Slashdot Mirror
Slashback: Compromise, Bugs, Slag
Let me just slide your card a few dozen more times ... Any Web Loco writes "Following on from this piece on /., this story in the Sydney Morning Herald tells us that the company that got hacked (exposing up to 8 million credit card numbers) was Data Processors International. Not much to the story, but we now know who it was."
Another reason to be cautious about domains with "uk" in them. An anonymous reader writes "The Register reports that Nominet has looked at opening .net.uk up or killing it off and then decided it can't decide. The chair of sub-committee responsible, Clive Feather, is currently standing for re-election to Nominets Policy Advisory Board. The sub-committee he chaired had suggested shutting down net.uk entirely, which the main board rejected. His position must surely be under scrutiny by the internet community."
Interesting bugs are in the teeth of the beholder. dvdweyer writes "I myself do remember having read the whole interview with Bill Gates in Focus, a German weekly news magazine (their online service now seems to be part of MSN *yuck*). There are however resources online which provide full sources, in English, most notably RISKS in issue 17.43 (not 17.42) with a follow-up in issue 17.44."
When fan-subs just aren't what you want. May Kasahara writes "Studio Ghibli fansite Nausicaa.net now has official release dates for Region 1 DVDs of Kiki's Delivery Service , Laputa: Castle in the Sky , and Spirited Away , as well as official preview artwork of the disks and packaging. As a side note, the site now has a page up for Miyazaki's upcoming Howl's Magic Castle . See you at the video store on April 15!"
Fonts make your terminal much more useful. Russ Nelson writes "The Bitstream Vera fonts are available for trial use. Bitstream is still tweaking them, so they're under the provisional "no redistribution" license. You can download them yourself, though, and in about a month, put them in your software distribution. Kudos to X co-creator Jim Gettys for finally getting X some professional-quality fonts."
Dear Mr. Ashcroft: I hope you find this slag useful. eecue writes "Due to the recent MIT study concerning data recovery from old hard drives, we decided that the only foolproof means of data removal was complete destruction."
with more on Bill Gates' comments on bugs in Microsoft's code
/. to rag on? - You're just sifting for dirt.
;)
Reading earlier someone (Presence2) stated:
This interview occured in 1995.. don't you folks read? This was before 98,win2k,ME,XP and even NT was still OS2 in disguise. I'm sure Gates et al said a whole mess of stuff (128k memory?) that looking back now is ridiculus. Why drag a 7 year old article out for
Dont you even read users posts? Its amazing what you would learn
The site www.dpicorp.com is running Microsoft-IIS/5.0 on Windows 2000.
I hope virus creators don't find out about this one...
Bill Gates' attitude back then might have had an effect on the development of future OSes. I mean, just because it was so old doesn't make it completely irrelevant.
Still, one would hope that he has had a few changes of heart since then.
for destruction of magnetic data is to use thermite in situations where time is of the essence and less important than safety (eg, your base is being overrun), and acid in other cases. Both are quite effective, needless to say.
George W. Bush
President, United States of America
Now that's how I'd want to get rid of my hard drives.. Anyone have a furnace I can use to get rid of some crapped out drives that came from servers that have pissed me off?
Crash unexpectedly have you? Take that!
Turn them in to paperclips! Finally a way to come through with all those threats! HAH!
"We're so tough we're made of nerf!" --D&D Character Tagline
all 8 million credit cards were held by 6 families in an Alabama trailer park.
"And this is my boy, Sherman. Speak, Sherman." "Hello." "Good boy."
I can't wait for Sun to finish on their Oak project for interactive Televisions!
Anyone out there hear of this new free OS called Lineux or something? I think it was written by some student in Estonia or something. Two guys down in San Jose are starting up some company based on this product called "RedHelmet" or something.... but I'm sure they'll go out of business in a year.
I tried to go to their website, but I can't get my Mosaic brower to display these new Jpeg pictures.
"Can of worms? The can is open... the worms are everywhere."
10 Basic fonts are just what was holding me back from setting up a Linux desktop. Does anyone have time to set up a site where you give away true type fonts for free? That would be a great idea and I've never seen one.
This is not the greatest sig in the world, this is just a tribute.
In an earlier incarnation I used to work for the government doing military research. We had to burn all disc containing classified material. The reason given, since substantiated by a guy at the swedish equiv of NSA, was that a SQUID (Super-conducting Quantum Interference Device) could manage at least 25 overwrites, possibly many more. Our security officer built a large bonfire every spring of used hard drives and ignited them with thermite. T'was a grand sight!
(Elegance is not an option)
Why should it be .gb instead of .uk? The full and proper name of the country is The United Kingdom of Great Britain and North Ireland. People are more likely to call it The United Kingdom (which fully includes the whole country) rather than Great Britain (which excludes the people in North Ireland, many of whom most certainly want to assert that they are part of the UK rather than their neighbor to the south). I've certainly heard lots of people talk about "The UK", but I've never heard them talk about "GB". There's certainly no reason not to use .uk rather than .gb.
There's no point in questioning authority if you aren't going to listen to the answers.
was "after a few minutes we saw a toxic smoke" etc, etc. I don't know why but that made me laugh. For some reason I have visions of some geek smelling that shit and saying "that's not so ACK ACK ACK...thump".
So you can justify posting a 8-year old badly written and poorly translated article in an obscure German magazine merely because you think it's a novel way to "stick it to The Man"?
And here I thought that we'd never run out of material to generate amazingly insightful comments and unlimited nasal chuckles from the peanut gallery.
But I guess we've hit a new low.
For those of you without the tools necessary in the pictures above. A Road flare works wonders.
This from personal experience. I work for a rather large company. When we were upgrading from Windows 95 to 2000, many of the exec. at the company expressed concerns about the confidential data on their old machines. We Assured them that the data would be deleted.
We took the hard drives out to the parking lot broke open the drive, started up a road flare and proceeded to melt down the platters. We left the drive 'cool' down and took them back into our exec. and showed them to him. He was quite happy with the procedure. He asked that all exec.'s hard drive be treated the same. We decided at that point our supply of flares would not last so one tech mentioned that he had a blow torch at home. Next morning he returned with 10 nicly blown hard drives.
On another note, I've heard (someone please verify) that the military uses explosives to take care of old hard drives and storage media.
Ted
Fantasy remains a human right; we make in our measure and in our derivative mode... -- JRR Tolkien
I used to just throw mine into the nearest active volcano, until I found out some volcano-diving kiddie named d4r74 was reading them anyway.
Sheesh, evil *and* a jerk. -- Jade
No need for dd; its easy enough to write a script that will write 1's to your drive forever, or until the stylus on your drive melts.
I think the underlying issue is that all too often no one takes these kinds of precautions, or no one thinks to take them with a drive that's "Dead". Had a client send me a "dead" drive (awful clicking screeching noise, you know, dead.) Slapped it into an oven for a minute to loosen up the lubricants inside, and was able to write about 60% of the data off it before it crapped out for good.
The way many people take security, I think it's all to the good to tell them to toss a drive in a fire for an hour or so, just to make sure that the data is really gone. Half these jokers think DELETE actually removes information from the drive.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Okay, it's 8 years old, so it's irrelevant, but still, the most revealing comment to me is:
And it makes perfect sense! New versions should not be about bug-fixes. Being told to "Upgrade" should never be a valid response to someone complaining about a bug. Gates isn't saying bugs are in their on purpose, he isn't saying their good. He isn't saying they're in there because that's what sells. He's saying bugs are bad, bugs should be gotten rid of in any given version, and that a new version isn't about bug fixes, it's about new features. Isn't that what a new version SHOULD be?
Some software companies are bad at that. Some companies <cough, Intuit, cough> *DO* insist that to fix a bug, you must upgrade. That is stupid.
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
In some cases security has to take into account not only current threats, but future threats as well. Magnetic technology has been advancing quickly. A technology which can pack a terabytes in a square inch is also likely to be able to find and separate the remnants of multiple writes at today's gigabyte densities. If you have something you want to keep secret for the next decade or two, it's prudent to take extreme measures when you wnat to destroy it.
Nominet membership is a 400ukp one-off joining fee, and 100ukp annual subscription.
http://www.nic.uk/Members/HowToJoin/
I think you missed the point... We didn't slag the drive to get rid of data.. we slagged it becuase MELTING HARDS DRIVES IS COOL! Besides, 0 fills will only stop the curious not the devoted. MELTING STUFF IN A FURNACE IN YOUR BACK YARD IS COOL OK?
Very true. I have a friend who works for a large think tank up here in Massachusetts, and they had some critical data from a few years ago that they had to get off of a drive that had since been reformatted with a couple of different file systems and used for multiple different OSs in different workstations. (How the hell they ever figured out where the data was in the first place, I'll never know, but anyway
They took it to a commercial data recovery service and for about $500 they'll put it through one of those devices that reads weak quantum residues and get you back whatever data it was that you were looking for. Of course, the drive is in itty-bitty irradiated pieces, so you can never use it again, but it works
Okay, I didn't even realize the joke until I typed in the subject line. So, does anyone know what Vera looks like? The Bitstream fonts, I mean. Having high-quality good looking fonts is nice and all, but I'd like to know what they look like. Is there a sample picture of them anywhere? I haven't been able to find one.
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
Slag:
Is this one of those words, like fag and wank that means something horribly different depending on what side of the Atlantic you happen to be speaking?
I think we should be told.
--sex
Very popular slashdot journal for adul
No more ridiculus than looking back on Pearl Harbour or the Gettysburg Address. Humans learn from their mistakes, really clever ones learn from other peoples.
LOL.. you think some piece of $50 "recovery" _software_ is going to get anything off a drive? You're lucky it can read data that hasn't been overwritten at all.
It's a trivial matter to recover data that has been "erased" by writing 0's over it. TRIVIAL. It's a little more difficult if you write true random data mixed with alternating 0/1 bits (overwriting several times, in several passes), but recovery is almost always possible with the right equipment. Complete destruction is the only sure way.
This got modded up, why???
Slashbot morons.
There are a lot of things that are eight years old, or older. The Balkan Crisis, the first US-Iraq gulf war, U2's the Joshua Tree, HTTP .9, HTML 1.0, NeXTStep, the Simpsons, Unisyn 1.x, etc. A few of these things are of current interest because they're still useful/cool/relevant. However, even for the things that aren't currently relevant, they're still useful as historical perspective, especially if you start to look for cause/effect relationships.
Windows NT 4/5, based on the Chicago/Cairo projects, were being worked on clear back in 1994. The corporate culture, shaped by the attitudes of the execs, in turn shaped the software being developed -- software in broad use today. It's history, man, cause and effect, and sometimes it takes a few years (or decades) for everything to propogate -- despite American pop culture's mass ADD.
It's understandable, of course, to accuse slashdot editors/readers of knee-jerk pummeling of MS -- and most days I'm certainly ready to pick up my pitchfork and torch at a moments notice. But this seems to be genuine perspective. Gates is actually correct that moaning about computer woes has a partially social component, but one also wonders if a basically evasive response to the issue of bugs says something about the company that's given the market some really big security problems.
It's interesting that it continues, too. After one of the recent big IIS/worm problems (think it was Nimda) I remember seeing an MS spokesman say that the problem was essentially due to their being a market leader, that any market leader would suffer similarly. This argument seemed rather disingenuous when the actual leader in the space IIS occupied (Apache) had no comparable difficulties, and again seemed to come down to evasion of responsibility for bugs.
I think that's a thread throughout their history: mitigate importance of bugs, evade responsibility, promise more in next release. I don't think it's unique to them, and I'm not entirely sure it's bad business practices, seeing as how it seems to have won them an awful lot. But I like seeing the perspective. It's funny how the Jello makes more sense once you've seen the mold.
Libertarianism is rich wolves and poor sheep playing gambler's ruin for dinner.
Did anyone read the next article after the MS bug one? SMTP chicken and the social contract. It talks about how offended a guy was that someone had his own Domain with an MX record and was, get this, trolling while using the postmaster account! What an egregious crime against man!
Heh, just kinda reminds me of the day when the net was so innocent.
It turns out you can do that if you have some securely deletable way to store just one key (e.g. 16 bytes for an AES key). See here for further description and a link to sample code.
Who else heard "netcraft survey says..." spoken in Richard Dawson's voice when they read that?
(Of course, I frequently hear Richard Dawson's voice in my head. Werner Klemperer, too...)
Cheers,
Jim
-- My Weblog.
The Vera Sans Mono Roman is gorgeous. I'm making it my default terminal window font. Thank you, Jim and Jim!
My inclination as a chemist would be to pry the cover off of the drive, remove the platters and then soak them in a tub of rust remover aka Naval Jelly. That should pretty much take care of any data and/or media capable of retaining data. Once done some baking soda will do a nice job of neutralizing the mess.
Why? You need help writing a letter?