advantage is that if it runs into an incoming packet for which the source address doesn't map to a corresponding record in the lookup table, it drops the packet (notwithstanding port forwarding etc), so for home users it works pretty well cos only the packets responding to outboud requests get translated.

of course the outbound requests could come from anything good or bad, which is where firewalls come into the picture (filtering protocols, ports, etc) but NAT is pretty useful as a gatekeeper.

https://www.grc.com/nat/nat.htm

The ever-unpopular Steve Gibson covered this, saying the solution is memory-hard hashing.

(Ctrl+f for "simplified".)

Interesting podcast -- https://www.grc.com/securitynow.htm look for Episode 408. It's a somewhat speculative discussion about what PRISM probably is, but Steve Gibson is pretty knowledgable, and backs up his theory with facts that seem to support it.

TLDL summary-- It's a tap on the fiber at the ISP just upstream of Google, etc., capturing a copy of all traffic to/from that service. See prior stories about "What is that secret room at AT&T?", etc.

A transcript of the podcast should be up by Friday, according to the web site.

The screen shots from https://live.gnome.org/GnomeShell/Tour show that this interface is not using sub-pixel font rendering. I have noticed this on most if not all other Linux-type screen shots. Apparently the favored font rendering method on Linux is the old-fashioned "treat every pixel as some shade between the font color and the background color". The characters so rendered are substantially less well-formed and harder to read. And this surely isn't a matter of intellectual property: https://www.grc.com/cleartype.htm.

http://www.grc.com/unpnp/unpnp.htm

install linux (i prefer debian stable, but that's just me)

closed all uncessary ports

that's usually a function of your router, but linux can also be used for routing functions using an iptables script... here's an example that you can execute from /etc/rc.local (on a debian machine anyway):

#!/bin/bash
echo -n "Loading iptables firewall..."
iptables -F
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -j DROP
echo "done."
exit 0

not the most locked down firewall that you can make with iptables, but its probably a similar configuration to what you would find in most off-the-shelf routers by default. you only need to add more exceptions if you run servers of sorts (ports 80 and 443 for httpd, 25 and 110 for mail, 53 for dns, etc). you can also nat between networks with iptables.

edit /etc/hosts.deny and make the only non-commented line ALL:ALL, and make sure there is nothing (except comments) in /etc/hosts.allow

also be sure to configure all users except human users and root so that shell is /bin/false in /etc/passwd and /etc/passwd-

also, don't install any programs from sources other than official repositories (except for things like flash from adobe website) and don't install garbage apps and avoid torrrent clients which are a breeding ground for malware for all operating systems. i tend to favor stable repositories (with auto security repos update), with many vulnerabilities being due to inadequately tested updates. despite the hype, the testing aspects of both waterfall and extreme programming methodologies are rarely followed in open source projects, with the most common being the "code and test" or (derogative) "cowboy coding" methodology.

use shields up @ https://www.grc.com/x/ne.dll?bh0bkyd2 to verify if you have any exposed ports

also, to protect your wifi network(s), only use wpa2 (don't use wep) and set up an access list so that only registered mac addresses will be able to connect

always use https for online banking and make sure the top and 2nd level domains are what you expect (most modern browsers highlight them)

some of this stuff is less to do with asio and more to do with security in general. no doubt other /. users will chime in if i've said something wrong or if i've missed something obvious. there's also other security things like wheel group, and there are hardening tutorials for most major distros out there. debian has a good one here: http://www.debian.org/doc/manuals/securing-debian-howto/ but for controlling remote access, the best way is to harden your browser settings (uninstall/disable any unneccesary plugins, disable java, etc), tighten up your wifi security and make sure no router ports are open

the internet is a scary place, but most viruses and malware is unintentionally installed by users from a web browser or email client (in windows). hacking is a problem, but its only serious if you're hosting. look up how a router works and that may help cool some of your fears. grc has a good info page here: http://www.grc.com/nat/nat.htm
summary: think of a nat router as sort of being like a one-way valve, so you can make requests out but only responses to your requests can come back in (ininvited requests are dropped)
if your computer is part of a botnet, there's a good chance that you unintentionally installed software from your web browser or email (or junkware/shareware) that caused it. malware rarely if ever gets onto your pc on its own, and also having malware or virus infected files on your machine is ok as long as they aren't op

install linux (i prefer debian stable, but that's just me)

closed all uncessary ports

that's usually a function of your router, but linux can also be used for routing functions using an iptables script... here's an example that you can execute from /etc/rc.local (on a debian machine anyway):

#!/bin/bash
echo -n "Loading iptables firewall..."
iptables -F
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -j DROP
echo "done."
exit 0

not the most locked down firewall that you can make with iptables, but its probably a similar configuration to what you would find in most off-the-shelf routers by default. you only need to add more exceptions if you run servers of sorts (ports 80 and 443 for httpd, 25 and 110 for mail, 53 for dns, etc). you can also nat between networks with iptables.

edit /etc/hosts.deny and make the only non-commented line ALL:ALL, and make sure there is nothing (except comments) in /etc/hosts.allow

also be sure to configure all users except human users and root so that shell is /bin/false in /etc/passwd and /etc/passwd-

also, don't install any programs from sources other than official repositories (except for things like flash from adobe website) and don't install garbage apps and avoid torrrent clients which are a breeding ground for malware for all operating systems. i tend to favor stable repositories (with auto security repos update), with many vulnerabilities being due to inadequately tested updates. despite the hype, the testing aspects of both waterfall and extreme programming methodologies are rarely followed in open source projects, with the most common being the "code and test" or (derogative) "cowboy coding" methodology.

use shields up @ https://www.grc.com/x/ne.dll?bh0bkyd2 to verify if you have any exposed ports

also, to protect your wifi network(s), only use wpa2 (don't use wep) and set up an access list so that only registered mac addresses will be able to connect

always use https for online banking and make sure the top and 2nd level domains are what you expect (most modern browsers highlight them)

some of this stuff is less to do with asio and more to do with security in general. no doubt other /. users will chime in if i've said something wrong or if i've missed something obvious. there's also other security things like wheel group, and there are hardening tutorials for most major distros out there. debian has a good one here: http://www.debian.org/doc/manuals/securing-debian-howto/ but for controlling remote access, the best way is to harden your browser settings (uninstall/disable any unneccesary plugins, disable java, etc), tighten up your wifi security and make sure no router ports are open

the internet is a scary place, but most viruses and malware is unintentionally installed by users from a web browser or email client (in windows). hacking is a problem, but its only serious if you're hosting. look up how a router works and that may help cool some of your fears. grc has a good info page here: http://www.grc.com/nat/nat.htm
summary: think of a nat router as sort of being like a one-way valve, so you can make requests out but only responses to your requests can come back in (ininvited requests are dropped)
if your computer is part of a botnet, there's a good chance that you unintentionally installed software from your web browser or email (or junkware/shareware) that caused it. malware rarely if ever gets onto your pc on its own, and also having malware or virus infected files on your machine is ok as long as they aren't op

https://www.grc.com/x/ne.dll?bh0bkyd2

APK

P.S.=> Especially the section button/tab titled "Browser Header" - that site's pretty useful in this regards!

... apk

Common house locks can be opened with little training. So-called "secure" locks are even worse, false sense of security. I've seen $1,000 locks be opened with 5 dollars of stuff from Wal-Mart. Same goes for so-called "secure facilities," which have locks that can be bypassed in under 5 minutes.

And tell me more about the security of 10-digit passcodes. So lets go with that password, with a $2,000 dollar laptop could be cracked in about 20 minutes?

Do $2,000 laptops now come equipped with Data The Star Trek Android articulated robotic hands capable of punching thousands of 10-digit guesses per second? Man I need to swing by Fry's on the way home and score some of that tech. I just hope it's not an HP, because I hate the spacing on their keyboards.

Common house locks can be opened with little training. So-called "secure" locks are even worse, false sense of security. I've seen $1,000 locks be opened with 5 dollars of stuff from Wal-Mart. Same goes for so-called "secure facilities," which have locks that can be bypassed in under 5 minutes.

And tell me more about the security of 10-digit passcodes. So lets go with that password, with a $2,000 dollar laptop could be cracked in about 20 minutes?

Correct: encrypted backups are not a feature unique to Backblaze.

Security Now - Episode 350

Best Hard Drive Disk Utility available. License structure Steve has is pretty liberal. http://www.grc.com/sr/spinrite.htm

He was just being funny about "week." However, you are correct there is indeed a logical problem with imposing more "secure" password policies on users that are simply not feasible for humans to be able to remember the passwords. These policies force users to have to store the passwords somewhere in plain text in order to remember them. Surprise! We just defeated the whole goal of not having passwords stored in plain text except in our heads because it's now on a sticky note under your keyboard or wherever.

The types of policies that are contributing to this are, among others, 1) Requiring frequent changes of passwords, 2) Requiring passwords to be strong in character selection rules, must contain numbers, letters and symbols, cannot be any consecutive letters or numbers, etc. This makes the passwords incredibly difficult to remember as a mnemonic device and 3) Password lengths. We are being required to have longer passwords. Steve Gibson has a very interesting tool called Haystack demonstrating that 8 character passwords are insufficient and trivial to crack with today's computing power.

What is the solution? Heck if I know, but it probably isn't passwords. As computing power increases, the length and complexity of the passwords will also have to increase in order to defeat or greatly discourage brute force attacks. But they will also render passwords useless because no on can remember them.

https://www.grc.com/haystack.htm this is worth reading and makes some interesting points that it has more to do with length than randomness for bruteforce protection (unless you make it like passwordabc123)

I wish the summaries would include direct links to the interesting bits, rather than some random ad-fest blog entry.

The underlying tool for all of this is at https://www.grc.com/haystack.htm

Calling Steve Gibson legit is a bit of a stretch. If you define legit as "unlikely to use what you enter for criminal purposes," sure. If you define legit as "somebody who isn't a years-long laughingstock and borderline fraud in the security community," then no. Have you ever visited the Gibson Research Corporation site?

Link in link form.

ClearType invented nothing apart from the name itself.

Sub-pixel rendering was used two decades ago by Apple.

"Back in 1976, my design of the Apple II's high resolution graphics system utilized a characteristic of the NTSC color video signal (called the 'color subcarrier') that creates a left to right horizontal distribution of available colors. By coincidence, this is exactly analogous to the R-G-B distribution of colored sub-pixels used by modern LCD display panels. So more than twenty years ago, Apple II graphics programmers were using this 'sub-pixel' technology to effectively increase the horizontal resolution of their Apple II displays." - Steve Wozniak

See: http://www.grc.com/securitynow.htm - Episode #345

Quite simply the most effective corruption prevention tool out there, just run it once a year on each drive.

Blocks outgoing cookies
All web browsers (known bugs notwithstanding) are able to block incoming cookies and prevent them from being stored and used either temporarily or permanently. But only Firefox and Opera are designed to block the sending of any cookies they might have previously acquired but which the browser's cookie policy now blocks. If either Internet Explorer or Safari are set to block cookies, only newly arriving (incoming) cookies are blocked. They will both continue sending any (undesired) cookies outbound that they had previously acquired . . . which is almost certainly not what their user intends.

From GRC's cookie research pages -- Which is what I've also observed. You disable 3rd party cookies, and yet it continues sending out any 3rd party cookies they already have set. The page is a bit outdated, since FF3 is out, but the statement about Safari holds true.

Sure doesn't sound like it's Disabling 3rd Party Cookies to me....

You seem to have it in for Spinrite, but it's not clear why. If you listen to Steve's podcast (Security Now), you'll know that he is very careful on how he describes the technical aspects of his products (including Spinrite). I'd be very surprised if you or anyone could point to any of GRC's literature on Spinrite that would prove he's "lying" about anything.

http://www.grc.com/spinrite.htm "and ALL OTHER file systems". Tell me, how well does Spinrite support UFS? EXT4? ZFS? Given that the ZFS driver code alone is several times the size of Spinrite that's not really possible. And filesystem support is important given Spinrite's braindead data recovery. If there is no knowledge of the underlying filesystem then Spinrite has no way of knowing if it is overwriting data, filesystem structure or empty space. Even if it was lucky and got empty space, there is no way for it to update the filesystem so you can recover the data.

Erm... it reads sectors and writes them back *in-place*. It is "below" filesystems, so the filesystems don't care -- when they are booted back up, they see things exactly as they had before, but hopefully with no CRC errors.

How about this beauty from http://www.grc.com/srphysics.htm: "SpinRite is actually able to lower the amplification of the drive's internal read-amplifier". I don't think I even need to explain why that is BS. Tell me, which ATA or BIOS commands can do that?

Don't need one. All data on magnetic platters degrade over time (you have things like Turbo codes and other signal majicks to "correct the errors" as long as they don't get too large); everything has gets fuzzier over time as the field weakens.

If you read valid data (corrected by ECC), and then write it back, the magnetic signature is stronger, and thus you don't need as much gain on your magnetic heads...

In good RAID arrays, you do this with a parity scrub operation that reads/writes everything as an ongoing operation because if you let the data sit too long, it will go from ECC-Correctable to Uncorrectable, and the data will have to be rebuilt from multiple drives or lost.

In fact, that whole page is BS. Take a look at https://groups.google.com/group/comp.dcom.xdsl/msg/9aeee32323c2978e?dmode=source&hl=en&pli=1 That explains it better than I can.

Meh... people have been attacking Getright forever. A lot of the magic is now useless (originally, you knew and could reliably write low level format codes to the MFM/RLL controllers, and if you wrote a particulary hard sequence of bits 00101010100010101 (note the triple-0 in the middle), you could flush out weak magnetics before they eroded your data (same as "walking 1's" in memtest).

Nowadays, IDE keeps a list of bad/remapped sectors and does all this in the background *as long as it's told to* -- if nobody ever reads offset 17543, nobody knows that is about to go bad (lets say ECC can correct for 1 in 96 bits, and right now there's an error in 1 of 108 bits), and over time, that will degrade to 1-in-96 at which time the data is lost. If SpinRite (or any other parity scrubber) reads the data while it's good, the drive electronics should notice the high error rate and refresh it. Some drives won't write the correct data back to the disk unless told to (it slows the drive down)...

My point about the ATA command is that Spinrite is only using standard commands; not undocumented commands or anything secret like that. However, what is "special" are the sequence of commands used to help the drive recover sectors that get a read error.

Ok, using what you just said, explain the "Dynastat Data Recovery" in Spinrite. To refresh your memory, that is where it claims to be working do

You seem to have it in for Spinrite, but it's not clear why. If you listen to Steve's podcast (Security Now), you'll know that he is very careful on how he describes the technical aspects of his products (including Spinrite). I'd be very surprised if you or anyone could point to any of GRC's literature on Spinrite that would prove he's "lying" about anything.

http://www.grc.com/spinrite.htm "and ALL OTHER file systems". Tell me, how well does Spinrite support UFS? EXT4? ZFS? Given that the ZFS driver code alone is several times the size of Spinrite that's not really possible. And filesystem support is important given Spinrite's braindead data recovery. If there is no knowledge of the underlying filesystem then Spinrite has no way of knowing if it is overwriting data, filesystem structure or empty space. Even if it was lucky and got empty space, there is no way for it to update the filesystem so you can recover the data.

How about this beauty from http://www.grc.com/srphysics.htm: "SpinRite is actually able to lower the amplification of the drive's internal read-amplifier". I don't think I even need to explain why that is BS. Tell me, which ATA or BIOS commands can do that?

In fact, that whole page is BS. Take a look at https://groups.google.com/group/comp.dcom.xdsl/msg/9aeee32323c2978e?dmode=source&hl=en&pli=1 That explains it better than I can.

My point about the ATA command is that Spinrite is only using standard commands; not undocumented commands or anything secret like that. However, what is "special" are the sequence of commands used to help the drive recover sectors that get a read error.

Ok, using what you just said, explain the "Dynastat Data Recovery" in Spinrite. To refresh your memory, that is where it claims to be working down to the bit level. You cannot address individual bits or even bytes on a drive, either with BIOS or direct ATA commands. And before you say something stupid about "averaging" or other mathematical BS, a modern drive can only return one of two things for a sector request. The correct data when the ecc matches, or an error.

You obviously have never really read what Spinrite claims to do. Look at that "physics" link. Anyone with even passing knowledge of basic science and how computers work can figure out that it is BS.

Still works 100% as HDD tech is still the same - just don't use on SSD's

Actually, Level 1 on SpinRite is fine for SDD, as it's read only. Which does what it needs to, verify the data is accessible, and the drive recognizes if the "sector" is bad. http://www.grc.com/sn/sn-338.txt

http://www.grc.com/sr/spinrite.htm

Isn't that a data recovery program? I recommend GWScan based off of wd data lifegaurd tools, supports all drives.

http://www.grc.com/sr/spinrite.htm

In other words, NOT this guy -> https://www.grc.com/x/ne.dll?bh0bkyd2 of "Shields Up" online security fame, correct?

* Just asking for clarification, photo's not the same guy I remember (and to cover "the" Steve Gibson (I say "THE" because he's well-known & this can 'trash' HIS good name)).

APK

P.S.=> I hope not! I state that mainly because despite the b.s. many others tried to spread about the guy over time? He's pretty damned good (his early work on disk checkers showed me that from the DOS days, as well as his frameworks for building Windows app in Straight Assembler alone, which is HARD ENOUGH doing it in C even (doing all window setup in API, doing your own scheduler loop etc./et al), overall, in computing &/or computer programming (but, not saying he's perfect, none of us are)... apk

according to https://www.grc.com/haystack.htm that's one hell of a password :)

"Within our dataset of several million visitors, only one in 64,462 browsers have the same fingerprint as yours."

I'm special! I knew mother was right!

Snicker... my browser's "fingerprint appears to be unique among the 1,935,397 tested so far."

Opera, I allow cookies which I then shift through for sites to put in my HOSTS file.

I know it's a site like GRC's "Sheilds up" https://www.grc.com/x/ne.dll?bh0bkyd2
I know better but still get a warm fuzzy being graded stealthy.

----
Thanks for posting this question. I've been thinking of putting
up a TOR site for public use, but for now pulling stuff out of my
rear as I know little to nothing about it.

This thread gives me more of a clue... Just need to figure out what a "Seven Chains" is :}