Passwords Can Sit on Hard Disks for Years

CygnusXII writes ""As people spend more time on the web and hackers become more sophisticated, the dangers of storing personal information on computers are growing by the day, security experts say. There are some obvious safeguards, such as never allowing your computer to store your passwords. But even that is no guarantee of security." "

No Guarantee of Security?!?!

[Paulrothrock]

Run for the hills! There's no guarantee of security! Everyone stop using your computers right now!

Re:No Guarantee of Security?!?!

[Three+Headed+Man]

I was going to say! My computer is perfectly safe! I unplug it from the internet between pageloads.

Re:No Guarantee of Security?!?!

[harrkev]

Of course there is a guarantee...

Just buy a boatload of ram and disable virtual memory. Problem solved.

Of course, you could always use Knoppix or something similar whenever buying on-line. This would also solve the problem for the truly paranoid.

Re:No Guarantee of Security?!?!

[SilentChris]

Not necessarily. Assuming I know what computers you've been too, and assuming Knoppix used even a tiny swap, I could probably get at some critical information. Not to mention tracing your ISP or whatever connection you used (who knows what they store on proxies).

Of course, if you're using Knoppix you look suspicious in the first place. ;)

Re:No Guarantee of Security?!?!

[DeckerEgo]

Yikes! You're right!

I know! I'll unplug my hard drive so I don't have to worry anymore! Then I'll be safe! Lessee... I think it's the cord right over he

Re:No Guarantee of Security?!?!

[CoughDropAddict]

Congratulations, you've solved the one specific attack described in the article! It's true, you really have solved the security problem once and for all.

Re:No Guarantee of Security?!?!

[Vindicator9000]

If you're using Windows:

Eraser is a GPL program that (among other uses) will overwrite empty hard disk space as many times as you specify. Simply change the pagefile size to 0MB, restart, and run eraser on free disk space. Tell it to overwrite 7 times. There's no way anyone's recovering it then.

Re:No Guarantee of Security?!?!

[pmwanner]

Actually data in RAM can be recovered too, depending on how long ago it was written and the memory chip has been used since then: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_ del.html

Re:No Guarantee of Security?!?!

[Lehk228]

Knoppix doesn't touch the hard drive at all, that is the whole point of a live CD, so no it doesn't use any swap

Re:No Guarantee of Security?!?!

[simcop2387]

That article talks about Magnetic and Solid-State Memory something which RAM is not, what they are talking about is Flash Cards and hard drives, not volatile memory that can be erased simply by removing power because the semiconductors don't keep the charge on their own, hence volatile memory.

Re:No Guarantee of Security?!?!

[harrkev]

Actually, you only need to overwrite once to make it invisible to the computer over the IDE cable.

There ARE methods to get data off of a hard drive platter that has been overwritten only once, but this requires the hard drive to be removed from the computer and physicly disassembled, and is quite expensive.

Re:No Guarantee of Security?!?!

[Vindicator9000]

This is true. I guess it depends on how paranoid you are about your data. The US DOD standards for outgoing hard drives (excess equipment is commonly sold at auction) require that we either overwrite them 3 times or stick 'em in the degausser before we give them up.

Re:No Guarantee of Security?!?!

[pmwanner]

That article talks about Magnetic and Solid-State Memory Yes, and in addition they explicitly cover RAM. Check out "7. Methods of Recovery for Data stored in Random-Access Memory".

Re:No Guarantee of Security?!?!

That takes too much work. See I don't have to worry about my users getting hacked for their passwords. They already tell everyone under the sun. So, walla, no hacking worries for me. Thank god for intelligent users letting me sleep easy tonight.

Re:No Guarantee of Security?!?!

[LookSharp]

Of course, you could always use Knoppix or something similar whenever buying on-line. This would also solve the problem for the truly paranoid.

Of course, because everyone knows that retailers all use crackerjack security and are completely impenetrable by malicious forces. :)

(Everyone always forgets that these are two-party-- or more-- transactions.)

Re:No Guarantee of Security?!?!

[thebes]

You COULD just unplug all your hard drives if you want to take it that far.

Re:No Guarantee of Security?!?!

[ElForesto]

So long as people are a part of the security equation, 100% security is a pipe dream. Pesky users... why do *they* need to be involved in the process?

Re:No Guarantee of Security?!?!

[Paulrothrock]

Friend, I have asked myself that question many times.

Handy Design Maxim: The IQ of the user group is the IQ of the stupidest user divided by the number of users in the group. Design your system accordingly.

Re:No Guarantee of Security?!?!

> ust buy a boatload of ram and disable virtual memory.
> Problem solved.

That works now, but (hopefully?) will not work for long. non-volatile RAM is a holy grail, and we may get there soon

Re:No Guarantee of Security?!?!

[jazman_777]

This would also solve the problem for the truly paranoid.

For the truly paranoid, any solution you offer is a problem.

Re:No Guarantee of Security?!?!

[fubar1971]

....so no it doesn't use any swap

It does if you don't have the minimum memory requirements.

From the knoppix website

"20 MB of RAM for text mode, at least 96 MB for graphics mode with KDE (at least 128 MB of RAM is recommended to use the various office products),_"

Not to mention, you can still mount your local drive and store data on it.

hmm seems like a whole lot of touching going on....

Re:No Guarantee of Security?!?!

[fubar1971]

I have been preaching that for years. I always say that there are only 3 steps to making a computer 100% secure:

1. Turn it Off
2. Unplug all of the connections
3. make sure it is Un-manned

Unfortunatelly this just is not practical, but is th only certain gaurantee to 100% security.

Re:No Guarantee of Security?!?!

[Cyberop5]

Knoppix will use linux swap space if there is any on the hard drive. You'd use the noswap tag when booting for forensics or more paranoid computing.

Re:No Guarantee of Security?!?!

[ScumericanNazi]

incorrect.

knoppix uses swapon unless you explicitly specify swapoff.

also mounting ext2 and reiserfs partitions in read-only mode will STILL write to the disk.

now repeat after me: Linux sux ass. Anyone ? just ribbing - he he.

security is not like your aunt may's apple pie recipe - you cannot afford to get it **almost** right. In security - either you got it right or you got it wrong.

Re:No Guarantee of Security?!?!

[squidinkcalligraphy]

Tiny amounts of the charge remain (just like tiny amounts of magnetic charge could be used to recover your disc image if you overwrote it with zeros). Impossible for mere mortals like us to recover, but for more sophisticated beings...

Actually, residual charge in RAM chips is even better if you keep them in the freezer.

So whatever you do, DON'T KEEP YOUR RAM IN THE FREEZER AFTER SENSITIVE DATA HAS PASSED THROUGH IT!

Re:No Guarantee of Security?!?!

[Lehk228]

if you already have a linux swap partition or ext2/3 partition then you are not very likely to be using knoppix, and knoppix will not write to an NTFS drive

Re:No Guarantee of Security?!?!

[ron_ivi]

also mounting ext2 and reiserfs partitions in read-only mode will STILL write to the disk.

you sure? I don't think so. note you can mount a CDRom read-only, and that doesn't write.

Re:No Guarantee of Security?!?!

[GbrDead]

No. If Knoppix finds a swap partition on a hard drive, it activates it.

Re:No Guarantee of Security?!?!

[nahdude812]

You can get data off of a disk after several writes also.

An analogy I use, which is not terifically accurate on technical terms, but which does a good job of illustrating the point is this:

Think about hard disk heads writing 1xxxxxxx or 0xxxxxxx when they store data on the disk. The 1 and 0 are the signal strength at an arbitrary magnetic value of 10^8, while the remaining lesser magnetisms are left more or less unaffected. Actually, whatever existed there has its power diminished, so you sort of see a digit shift to the right.

The next write makes sure to set the most significant power of the disk, but physics causes the magnetism that previously resided there to leave some impact on the actual charge. Let's say I had a 0 in a given spot previously. Now I write a 1. The overall magnetic charge is actually just slightly below 1, which I will represent as 10xxxxxx. You see, 0 represents a negative charge and 1 represents a positive charge (north or south if you will). So you can recover data from the previous write by seeing whether each charge is a bit above or below the expected charge here. The next write (let's say a 0) causes the charge to be 010xxxxx. The charge is slightly above a 0 (south), and even more slightly below an expected 01 reading. This continues on out to infinity actually.

Given perfect media, perfect measuring equipment (read heads), perfect write heads, and perfect storage conditions (zero magnetic drift on the disk), data could be read off of a disk that was stored there billions of writes ago. In this perfect circumstance, there is an infinite amount of data that could be stored on a single atom.

Of course in reality, write heads leave a charge plus or minus a few percent of their target charge, magnetic drift caused by media imperfections (such as media decay) and environmental factors (such as errant magnetic fields, eg, from the earth or surrounding equipment), plus a limitation on the precision of reading equipment means we can only recover data from out a few writes, depending on the circumstances. As far as securing your workstation goes, keeping it in close proximity to other electronic devices will strongly boost the chances that environmental magnetism will push individual bits on the disk out of the realm of being able to recover that data. Surprisingly (or not), inexpensive disks work better toward securing your data this way since they have lower quality write heads with a wider fluctuation of write power, and lower quality surfaces causing higher material decay and quicker data loss. These same disks though have a higher failure rate for exactly the same reasons.

All of this is why data destroying tools offer you a option for how many passes you wish to make over the disk. The more times you write, the less likely the data will be recoverable. 8 times is usually more than sufficient for IDE disks, I'd recommend 16 or more times on a high quality disk, such as many SCSI drives.

Re:No Guarantee of Security?!?!

[lone_marauder]

Knoppix doesn't touch the hard drive at all, that is the whole point of a live CD, so no it doesn't use any swap

Uh, no.

If Knoppix finds a Linux swap partition somewhere during bootup, it will use it.

Re:No Guarantee of Security?!?!

[fubar1971]

That's not true. I had an IBM stinkpad with 64MB of memeory and a 10 GB HD, running W2K. The drive was formatted NTFS. I used Partition magic to create a linux swap partition so I could run KDE. Once Knoppix was booted, I was able to mount, read and write to the NTFS partition. I think you might want to try using the distro, before you start talking about how it works. Try the forums, they are quite informative on how to do things.

Re:No Guarantee of Security?!?!

[harrkev]

While what you say is true, look at it this way...

A drive is designed to write a bit pattern to a secor, and read back the EXACT SAME bit patters. A written "1" is still a "1." Period. If it didn't then it would be a very poor drive, as you could not store data reliably.

Yes, I agree that IN THEORY it is possible to recover data from a drive that has been written over "only once." But, in order to do so, you have to disassemble the drive and read the actual "analog" magnetic value.

If the disc drive is leaving your posession, then write to it a lot of times to keep somebody from disassembling your drive and getting the data.

But if nobody has access to your hard drive, and you are only worried about script kiddies and such, the one write is sufficient.

Re:No Guarantee of Security?!?!

[nahdude812]

Yes, I agree that IN THEORY it is possible to recover data from a drive that has been written over "only once." But, in order to do so, you have to disassemble the drive and read the actual "analog" magnetic value.

True. In labs like the NSA has built near D.C., or like countless data recovery operations have built.

I was responding specifically to "there ARE methods to get data off of a hard drive platter that has been overwritten only once" which to me sounded like you were stating that only a second write was required to sufficiently secure your data if your drive fell in to malevolent hands. Sorry if I misinterpreted :-)

Re:No Guarantee of Security?!?!

[Lehk228]

If you went throught the trouble of making a swap partition and MOUNTING the NTFS partition it's not going to sneak up on you. I have used knoppix, But it had alot of issues not remembering network settings which should have been stored to my keydrive.

Re:No Guarantee of Security?!?!

[JayAndSilentBob]

1. Turn it Off 2. Unplug all of the connections 3. make sure it is Un-manned

But once you do that, I will walk in to the room and steal the computer.

Re:No Guarantee of Security?!?!

[kiwaiti]

How many CDROMs do you use with ext2fs or reiserfs on them? wow.

Kiwaiti

Re:No Guarantee of Security?!?!

[tmillard]

Knoppix will use a swap partition if it finds any. Why would a Windows(R) user have a swap partition?

Re:No Guarantee of Security?!?!

[ScumericanNazi]

You think wrong.

Linux Forensics - PDF

Yikes!

[mogrinz]

I've got to stop using c:\windows as my password!

Re:Yikes!

[kunudo]

Yes, change it to c:/windows... Then no one will be able to guess it.

Hehe

[mgs1000]

It looks like some reporter just discovered the page file. :)

Re:Hehe

[Reziac]

That was my thought too...

Back in the Win3.1x era, when the typical swapfile was still small enough to peruse with a hex editor, I cruised through my permanent swapfile with LIST, just to see what was being dumped out of RAM. I found data in there that was identifiably over 3 years old. And therein, I also found some passwords archived -- as plaintext.

Not to mention logfiles; I have some that stretch back several years, and I'm sure I'm not alone.

So I don't find this exactly "news" either. Then again, I could turn this into a rant on the "expertise" of the typical tech journalist... (one of my PC maintenance clients is one. Regular exposure has given me a complete lack of respect for the breed.)

Re:Hehe

[Gr8Apes]

This shouldn't be a problem with MS oses, as you have to totally reinstall your OS every 6 months, max, thus generally wiping out your pagefile.

Re:Hehe

[Jokkey]

The article does go into a bit more detail than that... They use a program called TaintBochs (probably hacked from the open source emulater Bochs) to track sensitive data and find out where exactly it goes and how long it's there. This sounds to me like a nifty hack, and they're actually doing research to come up with quantitative results on how long data sticks around, instead of just saying, "Um, yeah, stuff gets swapped out."

Re:Hehe

[Reziac]

Nah, reinstalling is just a sign of incompetence at dealing with Windows. And I mean that seriously. On average it takes Win32 about 3 years of average-user neglect and outright abuse to get to the point where it's nonfunctional, and even then it's recoverable with simple maintenance procedures.

As a SOHO tech, my job is not just to get the machine working, but also to get it to the state the client expects it to be in -- with all his apps and data intact (whether he has a good backup or not). I've only had to reinstall Windows *once*, and that was due to AOL5 FUBAR'ing both DUN and the entire WinEx/IE setup -- on a system that had gone five years with a PEBKAC owner and ZERO maintenance. I find it is faster and easier to resurrect the system than to hope to find all the body parts (apps, data, passwords, settings, CD keys, etc, etc.) and reinstall them where someone else expects them to be.

Of course, this is why my clients won't let anyone else touch their PCs, either :)

My own everyday setups date back to 1998 (Win95), 2001 (Win98), 1999 (WinME -- hasn't crashed since Sept.99, and this is a test box!!), 2002 (XP Pro). Plus I have a couple part-time-use Win95 machines that date back to '95 and '96. And my Win16 setup (1994) was finally retired at 7 years old. All are original installs and all work their asses off. -- I hadn't looked in WFWG's swapfile in some time, but it's a safe bet that if I inspect the CD where it's archived, I'll find data in the perserved swapfile that is now over 10 years old.

Re:Hehe

[Mortoc]

The fact that a password can sit on a hard drive is really irrevelent. If someone has access to your hard drive, they might as well just set up a keylogger and wait till you access a bank account or something, that would be much easier than wading through hundreds of megabytes of swap. This security hole is almost completely irrevelent, the only time that I would worry about something like that is when throwing away a a computer (which should be recycled anyway). Someone interested enough could go through your trash, removed an old hard drive and start snooping around.

Re:Hehe

[Reziac]

Yep, pretty much. If someone's that fascinated with your current personal stuff, there are easier and less-chancy ways to access the data. And if you're worried, use a wipe utility on that old HD before you trash it or donate it. Or if your tinfoil hat fits really tight, take the platters out and expose them to a hammer and a blowtorch.

IOW, tho the security issue exists, it's not exactly something to lose sleep over -- because if someone wants to compromise your security, why not get current data right from today's data input, instead of possibly-obsolete data of unknown relevance!

Re:Hehe

[operagost]

Too bad he didn't discover the setting in Windows XP that clears the pagefile on shutdown. Instead, he plays programmer and suggests that only a few measly lines of code will fix the problem; and no one will mind the huge performance hit because computers are so fast already.

Even if you aren't running Windows, other OSes like OS/2 will recreate a fresh pagefile on every boot.

Re:Hehe

[XryanX]

"Someone interested enough could go through your trash, removed an old hard drive and start snooping around."

Funny that you mention that. I've found a few laptops while dumpster diving, which of course still had data on the drives. I was responsible enough to not go through the swap, but the temp. internet files folder was another case. People look at some weird stuff on the internet.

Re:Hehe

[Gr8Apes]

Flamebait? Give me a break. Obviously a MS Fanboy.

Don't assume incompetence. Sometimes, portions of the registry just become unrecoverable and unrepairable, through no fault of anyone other than MS. Yes, I'm aware that there's a way to completely back them up and replace them, but sometimes, that's moot when the initial backup is already corrupted. With a good initial hardware/software setup and proper precautions, I too can run a system for years and years, and never have it degrade. (Ran a datacenter for about 4 years) Still, this doesn't address the fragility of MS OSes. Oh, and I have a 95 system that's been up since 96. Big deal.

Re:Hehe

[tacarat]

You're right, assuming you maintain possession of the hard-drive until it's melted into slag or similar. Antics that can occur when you are away from your computer aside, if you ever sell the computer or even just the hard drive, the data is still there unless you perform a thorough data wipe (formating the disk isn't enough). It's about the same if you think the hard drive is broken and throw it away. A dumpster diver with some hardware skills might be able to get it working long enough to do a raw dump of the data to a more stable media. Slashdot had an article about two MIT grads who did data recovery like this with drives purchased at flea markets and eBay back in January.

Re:Hehe

[Reziac]

No, I'm not a M$ fanboy. You'll see me bitch about their business practices, and sometimes about their software, as often as anyone here -- you want to see software flamed to a crisp, get me started on M$Office! and just wait til I catch up with the idiot who thought "browser as your desktop" was such a great idea, or the moron who didn't fully test the .MSI installer on Win98. And as to M$ getting in bed with DRM/media... that's why I keep hoping for a *NIX desktop I can next-gen my clients to, but so far it hasn't happened.

But in my experience, whining about *Windows* instability is based more in ignorance, and failing to consider the influence of bad hardware, than in objective reality. Considering all the random shit hardware people use, the ill-mannered software that abounds these days (most no longer bothers to clean up after itself, but rather expects Windows to do it for 'em), and the ignorance of average users, Windows gracefully absorbs a helluva lot of abuse. Yeah, it's possible to mangle the registry, but that's actually pretty rare; I've not seen it happen in years. And yeah, there are security holes and stupid default settings, but that's hardly unique to Windows (see the concurrent /. article about the router! talk about a field where they should know better!!)

I also have a Mandrake box, and while I generally like it well enough (tho I view BSD as more mature than linux), I do find it a whole lot easier to confuse or crash. Lordy, the lockup I get if I accidentally feed it a bad CDR!! Have to power down to get the CDROM drive back.

Re:Hehe

[mattyrobinson69]

hmmmm.

i have two words for you: "bollocks."

Re:Hehe

"bollocks"

????

What? You don't believe some portion of his story? Perhaps the one about finding Linux easy to lock up? My experience with Linux was similar. I'd have things working nicely and then BAM, put in a floppy with a bad sector and things would go to hell in a handbasket. Forget the good old three-finger-salute. Sucker just sat there unresponsive. Hard reset or power down only thing that would fix it.

Try the same floppy with Windows and I'd get a temporary lock up of the system then a nice ARI dialog.

Re:Hehe

[mattyrobinson69]

so as to not affect karma, im posting AC.

anyway:

i do believe linux can lock up - my slackware box has been going crazy recently - must have locked up at least twice in the last 6 months (both in a week, must be my fault).

my point it, most linux distro's are much more stable on default install than default windows installations - especially 9x.

ive never had problems with floppys with bad sectors - it just says the disk is the wrong FS or something like that.

you must have been unlucky with that distro/custom config/something

Re:Hehe

[Tlosk]

There's a fanboi here all right, but it's you. A conversation means actually making points and giving your reasons. Diatribes are just randomly spewing invective. Try having a conversation sometime, you might even like it.

Re:Hehe

[Gr8Apes]

The MS Fanboy reference was for whomever mod'd my original comment "flamebait". It was not in reference to you in any way, form, or fashion. Perhaps I could have been clearer?

Next topic: bad hardware - while I hate Compaq with a passion for various reasons, their hardware is not "bad" as in generally unreliable hardware. (Although once something does go bad...) I've had numerous failures of OSes with no new installations of anything on those boxes. Matter of fact, Win2K server with IIS, just keep adding websites.... somewhere between 6-13, the entire system will self-corrupt. Try it sometime, last time I checked, SP4 didn't fix this issue. Is it a small wonder IIS 6 now allows for a separate process per website? (Hint, it wasn't only performance driving this, IIS pre-IIS6 was not scalable)

My experience is that Windows does not gracefully do anything. Matter of fact, Windows is the reason that the software/user abuse exists to begin with. (Windows is almost synonymous with MS in this scenario) I do not blame Windows if my cheap ATA RAID controller (

I agree the Netgear Router backdoor is ridiculous. As for Linux or BSD, if you're crashing it, you're definitely having issues. I've run Slackware, RH, and Debian, and I too have bad CDRs. The Debian install disks actually, after the initial boot disk, the installation files were partially on bad sectors, but there was no lockup. Then again, I've not run Mandrake, nor do a do much with CDRs once a system is installed in Linux. Those boxes are generally server type boxes or test sandboxes, and thus rarely is the core changed.

Re:Hehe

i dont know what some of those words mean, but im sure i dont like them. an arguemtent (and by extention conversation) is more useful if you dont use words which all party's dont understand

Re:Hehe

[Gr8Apes]

Heck - Karma be damned. Karma goes up, it goes down, what does it mean in the world at large?

As for locking up, yes, of course Linux can lock up. Any system can. Some just do it more often than others. Some do it daily (BSOD comes to mind;). Others can get systems to run for long periods of time. I still recall that Gates came out and said NT 4 boxes should be rebooted weekly. We ran ours a minimum of a months between reboots, and had a record of 3 months before we had to reboot for some reason during testing. The monthly reboot was acceptable for our SLA at that time. Weekly was not.

Re:Hehe

[kscguru]

Close, but not quite. Missing one thing: if you only have read-only access to the hard drive (for some reason or another). 1) Maybe you found some sort of image file sitting on a server. 2) Maybe you stole someone's computer. Keylogger is useless because that person's not using his/her computer again. It's pretty easy to encrypt the filesystem - what about other channels (like suspend-to-disk?)? Worse, the systems ended up with the whole password in cleartext. Try it - run "strings | wc" on /proc/kmem as root, see how much comes up. It's only a couple thousand strings, and passwords were sitting around in them plain as day.

Re:Hehe

[kscguru]

Much more involved than that, I assure you. The question is, how long does that information sit around in RAM? There are a few tricks to prevent memory from being swapped out (note: they aren't guaranteed to work on some OSes, like Windows!), which is the page file you describe, but our tracking was at the level of bytes floating around memory. Potential sources of leaks: 1) Laptop suspend-to-disk writes out your entire RAM state to the hard drive. Care to bet on the safety of the encryption? I wouldn't... 2) you are running some sort of virtual machine, which you log out of and then suspend. Someone obtains the suspended memory image. 3) Public kiosk. You walk up, log in, fool around, log off, and walk away. The person behind you comes up, logs in with root privilages, then starts shifting around in the kernel's memory looking for anything you typed. The person doesn't actually have to have root - maybe he has a root exploit. Yes, the system is much more involved (I'm quite sure - I wrote parts of it!). ;-) At the same time, I agree it's a pretty hard attack to mount. The catch is, it's finally possible to mount the attack in the first place - and no one is studying the risks involved. I too think the risks are small - we were trying to quantify them.

Re:Hehe

[mattyrobinson69]

no, karma doesn't mean anything in the world at large, but i dont want it to go down unnecicarily (i know i cant spell, my hand writings worse!)

whats your point? 3 months isn't great. My record on this computer is 2 days (compiled kde, didn't write the script too well), but thats because i usually turn it off when i go to bed)

Re:Hehe

[Morris+Thorpe]

Two things:

So should we define "news" as anything new to *you* then?

a complete lack of respect for the breed
I wonder if he or she thinks all geeks are condescending and pretentious.

Re:Hehe

[Captain+Splendid]

Very good points. As a tech, I try to do the same myself as it makes the customer happier and means more return business.

But at home, I prefer a clean reinstall about once a year, and there are several reasons for this:

-I run my computer like I own it, ie as hard and as fast as I feel like. After all, I built the damn thing, I know what it can do, and what limits I can push. This leads, despite best efforts, to bloat, corruption and slowdown.

-Doing a clean reinstall also helps me learn more, to discover what settings change what, how and when particular hardware and software quirks pop up. It also gives me a clean slate to try new things, like the first time I successfully triple booted a system (98, 2000 and Mandrake).

-Not to mention that I'm a firm believer in partitioning, so getting back up to speed takes a couple of hours at best, during which time I have at least one other fully-functioning system to pass the time with :)

-Last but not least, you do things this way long enough and it'll teach you just what constitutes "essential software". Plenty of crap out there I've learned I can live quite happily without.

Re:Hehe

so as to not affect karma, im posting AC.

No, you're not. Try the little checkbox next time.

Re:Hehe

IIS 5 does allow sites to run separate process.

• Right click on your site in IIS MMC ->
• Properties
• Home Directory tab
• Application Protection -Set it to High (Isolated)

IIS creates a new COM+ app, and you will see another instance of dllhost.exe in your running processes.

So sick of stupid bastards talk crap about stuff they don't know - of course this is /.

Re:Hehe

[mattyrobinson69]

ah - i ticked the box, wrote the post, copied the text, and went back and had a look at the grandpairent, came back, pasted - must have forgot the second time round

Re:Hehe

[citog]

Oops, mind that karma Matty :)

Re:Hehe

[Reziac]

Ah, well, nothing personal then :) By coincidence, I have mod points today, but I only mod up, never down; there are enough zealots and bigots overly-willing to trash "dissidents" as it is.

Like most OEMs, Compaq had their good server line, and their shit consumer line. A while back I saw a post by a former Compaq employee, saying that one reason their consumer systems were so bad is that Compaq bought seconds and defective components, specifically for use in same -- frex, they bought Matrox's video cards that failed QA, and bad video hardware and/or drivers is the #1 cause of Windows being unstable. So it's no big surprise if you saw a lot of 'em with issues. (Packard Smell used to do the same thing -- used any parts they could get cheap.) IMO this practice borders on fraud, but how is the average consumer to know?

Are you sure the IIS issue isn't with IIS, not Win2K? cuz 2K is pretty good by itself; XP isn't that different, and it's the only thing I've got that can handle Macromedia's evil-tempered current software (by chance I don't have a 2K box right now**). But IIS on NT4 was right horrible, and could be crashed with just a browser, by doing a bunch of gets and aborts in a row. (When the Assessor's office NT4 webserver got cranky, this was how I ensured it'd be rebooted bright and early the next morning, so I could get another couple days use out of it.) And 90% of the hacked FTP sites I've seen are running NT4.

I don't know what's with Mandrake (which I probably should update, it's still on old 7.2) and bad CDRs. AFAICT the problem is that LSL left the session open (tho I couldn't get anything to fix it. Windows will halfassed read the disks on the same hardware or do no worse than spit them back.) In my periodic foray into linux (in pursuit of that hoped-for "future desktop for my clients") I'd tried a bunch of concurrent distys, and the others that installed also had trouble with some CDRs, so it might be a kernel bug of the era??

** Tho W2K is installed on a junk HD, which one day I accidentally hooked up to a 486DX4-100 with only 8mb RAM (I use that box as a HD and SIMM tester) ... took about 3 minutes to boot up, but once it got to the desktop, it was actually usable. I was amazed that it ran at all, let alone as well as it did!!

Re:Hehe

[Reziac]

Karma determines what type of bug you'll come back as -- software, hardware, or wetware :)

For a while I had a RedHat6 system, and it crashed more than any other OS I've ever messed with. (Win95 on the same hardware goes years between crashes.) Conversely the MDK box hasn't crashed except for the CDR issue, tho it's not been up enough to really exercise it. -- While we're firing up the karma BBQ [g] I should mention that over time I've become a thoroughgoing Intel bigot wrt CPU and chipset; it makes a world of difference for Win32 stability. (Conversely Win16 doesn't much care what it runs on so long as no Rockwell modems are involved.)

I also tend to resist rebooting, and think it's perfectly normal to go weeks or months between resets (or *years*, for DOS systems). I've noticed the XP box tends to get a little flaky after 6-7 weeks (but it's also where I run all the evil-tempered apps that aren't housebroken), whereas Win9* behaves itself until resource leaks accumulate to the point that the heap runs short (8-9 weeks on hardware that doesn't trigger the timer rollover bug). I know a lot of people don't reset their W2K boxes more than a couple times a year. Of course, if that's all a person wants, they should run an old version of Netware, and go decades between reboots :)

Re:Hehe

[Reziac]

I have a whole houseful of computers (mostly built from salvage), so I'm not dependent on just one system. Hence my everyday-work boxes don't need to be learning systems, and tend to get set in stone with the apps that I already know I like, And they never get used for experiments, because nothing infuriates me like my heavily-customized setup getting trashed by some ill-mannered app.

Conversely, whatever is currently the test box gets every sort of crap installed, uninstalled, poked at, twisted, abused, and when some new OS comes along to play with, might even get wiped and started over. But those boxes are never expected to do Real Work.

The WinME/XP box started that way -- whatever came down the pipe got installed there to see if it was anything I cared to keep; sadly, Sturgeon's Law applies to software as much as anything else ("90% of everything is Crud"). Even more sadly, this box eventually became Useful, which is why it is no longer considered a test setup. And why the WinME side is much more cluttered with outright junk than I'd normally tolerate in a work system. Bloody amazing that it's still 100% stable.

My first everyday-work system was a 286 with a 20mb HD that I really had to work at to optimize and make all my needful apps fit, and after a couple years of tweaking, I literally knew every one of its 693 files by sight (that is, I could ID 'em with a hex viewer). So I know what you mean about learning to make the most of what you've got and figuring out what is crap that you don't need or want. There's no better teacher than not having quite enough system and having to do the best you can with it. And it changes your outlook, too -- that much work is just not expendable. Why should I consider a client's customization work expendable if mine isn't?

I'm so used to multiple partitions, that a drive with only C: just looks wrong :)

(And who the heck is Guybrush Threepwood??)

Re:Hehe

[Halvard]

On average it takes Win32 about 3 years of average-user neglect and outright abuse to get to the point where it's nonfunctional, and even then it's recoverable with simple maintenance procedures.

I'd have to agree.

Nah, reinstalling is just a sign of incompetence at dealing with Windows. And I mean that seriously.

On this I have to disagree. Given the price of equipment and software today, it's frequently less expensive to replace a PC running Windows and Office and transfer data than it is to correct some of these same problems. Granted, I can still repair OS problems, restart performance, etc., but frequently it's not worth it.

Alternatively, if you have store all data off of the machine and maintain a generic image for the OS pre-driver install plus an image with applications and patches and the like, than you can restore the machine to operation pretty quickly too.

People and businesses tend to be pretty cost aware these days. With new computers from Dell starting at $399 and new computers being substantially more powerful in all respects to several year old hardware, 4-8 hours of tech time can buy them out of the jam too. While I'd like that money in my pocket, I have an obligation not to soak them. If it's $1000 to fix an old and substantially damaged operating system or $750-1000 to replace and transfer data (including patching the new machines with updates), clients tend to go with the later. The exceptions tends to be anal ecentrics who are afraid of any differences or those that can't wait a week for shipping and scheduling of time.

My Windows systems tend to be like the previous posters: A strong mix of older operating systems and hardware that stay around for years. And that's with being software testbeds as well as everday desktops. Hardware testbed don't survive as long probably because of ESD and frequent power cycling.

I used to feel the same way about recoving versus reinstalling. But these days, people sweat the dollars more. Especially with the mindset that the value of the hardware establishes in their minds the value of the system which of course is incorrect thinking. It's the value of the data and productivity. But that's a touch mindset to shake.

Re:Hehe

[Gr8Apes]

Ours were isolated, as it was the only way to get above 5 sites and run a mix of separate certificates. However, IIRC they run as a shared memory model even when they're separated, meaning they all share some common base functionality, ie, they are not truly separated, just their specific config is - standard MS crap, otherwise how could you take down all sites by merely killing the inetinfo.exe process? Yes, they're child processes, I know, but one hung child process can take down the entire webserver, which happens not infrequently with HTTPS btw on that particular system under that configuration. Basically, they're not independent processes.

Personally, I think "stupid bastards talk crap about stuff they don't know" shouldn't post. I could say I'm sick of stupid asshole holier than thou ACs throwing insults, but what good what that do? dumbass.

Re:Hehe

[Gr8Apes]

I skipped RH6, went from 5->7. No problems with that either, the firewall ran for about a year before the box got reclaimed when I got an 8W linksys router (doesn't do everything, but does enough, and only 8W!)

As for Intel CPU/chipsets, the CPUs were the best performing, the chipsets were quite stable, although definitely not the best performing. However, my next CPU purchase will be an AMD Opteron. We've tested those at work, and a 2-way NUMA machine is something to behold. Intel isn't even in the ballpark, esp when you go beyond 2-way machines. As for rock solid, they appear to be. (After all, Opterons gained a lot from their acquired former DEC Alpha employees, and it shows!:)

For 32-bit athlons, I'd agree, I'd run those only on home systems where stability isn't as much of an issue, but performance is. They truly do outperform Intel at the price point, esp if you go duals, Intel again can't play in the ballpark.

As for rebooting, that should only be done rarely, and then only if you're truly doing something that should require it (like adding a new hard drive or otherwise mucking about with the physical internals. After all, I'm not paying for hot swap systems for home use! ;) Oh, and installing a new OS/kernel allows for a reboot as well. Can't forget that, eventually you'll want to upgrade that box! :-D

Finally, just an aside, I think Intel's already lost. They're falling back to the P6 architecture for their next CPU, having ditched further development on the dead-end P4. They will be dual core, which is kinda neat if it happens, but by the time they get there, AMD's 64 bit chips may have made the entire situation moot, especially if AMD's 2+ way CPUs drop in price, as they surely will by whenever the projected rollout date for Intel's dual core CPUs comes around.

Re:Hehe

[lone_marauder]

IOW, tho the security issue exists, it's not exactly something to lose sleep over -- because if someone wants to compromise your security, why not get current data right from today's data input, instead of possibly-obsolete data of unknown relevance!

Because that Asian rape spam that popped up into your preview pane 2 years ago may not be a daily occurence. The FBI loves pulling up ancient JPG fragments from swap in their ongoing efforts to protect children.

Despite what you may have heard, the legality of pornography is of no relevance to prosecutors and judges; the first time the question of age comes up with regard to the subject of any particular photograph is when the jury is looking at poster size blowups of whatever they scraped off your hard drive.

To prevent fascism (or at least thwart it), do the following. Set the not-commonly-known "clear swapfile at shutdown" windows registry key:
HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown to 1
Wipe your empty space and slack space regularly with something like eraser. (Interestingly, I don't know of a way to accomplish these things when using Linux as a desktop OS. If anyone knows of a way to clear the swap partition on shutdown or to clear not only free space on the hard drive, but also cluster tips (file slack), please let me know.) When finished using a hard drive, or any time you have cause to format it, boot up to rescue mode from any Linux distro's boot CD and dd if=/dev/zero of=/dev/hda (or whatever device your hard drive happens to be).

I have had access to the tools the bad guys (FBI, et. al.) use to extract evidence from your hard drive, and have seen that these procedures work brilliantly. Of course, I've also seen prosecutors derive character witness testimony from the very fact of using a program like eraser (only bad guys know this much about how to hide computer evidence!), so YMMV.

If you don't happen to live in the United States, treasure your freedom and fight to protect it.

Re:Hehe

[Reziac]

Reimaging is certainly much more cost-productive in a commercial environment where every system tends to be much the same hardware, and your users all have pretty much the same apps and are on the same upgrade cycle. In that case it's definitely not worth the time/expense to track down and fix problems -- just reimage the thing and call it good.

But for home users, and SOHO systems that are... um, shall we say, paragons of uniqueness [g] -- reimaging or restoring from backup are out of the question -- as a rule the disk images/backups don't exist, they have every which app installed and tweaked every which way, and seldom know where all their install disks are (assuming they even have 'em -- driver disks tend to go walkabout). A couple hours to track down and fix what ails it is a helluva lot more cost-effective than reinstall, on the same or new hardware, than trying to find all the missing body parts.

And I'm actually looking at the productivity value -- home users take weeks or months to get used to a given setup, and get all dyswhackied if it changes. Move an icon and they panic. If an app doesn't work exactly like before, they can be out of business until they relearn it.

I figured out it would take me a good two weeks, as a full time job, to resurrect any of my work boxes from scratch -- and that's even having some idea where all the requisite software is stashed. And even then I'd probably not remember just how I got Weird App A to play nice with Cranky App B, and would waste a lot of time figuring it out again. Most SOHO systems aren't that extreme, but you can count on 5 to 6 hours to rewhack 'em from the ground up. Backups are lovely, but most folk don't make any. (Or... "What did you do with that backup CDR I made you? you don't KNOW??" Bah, now I confiscate the backups; they're naturally out of date by the time I'm called to fix something, but when they've trashed the HD, still better'n nothing, and most of the apps will be intact.)

[eyeing stack of CDRs] And I suppose I should spend an hour or two... er, make that a day or two... making a new set myself, Real Soon Now...

I do put the "value to the user" at about two hours worth for fixing (if I can't get it done in that timeframe, at least to a point where it's stable again if not 100% perfect, I figure it is probably beyond salvage anyway), and let them decide if they prefer that, or a whole new monkey. So far, everyone I've asked prefers to get their old system back into useable condition. But as noted my clients are all SOHO; enterprise is another beast entirely.

Re:Hehe

[Reziac]

Yeah, from all I heard, RH5 was good; never heard much about RH6 but I had it freeze every which way, from naked CLI to the default Gnome desktop (slowest damn thing I've ever seen) -- tho the KDE desktop seemed stable, and I like it a lot better anyway. -- One day it decided that it no longer remembered my login password (how can you forget "password"??) and clearly it wasn't worth the bother to fix, so it went away. Then to add insult to injury, the boot loader didn't uninstall cleanly, so now every time that machine gets rebooted, I see "moved or missing IBM loader, press any key to continue". Hence I no longer dual boot among different *types* of OS -- now DOS/Win** live on one box, and *NIX lives on another!! I prefer this cowardice to hosed boot sectors. :)

I figure performance doesn't mean squat if the system isn't stable. AMD was the better-performing and more stable CPU back in the 486 era, tho over the long haul, I've noticed their longevity is poor compared to the concurrent Intels (even worse than Cyrix was). -- I don't know about AMD's newest models, but for a while I tracked CPU vs complaints of "Windows is unstable" in the XP newsgroups, and while AMD had only about 10% of the market, AMD-based systems generated about 70% of the complaints (and of those, about half were VIA chipsets). Eeep!!

I think you're right that 64bit CPUs will be a whole new war, and whoever gets into enterprise systems in bulk first will grab the brass ring. But Intel has a habit of surprising us with tech that leapfrogs over all the current offerings, so I wouldn't count them out just yet. But whoever makes the most stable CPU (that runs with a stable chipset) in the next era will get my dollars, even if its performance isn't the front runner.

Yep, that's my philosophy -- rebooting is for new hardware; otherwise don't bug me! :) I was moderately amazed that the crappy parallel port scanner someone gift me is treated as a hot swappable device by WinXP. (UMAX used to be so good, but this one sucks... my old HPSJ5, at 1/4th the optical resolution, makes better scans.)

Re:Hehe

[Reziac]

Yes, you're right about those extreme cases -- I've heard of instances where an overzealous agent, bent on nailing someone, emailed them some kiddie porn, then knocked on their door demanding to see if it was still on their HD. And that was in the supposedly justice-loving U.S. (where I happen to live).

As to what would happen in a country where any sort of porn is illegal, the justice is summary, and the penalties are draconian -- never mind the tinfoil hat, in that case you need a suit of armour plate!!

That's definitely a problem with tools like eraser, PGP, etc. -- they're like waving red flags and screaming "I'M UP TO SOMETHING!!!"

Re:Hehe

[RogerWilco]

I think unstable systems have at least as much to do with the motherboard and RAM as with the CPU, and AMD/Cyrix used to be on the cheaper combinations.

Re:Hehe

[WarlockD]

I have to agree with you. Allot of the problems that CAN be fixed just aren't because of tech's inexperience.

I should know. While I am familiar with the registry and how it works, I don't know how or what to fix in it. Its like a mechanic who can't figure out why the car's engine isn't working. From his point of view, yanking out the old one, and putting in a new engine that he knows works is the best course of action.

Re:Hehe

[Gr8Apes]

First, that IBM missing/moved boot sector is easy enough to fix/replace with an old version of Partition Magic or OS/2.... ;)

Early VIA chipsets for AMD were terrible. Even now, they're barely stable, or at least my experience says that. Lots of wierd driver issues with those. However, if you wind up getting a good stable set of drivers installed and don't install the latest MS gimmickery (I know, I know, not a word) you'll find AMD to be another long running CPU (both Athlon and Athlon XPs). You will, however, need quality RAM. I found AMD systems to be much more sensitive to RAM issues than Intel systems.

Currently, unless Intel has a completely muffled offering coming out in the next 3-5 months that no one knows about, they're out of the 64 bit game.

Re:Hehe

[Reziac]

That's true -- cutting corners on one component usually means cutting corners on ALL components. The two points most such folk cheap out on are motherboard and power supply, meaning the system's whole foundation is shaky. But even on all high-end systems, there's variance in stability, and per all I've seen, AMD of the post-486 era was a clear culprit.

As to longevity, I judge by what I see in the rickety antiques some of my clients have, and the heaps of castoff PCs that come my way... as popular as the K5 was as a cheap alternative to the Pentium, I've not seen a single one that still runs. I have seen some surviving Cyrix systems, but the huge majority of old-timers that still run are Intel.

Re:Hehe

[Reziac]

I don't claim to be a registry mechanic either [g] tho I'm comfortable with hand-editing it as needed -- but I've done so since the Win16 era, so by now it all looks familiar. (How to impress a client: open up RegEdit and say "Hmm!" a lot. :) And I do snag any books on the subject that I see.

However, my basic everyday tool is Toniarts' Easycleaner, free from http://personal.inet.fi/business/toniarts/ (DON'T get roped into paying for it from the old toniarts.com page, that's now bogus). I've been using it on every species of Win32 for 4 years now and have never once seen the registry or start menu cleaners screw up. It will fix 99% of registry-related issues, simply by cleaning out the debris. On the worst case I ever saw, it killed off 8 MEGS of junk entries. That and a defrag, and a formerly-unstable box was good as new! Most of the time, that's all it takes.

While one hears a lot about the registry being corrupted, I've personally only seen it once, when Win3.1 got in a fight with a Rockwell modem (the modem was specifically at fault). You can export the entire thing to a textfile using Regedit itself -- I do this on a new system to make sure I've got a good clean human-readable copy, but so far have never had to use it. Ditto for the occasional backups I make.

IMO most "corrupted registry" issues are not corruption at all, but rather conflicts due to dead entries that need deleting, readily fixed with EasyCleaner.

I don't recommend using the Nuts&Bolts/Symantec registry and system cleaner tool, as it seems to be overzealous about removing stuff it doesn't recognize. (N&B also tends to make the system unstable.)

Re:Hehe

[Reziac]

Or I could root around til I find the archived boot sector (saved with GET_MBR) ... trouble is I'm not dead sure which one it is, some moron forgot to label 'em clearly (ooops :) ... and at the time it was still a test box so I wasn't all that careful. As sometimes happens, it grew into being an everyday machine, and by then it was a little late. Oh well, it doesn't kill me to "press any key" 5 or 6 times a year. :)

Yeah, VIA doesn't impress me at all. I gather one major problem is that they're horribly sensitive to noise from PCI devices, and you'd bloody well better have the latest and greatest drivers. Conversely, I haven't even bothered installing the motherboard drivers on my Intel-based boxes, and they don't feel the least bit deprived.

I don't think the 64bit race is even started yet -- enterprise uses are just getting started, and consumer/workstation uses are barely a gleam in the IT dept's eye. Once 64bit becomes standard, then it's time to call the winner. Until then, it's all speculation. I'd say Intel has at least until Longhorn comes out to get a good entry into the race.

Re:Hehe

[Captain+Splendid]

I'm so used to multiple partitions, that a drive with only C: just looks wrong :)

No kidding, it's like a dozen paradigm shifts ago. I always have to restrain the urge to partition client's machines with a part for OS, swap, apps, files. It's the first thing I do with any of mine, and it has saved me countless hours of agony.

(And who the heck is Guybrush Threepwood??)

The Secret of Monkey Island. Quite possibly one of the funniest games I've ever played. Worth a download from your local P2P network. I'd give you my copy, but I think it got lost with the 386 I played it on.

Re:Hehe

[lone_marauder]

Yes, you're right about those extreme cases

Who said anything about extreme cases? This is bread and butter stuff for the FBI. An ex-girlfriend files a porn complaint, which turns into a search warrant (as the PATRIOT act is implemented, this step is less and less important). Then they come take ALL of your gear. If any of it has ever been used to view pornography (deliberately or otherwise), and unless extraordinary precautions are taken, you are going to prison. At prison, try to get segregated as quickly as possible. You will have been convicted of child pornography, which every other inmate will interpret as "you diddled with my children while I was helpless in this hell hole." If you survive prison, you will have to register as a sex offender for the rest of your life. Enjoy!

Re:Hehe

[Reziac]

If I set a machine up from scratch, or ever do a major reworking, I always do at least 3 partitions -- for boot OS, swap, and whatever. (I also seem to think Windows belongs on F: or I:, the legacy of my first 486's setup.) Swapfile on a dedicated partition ensures it never fragments, which removes one eventual source of problems even if the user does zero maintenance. I also archive the initial OS install there, and browbeat the client until they agree never to touch it. [g]

By coincidence, I've got some unknown person's (more'n likely Jerry Pournelle) castoff copy of The Secret of Monkey Island in the retail box, with floppies dated 1990 (gods know if they're any good, tho I might have archived them when I imaged a heap of other install floppies), But I've never installed or played it. I'm a DOOMer myself... if I haven't killed a few hundred hellspawn, my day is ruined :)

Re:Hehe

[Reziac]

If it were an everyday thing, everyone here on slashdot would already be in the can, if only for linking to the goatsex guy. There are a few rogue agents and a few overzealots, but in the past 12 years or so, I only know of one *documentable* FBI vs porn raid, and that was the infamous case of Downtown BBS and the underage Traci Lord stuff someone had uploaded (I don't recall offhand if it was done as entrapment or not).

I've *heard* of a couple other cases in that timeframe, one involving an AOLer, but have never seen any documentation.

Re:Hehe

[lone_marauder]

There are a few rogue agents and a few overzealots, but in the past 12 years or so, I only know of one *documentable* FBI vs porn raid, and that was the infamous case of Downtown BBS and the underage Traci Lord stuff someone had uploaded (I don't recall offhand if it was done as entrapment or not).

I have performed expert witness testimony in several cases. You want documents? I got a couple of hundred pages right here in my office, to say nothing of first hand personal direct experience.

Re:Hehe

[Reziac]

Okay, if you've been there/done that, I give that somewhat more credit (one becomes accustomed to allowing for too-tight tinfoil hats around here). Next question .... why is this completely under everyone's radar? you'd think some civil liberties outfit would get involved, kiddie-porn stigma or no.

Re:Hehe

[lone_marauder]

Okay, if you've been there/done that, I give that somewhat more credit (one becomes accustomed to allowing for too-tight tinfoil hats around here).

I completely understand.

Next question .... why is this completely under everyone's radar? you'd think some civil liberties outfit would get involved, kiddie-porn stigma or no.

You're not going to like the answer to this one. I asked the very same question of the defense attorneys I have been working with. Before anyone is going to understand the issue (ACLU, et. al.), criminal defense teams must understand it. Because they can't begin to handle the technical aspects of the cases, they turn to the IT community for expert witness testimony. This is where the problem lies. We (the IT community) are almost never willing to testify against the FBI about anything. Indeed, a good many of my peers advised me against doing it. Without a meaningful way to combat the charges, defense teams plead the cases, which is how 90% of them wind up.

In summary, the problem is that the only people who can call attention to this problem are us, and we lack the courage and social conviction to do so.

Re:Hehe

[Reziac]

"In summary, the problem is that the only people who can call attention to this problem are us, and we lack the courage and social conviction to do so."

Actually, I like that answer just fine. And I think it's probably dead on. Let me add some related observations of my own, not terribly flattering either:

Geeks are, by and large, misfits to at least some degree. And (speaking as a longtime member and observer of the SF/F community, which is *very* similar in general mindset, albeit somewhat less outright-bigoted) misfits simply are not good at standing up for *anything* in public; there's too much fear of being *seen* as "doing wrong" and concomitant fear of (usually imaginary) punishment or (omighod!) embarrassment. A great deal of the geeky "users are morons" behaviour is defensive; if they're beneath you, you don't have to explain anything to them and can continue feeling superior, not to mention avoiding the potential for censure if by chance you're wrong. Fear of speaking out in the Real World comes from the same dark hole in the brain as this ivory tower mentality. (At its worst, the behaviour devolves into a form of paranoid schizophrenia, which I've noticed is rampant among people who code both for a living and as a hobby; IOW, have no lives. When topics like autism come up here, watch how many people come out of the woodwork and claim that being dysfunctional is somehow a GOOD thing.)

Anyway, the upshot is that compared to the run of educated people, geeks (meaning the IT community and related specialty fields like math and physics) are somewhat LESS likely to stand up for truth and justice *out in the Real World*, no matter what they may say or feel about it in "private".

And as some have pointed out, safely (ie. "privately" to this mindset) ranting to the choir here on slashdot doesn't accomplish squat, other than to stroke ourselves.

And you thought *your* answer wouldn't be popular... :)

A little lesson from reality: Back when I was doing bits and extras, I found there was this huge fear of making waves because "if you cause trouble, you'll never work again". But each day is just a job, not a road to fame, and when we were being screwed over, I was usually the only one who would complain, as far up as the assistant director if need be. And ya know what? Most of the time, whatever was violating the regs (re pay and conditions) got fixed on the spot, and I worked as regularly as anyone else, if not more so.

And the masked men in dark suits haven't come to take you away in the night either, eh? :)

Re:Hehe

[lone_marauder]

Brilliant response.

Re:Hehe

[Reziac]

Thank you, I think :)

Zero the data

[Lord+Grey]

One way to achieve this is for all data in RAM to be automatically turned into a string of zeros once it is finished with - something he [Tal Garfinkel] says could be done with just a few extra lines of code in application programs.

My company worked on a project a few years ago that required this very thing. It wasn't just passwords, though: The customer demanded that all data passing through the applications be wiped as soon as possible.

The project was written in C++. We started out using a custom string class that performed its own memory management (with zeroing the buffer on deallocation), but then promptly ran into problems with the STL. We wound up writing a memory allocator that also cleans up after itself. Those two solutions took care of the vast majority of the data leakage "problem" -- the only thing left was reinitializing stack variables within functions.

Perhaps the ultimate solution would be to encrypt data as it is entered, before it is saved into RAM, and arrange for programs that use it to decrypt it first.

The same customer actually requested this first. The problems associated with it were were terrible, especially in a multithreaded application. Plus, performance basically sucked. Wiping the data afterwards seemed to have the same end result, the performance was still good, and the customer was happy.

BTW, the memory allocator and string class both made their way into the company's downloadable core library (MIT license).

Re:Zero the data

[Doomrat]

Can you really be sure that the data is wiped? What if the memory is swapped to a page file or swap partition, later swapped back into memory and then you only erase what's in the RAM?

Re:Zero the data

[Reziac]

I know a guy whose dad worked for the gov't in some sensitive research position. His official work computer was a portable with 1 gig of RAM (mind you this was back in the early 1990s, when RAM was about $40 a MEG) and no hard disk, to ensure that nothing would be permanently stored. Every time he booted up, he had to dump the entire working image from tape to this gigantic RAMdisk.

The catch? the tape drive. That's just as permanent as a HD, and he took it home along with the PC, so he could work at home as needed.

Re:Zero the data

[Lord+Grey]

Can you really be sure that the data is wiped? What if the memory is swapped to a page file or swap partition, later swapped back into memory and then you only erase what's in the RAM?

You can either lock the RAM page so it doesn't swap, or force the page to write back out to swap after zeroing. The former is far easier (unless you want to do a lot of painful coding) and, if I remember correctly, was what was done with the project I talked about. I don't think the page locking/unlocking made it into the downloadable library, though.

Re:Zero the data

[Krach42]

Perhaps the ultimate solution would be to encrypt data as it is entered, before it is saved into RAM,

Not to mention when you look at how the data is entered, it passes through RAM as one of its very first stages.

This would literally require a kernel patch.

Re:Zero the data

[AstroAndy]

Is there a way for me to go through my computer to find where this information is stored? I am currently using XP Pro, and want to know what sort of shit is being stored without me knowing it. (I hear the footsteps of /.ers everywhere behind me ready to bludgeon me with their RedHat manuals)

Re:Zero the data

[essreenim]

I was kinda thinkin along those lines.
It is so tricky to secure this kind of thing in software. Hardware is probably the real answer.
I have a feeling Via are the masters here.
Admittedly they don't make fast CPU's as such but
they do have "Paadlock" TM hardware encryption.
I never looked into it much myself as Im not quite that paranoid but for the pessimistic, I think its probably a good bet!!!

Re:Zero the data

strings %systemdrive%\pagefile.sys | more

Re:Zero the data

[sporty]

In java, strings are immutable. So assigning it out to something else is the best you can do.

Just a side note. More reason to keep it in a char[] or a StringBuffer.

Re:Zero the data

Why not just use the mlock() syscall to turn paging off for a memory region? Wouldn't that be easier?

Re:Zero the data

[Lord+Grey]

Why not just use the mlock() syscall to turn paging off for a memory region? Wouldn't that be easier?

The memory block, with your data, can still be claimed by another application after the page is unlocked. From there it can be written to swap, and we're back to the original problem.

But like someone later in the threads pointed out, if someone has access to your swap file then you probably have bigger problems....

Re:Zero the data

[at_kernel_99]

AC says:

strings %systemdrive%\pagefile.sys | more

Which, to an XP user, probably looks like gibberish. Get yourself a Knoppix CD or install cygwin on your system. Use the above command to poke around on your drive. I think, but am not certain, that windows will not let you do so with normal windows tools.

Re:Zero the data

There's no need for Cygwin. Strings comes as a part of MinGW. Although I did just try the command and came up with this

C:\>strings %systemdrive%\pagefile.sys | more<br>
strings: D:\pagefile.sys: Permission denied

It shouldn't be too hard to make a startup disk and use a DOS version of strings.

Re:Zero the data

[hendridm]

Not to mention when you look at how the data is entered, it passes through RAM as one of its very first stages.

Not a problem if the users types in the string in its encrypted form.

Re:Zero the data

[tfb]

`Encrypting the data first' sounds good, until you think for a bit. The application needs to be able to decrypt the data, and to do that it needs some key. Where does it keep that key? In memory from where it can be paged to disk, from where the key can be recovered. Oops.

There are two solutions I can think of:

1. enhance the system so memory pages can be marked as `never copy this to disk'. This probably works, but would interact in interesting ways with suspend/resume features (as in: stop them working).

2. Do the crypto somewhere which isn't ever stored in memory, such as on some kind of smart card.

Re:Zero the data

[jarran]

How does this help in any way?

Example lifespan of a string:

1. Allocated
2. Maybe swapped out to disk
3. Zeroed
4. Deallocated

If 2 happens, zeroing the string in memory before it is deallocated will not effect the copy in the swap file. The string will still be on disk and perfectly readable.

If 2 doesn't happen, the string isn't in the swap file, it can't be retrieved at a later date,.so what is the point of zeroing it?

Re:Zero the data

This sounds like...nonsense.

Re:Zero the data

[stanmann]

What was your clue? the claim of a portable computer in 1990 with gigoram?

Re:Zero the data

[Krach42]

I won't trust security to anyone who can't spell "Padlock" correctly. hehe..

if it's your typo, sorry to tease you about it.

Re:Zero the data

[Chazman]

You can either lock the RAM page so it doesn't swap

Absolutely. I caught that blatant error in the article as well: "Operating systems such as Windows and Linux have no way to prevent data in RAM from being copied to disk." Bull. mlock(). And even though I haven't programmed Win32 in forever, I know for a fact Win32 has an equivalent call.

In fact, just a month ago I was writing a program that dealt with a sensitive password. I mmap()'ed a few pages specifically for the password and derived sensitive data, and mlock()'ed those pages into core before writing anything to them. All catchable signals that should terminate the program go to a signal handler that memset()'s the pages to all zeros before munmap()'ing them. As soon as it's done with the password, the program does the memset() and munmap() anyway. SIGKILL shouldn't produce a core file, so the only way I can think of to get that password to disk is to SIGSTOP the program while it's using the password and copy /proc/kcore to disk. Can anyone think of a way to do it less drastic than that? Is there something I've missed?

Re:Zero the data

[mattyrobinson69]

Hee hee - This is the windows fanboy from above that claims windows 98 never crashes on him.

This guy talks shit - everybody set him as a foe, as i have done.

*to the tune of la la la" mods on crack, mods on crack, mods on crack "/tune of*

Re:Zero the data

[bogado]

Just erase the data before unlocking the pages. duhh!

Re:Zero the data

[mattyrobinson69]

//for the super paranoid: (just an exmple - remember, ive only been learning c++ for a week, in little bits). //also remember to make encrypt a real function based on proper encryption (like xor ;))

char szname_unenc[30];
char szname_enc[30];

cout > szname_unenc;
szname_enc = encrypt(szname_unenc);

szname_unnenc = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaa" //30 a's to make sure string is written over
szname_unnenc = "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" //30 b's to be more sure that string is written over
szname_unnenc = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaa" //30 a's to make sure string is written over
szname_unnenc = "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" //30 b's to be more sure that string is written over
szname_unnenc = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaa" //30 a's to make sure string is written over
szname_unnenc = "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" //30 b's to be more sure that string is written over
szname_unnenc = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaa" //30 a's to make sure string is written over
szname_unnenc = "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" //30 b's to be more sure that string is written over
szname_unnenc = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaa" //30 a's to make sure string is written over
szname_unnenc = "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" //30 b's to be more sure that string is written over

Re:Zero the data

[kscguru]

Actually... mlock() is a POSIX call that isn't native to Windows. The native methods, VirtualLock() and VirtualUnlock(), "are simply advisory" according to the Win32 docs - which suggests to me that even mlock() is advisory under Win32.

memset() has another accidental bug - under high optimization, the oh-so-clever compiler optimizes away your memset call because it's "dead code". This flaw affected a lot of crypto libraries some time ago. Are you really sure that those bytes were overwritten?

Of course, the reporter glossed over these details :-)

Re:Zero the data

[lintux]

Yep, I thought about mlock() too. Unfortunately, there's one problem with it: Only root is allowed to use it.

Re:Zero the data

[AME]

Can anyone think of a way to do it less drastic than that?

Hibernate?

Re:Zero the data

[Reziac]

Welcome to my monkey house. You must be new here. :)

Re:Zero the data

[EvanED]

It drastically decreases the chance that it'll be written though. If you don't zero the data, the critical data could be written to disk any time from when it was put in memory to begin with until the next time it is written, which is concieveably never (in which case it has until the end of the program).

On the other hand, if you have

string str = "PASSWORD"
do the hokey pokey
str = "\0\0\0\0\0\0\0\0";

The swapping would have to take place in that code region. From a purely statistical point, the chance of a page fault even occuring in that time is less than if you don't overwrite the data, and the chance is decreased even further by the OS hopefully being smart and seeing that the program is still using that page and picking another to swap out.

Of course, the more the program jumps around and the larger the space from entering memory and being zeroed the smaller the gap becomes.

Re:Zero the data

remember, ive only been learning c++ for a week

It shows.

Re:Zero the data

You can either lock the RAM page so it doesn't swap, or force the page to write back out to swap after zeroing.

but what would happen if that computer hibernates itself while program has some non-zero data in memory, then it would end up written on hard-disk, and not necessarily to some place which your library can swipe latter.

Re:Zero the data

[mattyrobinson69]

what was wrong with the code then?

Re:Zero the data

[Krach42]

It doesn't solve the fundamental problem.

When a computer key is pressed it generates an interrupts, which causes the OS to pick up. The OS then reads that value from the hardware, and stores it in RAM (where you don't have access to) where it patiently awaits to be transmitted to your program.

And that's assuming a direct flow through. With your example, and Linux, the data are input into the keyboard, the keyboard transmits them to the keyboard handler, from there it's transmitted to the input handler, from there it's directed to your programs stdin, then it's most likely stored in the C++ library before it finally gets to your program.

So you see? Just you taking care of your end doesn't guarentee that anyone else has.

Of course then your choice of overwrites are poor. You want to use two values that are complements to each other. Like 0x2a, and ~0x2a.

Then cin doesn't know how much data should be put into the string, and a person could easily crash your program my entering more than 30 characters.

Then you're using "cout" instead of "cin". "cout" is for output, "cin" is for input.

And there are a lot more reliable ways of putting thirty of some value into each element of an array than using a raw strings where one would have to count it themselves.

But don't feel bad, even the best programmers will generate syntax errors from now until eternity.

Re:Zero the data

[mattyrobinson69]

there was no error checking because it was only an example, the syntax errors were because im still shite at c++

the idea was you understood what i meant - thing is, you make a point about 'just doing my end'

forget the grandpairent (my last post)

Re:Zero the data

[Krach42]

yeah, like I said, even the best programmers still produce syntax errors (even stupid ones) years into having done it constantly.

I was more intending on explaining why your code would be ineffective towards combatting the problem raise, than to rag on you for your "poor" coding abilities.

Frankly, I find it impressive that you were able to come up with a solution. ;)

Safe passwords?

[belgar]

Computers not secure? What a relief all my passwords are on stickies stuck to my monitor. I'm set!

Re:Safe passwords?

Actually, assuming your place of work is secure (i.e., in an out of the way place), putting your password on stickies can be a pretty good form of security, assuming that you need to use stickies because you're frequently changing the password.

Using the same password for years on every site you visit just because it's easy to remember *really* opens you up to security problems.

Encrypt Swap?

[Gwydion]

What about encrypting swap space? This will not a) solve the problem completely, and b) may waste CPU cycles, but should be within easy reach of OS implementors. If your system swaps so often that that becomes a problem, you're in trouble anyway...

Re:Encrypt Swap?

[Phurd+Phlegm]

What about encrypting swap space? This will not a) solve the problem completely, and b) may waste CPU cycles, but should be within easy reach of OS implementors

If it has to be decrypted by the OS when it gets swapped in, it can be decrypted to fish for passwords. Of course, if it doesn't have to be decrypted on swap-in, an obvious optimization is to just throw it away and replace it with a block of zeroes on-demand.

Rumor has it that XP SP3 includes this optimization.

Re:Encrypt Swap?

[smcv]

If it has to be decrypted by the OS when it gets swapped in, it can be decrypted to fish for passwords. ... or so you'd think, but remember that swap space is allowed (and expected) to become useless after a reboot. The loop-aes patch for Linux lets you use encrypted swap; on each boot, a new random AES key is chosen and used for the swap partition. The key itself is stored in kernel memory, which (under Linux) can't be swapped and is locked into physical memory anyway.

If you gain root access to the computer while it's still running, yes, you can dig around in the swap partition by retrieving the AES key from RAM, but with root access you could probably rummage around in virtual memory anyway. Most situations where untrusted people could obtain your hard disk involve switching off the computer that disk resides in, which, in the case of loop-aes, would throw away the AES key and render the swap partition illegible.

Re:Encrypt Swap?

[julesh]

If it has to be decrypted by the OS when it gets swapped in, it can be decrypted to fish for passwords.

Huh? Not if the key is randomly generated on each boot... then every time you shut down, there's no need to worry about anything that might be in your swap.

Stuff could be extracted if you could stop & inspect a running system, but that requires pretty fancy hardware, I suspect.

Well, we can always do like in MacGyver

[192939495969798999]

My favorite MacGyver episodes were the ones where he used fingerprinting dust to read the numbers on a keypad. Of course, anyone using the keypad for a password is only going to press the keys involved in the password.

The most dangerous thing to security is people. Why go routing around on a hard drive when you can just ask someone what the password is, and they'll probably tell you anyways?

Re:Well, we can always do like in MacGyver

[Claire-plus-plus]

wow, and it's so easy to assume that there are no repeat numbers, and let's forget the fact that order of characters is important. All hail the mightly suspension of disbelief!

Re:Well, we can always do like in MacGyver

[nocomment]

how could he tell what order they were pressed?

Re:Well, we can always do like in MacGyver

Oh you are in for it now. Patty and Selma are going to beat you senseless!

Re:Well, we can always do like in MacGyver

[Reziac]

Or for that matter, if the keypad has other uses (such as the numeric keypad on a PC's keyboard does), which use produced what fingerprints?

Re:Well, we can always do like in MacGyver

[bestguruever]

He couldn't, but with the numbers known brute forcing the order is possible. Consider an ATM pin:
(order known) 4! = 24 combinations to try
(unkown) 10 ^ 4 combinations to try

Re:Well, we can always do like in MacGyver

[paiste404]

dont question the macgyver. this is the same man who once picked an electronic lock with half-full wine glasses and a canary. you will accept the macgyver and you'll like it.

Re:Well, we can always do like in MacGyver

[Jugalator]

wow, and it's so easy to assume that there are no repeat numbers, and let's forget the fact that order of characters is important. All hail the mightly suspension of disbelief!

First, a digit only password is pretty bad due to the lack of combinations.

Let's assume a person used all alphanumeric characters (a-z, 0-9). That's 36 possible characters. For a password that's 7 characters long, that's 36^7 = 78364164096 combinations, which might not be able to be brute force cracked in reasonable time.

OK, let's then assume you are McGyver who saw which characters he pressed after analyzing the keyboard, noticing that 5 different keys were used (some keystrokes were repeated). Even if he doesn't know the order or which were repeated, that would be only 5^7 = 78125 combinations which can be tested with password cracking software within seconds or minutes. (although it would of course depend on if it's a software he was cracking or what, but you get the idea)

Re:Well, we can always do like in MacGyver

[Claire-plus-plus]

you forgot repeat numbers that is with the possibility of passwords like 1568516, there are only 4 digits but an insane number of possilbilities, especially sinse one has no idea which numbers were used more than once.

Re:Well, we can always do like in MacGyver

[Claire-plus-plus]

indeed I do get the idea, but I think carrying password cracking software around would be something MacGyver wouldn't do. There would also be no way to know how long the password would be.

Re:Well, we can always do like in MacGyver

[leenoble_uk]

Of course he wouldn't.
He'd fashion something out of whatever was to hand.
Why by merely warming over some plastic explosive, a hairpin could be used to read and write data to the soft squidgy platter and MacGuyver could create the zeroes and ones of the password cracking software by simply modifying his vocal tones utilising the glottoral stop to write the machine code.

Piece of piss- we've all done it.

Re:Well, we can always do like in MacGyver

[eggstasy]

Once you know which 4 digits make up the PIN, there arent that many combinations to try.

Re:Well, we can always do like in MacGyver

[ajrs]

If you know anybody with a home security system, especially near a garage, you can often learn the code just by looking at the keypad.

Only the keys in the code will be dirty, and the order goes from filthy to less filthy. No finger print dusting required.

Re:Well, we can always do like in MacGyver

[pjt33]

Piece of piss- we've all done it.

And with incredible timing, the /. fortune is currently saying

"I didn't know it was impossible when I did it."

Re:Well, we can always do like in MacGyver

[julesh]

Yeah, but assuming he'd seen someone using the lock, or the lock was of a standard model which is fixed to a certain number of digits, he could probably know how many digits there were in the pin.

It doesn't seem so unrealistic to me.

Re:Well, we can always do like in MacGyver

Consider that ATMs have cameras on them.

If you're gonna brute force a ATM passcode then you get 2 or 3 passcode fails at most before they take your picture and it gets filed away.

Keep at it long enough and there will be quite a few pictures of you screwing up passwords on file. Hit some unknown threshold and an actual person will review the file. You might even manage to get the account bumped up to an active watch list so the next time you try that account on an ATM it will raise an immediate flag/alarm for human intervention.

Have fun brute forcing ATM passcodes. Just be careful or you could be in for a more serious form of brute forcing by your new "roommate."

Re:Well, we can always do like in MacGyver

[slazar]

Umm, it was cooler than that. He used graphite pencil lead

Re:Well, we can always do like in MacGyver

[Stray7Xi]

Ah but suppose there's only 3 unique digits for a 4 digit pin.. there'd be 36 combinations not 24.

That's assuming you know how long the pin is.

Re:Well, we can always do like in MacGyver

[EvanED]

"If you're gonna brute force a ATM passcode then you get 2 or 3 passcode fails at most before they take your picture and it gets filed away."

Don't they eat your card too? Though I guess you could use one of the ones you just swipe...

Re:Well, we can always do like in MacGyver

[maxwell+demon]

Or maybe the "secure" code was 1111111, that's maximum repetition, but not really hard to break as soon as you see that only the 1 key has been used ...

Ultimate solution

[desplesda]

Let's just do a brain scan of everyone. I mean, you can forge fingerprints, voice prints, etc, but you can't beat a mind probe!

Re:Ultimate solution

lol

Re:Ultimate solution

What makes you think this isn't happening already?

Re:Ultimate solution

[kfg]

. . .but you can't beat a mind probe!

And the more you believe that the easier it will be for me to bring my nefarious plans to fruition.

Mwuahahahhahah!

KFG

Re:Ultimate solution

"..you can't beat a mind probe!"

Sure you can - an anal probe! There would be a specialized chair that would take a DNA sample when you sat in it. Sure it might be a little intrusive, but we cannot live in an insecure world!

Re:Ultimate solution

[jochend]

Since many computer users don't seem to have a brain, how can you distinguish them from eachother?

Re:Ultimate solution

[Darth_brooks]

A Brain scan of every living person on earth?! Brilliant!

root@kerryforprez>nmap -sB -vv george.w.bush -D dick.cheney, donald.rumsfeld

Starting nmap V. 3.60 ( www.insecure.org/nmap/ )

Host george.w.bush (bonging420.whitehouse.gov) appears to be down, or doesn't have a brain. If you know the host is up, or you think the host doesn't have a brain try -B0

root@kerryforprez>nmap -sB -vv george.w.bush -D dick.cheney, donald.rumsfeld -B0

Starting nmap V. 3.60 ( www.insecure.org/nmap/ )

Host george.w.bush (bonging420.whitehouse.gov) appears to be up, good. Beginning brain scan.
(bonging420.whitehouse.gov); Class: Incremental
Interesting ports on bonging420.whitehouse.gov:
(The 65531 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
25/tcp open smtp
1027/tcp open IIS
5000/tcp open uPnP
5631/tcp open pcanywheredata

Nmap run completed -- 1 IP address (1 host up) scanned in 2594.472 seconds

Re:Ultimate solution

but you can't beat a mind probe ...unless you are Leia Organa - her resistance to the mind probe was considerable.

Re:Ultimate solution

and if they can, just threaten an anal probe and they will reveal their password.

Re:Ultimate solution

[totallygeek]

Let's just do a brain scan of everyone. I mean, you can forge fingerprints, voice prints, etc, but you can't beat a mind probe!

Well, too many people would have the same brain scan. The values would all be zero.

Re:Ultimate solution

[AS400+Hacker]

You'll never penetrate my tinfoil hat!

Re:Ultimate solution

[Nick+Harkin]

Perfect! Just don't let those people use computers...

Re:Ultimate solution

[Kent+Recal]

Someone mod this insighful. Please...

Untrue

[frs_rbl]

Passwords don't sit on hard disks. It's more like under mouse pads

talk about hacker sophistication...

Re:Untrue

[DaHat]

or post-it notes on the monitor or near by wall... my mother still does this despite my insistence that she stop.

Re:Untrue

Well, did you stop wanking on her underwear? See.

Re:Untrue

Does your mother do this at home? I'm sure if someone breaks into your home, they probably aren't doing that to steal your passwords. They're doing that to cart off your plasma TV, digital cameras, and cash/jewelry, and possibly your computer, if it looks expensive. They won't waste time breaking into her accounts with the newly discovered passwords.

People will steal her passwords by the usual pop-up Trojans, viruses, e-mail tricks, or social engineering, because these are much higher yield activities for people who want to steal passwords.

Give your mother a break. She's put up with your shit for long enough by now. If someone ever does break into your home, she'll be more freaked out by the physical invasion than any loss of passwords.

And if she does this at work, are you her boss? She probably gets enough crap from him/her that she doesn't need more workplace related nagging from you.

P2P

It's amazing how easy it is to find people's password files shared on P2P apps like DirectConnect, Gnutella, etc. There's everything - Total Commander (FTP), WS FTP, mail clients, you just have to search for the proper file name.

Sir?

[The+Ultimate+Fartkno]

I'd really like to sell you my old computer since this is a yard sale and all, but I see that you're wearing a mask, carrying a saber, and have a black hat on that says "l33t h4x0r!" I can't help but think that you might somehow be up to some nefarious shenanigans!

Re:Sir?

[bladesjester]

I do not wear my saber to yard sales. It's usually my scottish broadsword you insensitive clod!

Passwords can sit anywhere for years

[ciroknight]

I've still got a three year old password on a postit note on the side of my monitor. It just goes to show you that passwords can sit anywhere.

The real question is, if a password's that old, what use SHOULD it still have? Hopefully, people adopt policies where they update passwords every month, or few months, especially if it's dealing with anything financial/uber personal (doctor's records.. etc).

Get real, stop trying to scare us with your security warnings; just educate people to change their passwords.

Re:Passwords can sit anywhere for years

[palndrumm]

You've got a three year old post-it stuck to your monitor? That's impressive - I have trouble getting mine to stay there for 3 days...

Re:Passwords can sit anywhere for years

[ciroknight]

hehe, old postits were a whole lot stickier, and it's aided by some tape.. the password's the local root password ( m30wm1x ) to a machine I'm not sure I even own anymore. It's stuck to my zenith low (ie, very high) radiation 14" monitor...

This seems more in the Hype threads

[Ironstud]

Passwords have been on hard drives for many many years. No matter if you are using M$ operating system or a linux there are passwords on the machine. If people don't know how to protect their computers than many they should just give their ATM card password to the public domain.

Damn Security Stories

[razmaspaz]

Another story about how insecure your passwords are. Is it possible that writers like to oversensationalize things and make us afraid?

They wouldn't really do that would they?

Disclaimer: I didn't RTFA because I know it will be dumb!

Re:Damn Security Stories

The approach they used at Stanford was kind of interesting. Go ahead, take a look at the article - just ignore what offends you.

Re:Damn Security Stories

[Thjorska]

That's what people said before SARS wiped out mankind. And the Y2K bug destroyed the internet.

Face it, the media love to scaremonger.

Re:Damn Security Stories

[razmaspaz]

The Y2K bug caused SARS...I thought it was from birds. I didn't really read those stories either.

Re:Poll Troll Toll

These troll polls are the work of:

http://slashdot.org/~LBArrettAnderson

Hackers?

[miknight]

"...and hackers become more sophisticated..."

...and WHO become more sophisticated?

Re:Hackers?

[mrtroy]

"...and hackers become more sophisticated..." ...and WHO become more sophisticated?

Dude, they dont just rollerblade around with laptops going to phone booths anymore...

They have moved up to segways and wireless!

Sophisti-mication

Re:Hackers?

[chris_mahan]

Yeah,

Anytime somebody talks about computer security and starts off by spewing "Hackers this and hackers that" I just move on.

It's like some so-called explosive expert not knowing what C-4 is.

For those dense people out there who are having a problem using a dictionary or an encyclopedia:

The word hacker does not carry the same meaning as the word cracker.

from Dictionary.com, from The American Heritage® Dictionary of the English Language, Fourth Edition:

cracker:
2) One that cracks, especially:
d) One who makes unauthorized use of a computer, especially to tamper with data or programs.

Note the word: Unauthorized.

Hackers are always authorized to use the computer resources, because if they start doing unauthorized stuff, they automatically become a cracker.

Now, can a hacker be a cracker too? Yes.
But a policeman is also a gunman. Just because you (policeman/hacker) have the tools and the technical skills (pistol and shoooting/computer and coding) does not make you a murderer/cracker.

Re:Hackers?

[cuzality]

"...and hackers become more sophisticated..."

...and WHO become more sophisticated?

FAR more sophisticated in my estimation -- haven't you read where they even order their pizza and have it sent right to their parents' basement without ever having left the comfort of the '#'?

Next they'll be relieving themselves by HTTP POST transaction...

Even the fathers never saw these days...

Re:Hackers?

Don't panic! A 'hacker' is different from a 'cracker'!

I've got no problems....

with that, all my passwords are automatically filled in by Gator.....

in an effort to stop this....

[presmike]

I will only use sticky notes on my monitor to store my passwords from now on.

Re:in an effort to stop this....

[mgs1000]

Be careful, passwords can sit on paper for decades!

of course, I've used the same password for years..

[rickthewizkid]

... and nobody's figured it out yet. I actually use several passwords, depending on the level of security. The "lowest" password, "password", is used for signing up to things like mailing lists, etc where there's little chance of me returning. The mid-level password, a pair of words with numbers in them, is used for mid-level security, such as my email, etc. The highest level password, a random collection of numbers, letters, and symbols, is used for the most secure information, such as my bank account, slashdot login and my pr0n encryption key.

Now if I could only remember the combination to my safe.....

Just my 46fctfj6&*23's worth....
-Rick the WizKid
(oooops...)

Why not just wipe swap every so often?

[Otto]

When you're not swapping and you've got some spare cycles that aren't being used, just pass over the empty swap pages with zeros... Clean 'em up.

Mac OS X and Pastor

[andy55]

Ah, funny this story was posted--I just had to address this issue the other day. I run Mac OS X and I happened to be doing a fresh install, moving all my data over from an old HD. Before this, I had always stored my slew of account info in a text file in an obscure and unlabeled file (I know, I know--very careless of me--that's way I was ready to change my ways!).

Mac OS X's built-in "Keychain" services/util isn't streamlined for repeated user use, not to mention it doesn't have several auxiliary/free-form fields (that are also fully encrypted with the password field). After some research and trying a few of the freeware and shareware apps out there, I came across Pastor, a freeware, super-lightweight and user-friendly app that basically lets you maintain a catalog of username, pass, and about 6 auxiliary fields, stored in an encrypted file (when you go to open a file, it prompts you for the password and decodes it on the fly). If for some reason you don't dig this particular app, there's a couple others like it as well with increasingly levels of features (I happen to prefer lightweight).

So I went w/ this model and it's had great payoffs--when I need a particular login, I click on an alias to my main password (Pastor) file, enter the file's password to decrypt it, look for what I need (it alphabetizes), and I'm all set--meanwhile, there's absolutely no risk of security--I love it.

Re:Mac OS X and Pastor

[diamondsw]

I know you said you don't like the Keychain, but by using it, you surf to the webpage and... it's already filled in from an encrypted database. Why reinvent the wheel, especially for web logins and such?

Re:Mac OS X and Pastor

[millahtime]

There is still a security risk. What if someone gets you Pasotr password. Then they can have them all.

Re:Mac OS X and Pastor

[andy55]

I know you said you don't like the Keychain, but by using it, you surf to the webpage and... it's already filled in from an encrypted database. Why reinvent the wheel, especially for web logins and such?

Keychain expects/assumes that all the stuff you store in there is conventional logins at certain URLs, etc. A lot of the entries I store don't fit that mold: my local router login/pass, my credit card pins, and some server logins that have unconventional fields. Most importantly, I want all those fields to be encrypted, not just the password field--that's a huge issue. If someone is logged in w/ my Mac OS X acct, i don't want them to just browse my keychain's non-password fields.

Re:Mac OS X and Pastor

[andy55]

...must...not...feed....the trolls.....

...breaking down....

There is still a security risk. What if someone gets you Pasotr password. Then they can have them all.

You must be new here. You can *always* use that argument. Someone can *always* install a key recorder or watch you type in your password. Security is about raising barriers, not about thinking/searching for somthing that will solve the impossible.

Re:Mac OS X and Pastor

[Plutor]

> ...absolutely no risk of security...

Except for the fact that essentially, you're still using a single password that encrypts a single file, which happens to be sitting on the desktop of your laptop. How easy is it to change the password on that file, and how often do you change it? How many people have physical access to your laptop, and could email or ftp the encrypted file to themselves for later brute-forcing?

Re:Mac OS X and Pastor

[archen]

I have a similar file, but I just use vim. Then use :X to encrypt the file and vim will automatically take care of the rest. It's unfortunate that vim's security isn't very strong, but the file is at least portable and vim runs on everything but the kitchen sink. For really secure stuff I wrote a messy shell script wrapper to use mcrypt at 256bit AES to manage a keychain file.

Of course the temp files are always unencrypted but you can't win all the time =/

Re:Mac OS X and Pastor

[geniusj]

How was that a troll? It was a completely legitamate question considering he was responding to a post that said 'there is no risk to security'.

-JD-

Re:Mac OS X and Pastor

[cortana]

You may be interested in Vim-GPG.

There is a more advanced version in the Vim plugin library with support for symmetric encryption (so you can just decrypt your file with a password, rather than with a GPG private key) and so on.

Re:Mac OS X and Pastor

[noidentity]

So I went w/ this model and it's had great payoffs--when I need a particular login, I click on an alias to my main password (Pastor) file, enter the file's password to decrypt it, look for what I need (it alphabetizes), and I'm all set--meanwhile, there's absolutely no risk of security--I love it.

So by having a single password, you gain security?

Re:Mac OS X and Pastor

[CoughDropAddict]

You must be new here. You can *always* use that argument. Someone can *always* install a key recorder or watch you type in your password. Security is about raising barriers, not about thinking/searching for somthing that will solve the impossible.

That's precisely why you sound naive when you say things like "meanwhile, there's absolutely no risk of security." And you mislead newbies into thinking that there is such a thing as "absolutely no risk of security."

Re:Mac OS X and Pastor

[at_kernel_99]

There is still a risk. The whole point of the article was that when memory is cached on disk, it is accessable from disk for an indeterminate period of time - possibly years before its overwritten. So when your Pastor program un-obfuscates your data, where is it? In RAM? In cleartext? Maybe Mac's don't have this problem (though I doubt it).

Re:Mac OS X and Pastor

[Abcd1234]

Easy. Do what I do. Use a 4096-bit public/private key pair, and keep the private key on a USB dongle on your (physical) keychain. *shrug* Of course, you probably want to back on your key on another device (CD-ROM in a physically secure location, for example), in case the USB drive goes kaput.

Re:Mac OS X and Pastor

Danke schön! :)

Re:Mac OS X and Pastor

[shut_up_man]

I just recently started using a similar app on Windows to store my password details, Password Safe. It uses Blowfish for its encryption, has versions for Linux and PocketPC and has had its security verified by Counterpane Labs (Bruce Schneier's company).

I guess it would be safer to keep all my password details in my head alone, but this is a damn sight better than sticky notes or text files. It also made me go through and change the weak or repeated passwords, too.

Re:Mac OS X and Pastor

> Keychain expects/assumes that all the stuff you store
> in there is conventional logins at certain URLs, etc.

So, what's the "File => New Secure Note item..." menu item for?

Re:Mac OS X and Pastor

[davesag]

I use the keychain and keychain access software daily and it's fine. Not fantastic granted - but fine. I have a keychain in my Documents folder on my iDisk called 'personal' and my keychain access knows to lookup keys from that chain. so home and work common passwords etc can all stay there.

i have a mail certificate (free from thawte - neat) and have installed gpg so have a number of high grade gpg keys which i use to correspond with my ol' dad back home about bank statements etc.

you say that the keychain gets in the way, but the fact that is is fully integrated into so many handy apps like sshAgent or MacSFTP or BBEdit, as well as the obvious ones like safari for web passwords etc. if you look in the keychain access program you'll see you can add secure notes, secure comments to passwords and all manner of options. you can open up the system keychains too and see the x509 certs you have collected.

you could also create an encrypted user whose user space is fully encrypted.

i have never seen the need for much more

Re:Mac OS X and Pastor

[andy55]

That's precisely why you sound naive when you say things like "meanwhile, there's absolutely no risk of security." And you mislead newbies into thinking that there is such a thing as "absolutely no risk of security."

Fair enough, I shouldn't have said it that way.

Secure Memory

[bbrazil]

Operating systems such as Windows and Linux have no facility for stopping data being written to the hard drive.

I'm pretty sure Linux can do this. Proof - GPG's secmem-warning. I don't get it on Woody. Solaris is different. I think it needs root.

Re:Secure Memory

[MasTRE]

> I'm pretty sure Linux can do this. Proof - GPG's secmem-warning. I don't get it on Woody. Solaris is different. I think it needs root.

Yes, Linux most certainly does have secure memory. Windows, umm, doesn't even know what secure memory is.

all you can do is be careful

[LBArrettAnderson]

There's no way to be 100% secure with passwords and the likes, but there are some things everyone should do. 1.) don't have the same password for everything! The website admins to every site you use a password for have access to it (and no one can trust a slashdot editor!). 2.) change your password often. The more often the better. This won't always work since most people, when they get a password, will do their damage immediately... but you never know. Another advantage here is OLD websites that you visitted a long time ago may change and new administrators will have access to your password.

pretty redundant stuff, but good advice that most people are too lazy to follow.

Re:all you can do is be careful

[poot_rootbeer]

The website admins to every site you use a password for have access to it

Um, they shouldn't, not if they have good practices. There's no reason the Unixy practice of storing a hash of the password in a shadow file and comparing it against a hash of the user's login attempt shouldn't also be used for Web-based authentication.

Re:all you can do is be careful

I think his point is that they have access to your password. We both know they shouldn't do it, but you have to assume they will.

It's one reason I hate websites that demand an e-mail address for registration. I bet they get lots of e-mail/password pairs that way.

Re:all you can do is be careful

[johnnyb]

Two things:

1) Hashing doesn't work for every application (digest authentication for one example)

2) There isn't a way to verify how passwords are being stored on the "other end". The fact that this practice _should_ be used doesn't mean that it _is_, or that there's any way to tell. How do you know that some admin isn't just sitting there reading passwords from their website to try to use them on other websites?

whats new

This is as old as de first computer with a password.
The security of youre personal information (credit card number, password etc...) lies with the companies storing them.

We all know that hackers aquire passwords by hacking company's data bases. Until company's use stingent privacy and security procedures and implementnations the world wide web remain's a wild west show.

Greetings,
Lord Flashheart.

Just zero the pagefile

[diamondsw]

Just put your swap on another partition and zero it every so often (any way to do this automatically during shutdown, after VM is suspended?) - that takes care of your passwords in memory. As for programs that store them on disk, they better be encrypted, ala Apple's Keychain.

Re:Just zero the pagefile

[leakingmemory]

I guess, on most operating systems, like Linux and *BSD. (I don't know about win*). It is best to clean the swap/swapfiles on startup, before running 'swapon' (FreeBSD), or anything similar to init the swap-partition/slice/file. Maybe we could also have a low priority thread that clears swapped out pages during run time and only run when there are no other processes that want the cpu time.

Re:Just zero the pagefile

[general_re]

Just put your swap on another partition and zero it every so often (any way to do this automatically during shutdown, after VM is suspended?)

You can zero out the swapfile at shutdown in Windows 2000 and XP (both versions) - fire up regedit and go to HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Contro l/Session Manager/Memory Management and set (or create) the DWORD key ClearPageFileAtShutdown to 1. Alternately, in windows 2000 and XP Pro, you can open up the local security settings console, go to Local Policies -> Security Options, and enable the setting labeled "Clear virtual memory pagefile when system shuts down". Either way, this will, of course, add noticeably to how long it takes your computer to shut down, depending on how large the swap file is.

Re:Just zero the pagefile

[42forty-two42]

Another way to protect the swapfile it to encrypt it with a key randomly generated at each startup and never saved (or swapped). When you shut down, the key is lost, and the swapfile is effectively randomized. Though this makes swapping slower, the time needed for crypto is not noticable under modern CPUs, and it dosen't incur a long and possibly more noticable delay while the hdd overwrites the swap file multiple times, and is more secure in the event that the hdd is confiscated.

Re:of course, I've used the same password for year

[Mz6]

Well with access to your bank acocunt, slashdot and pr0n collection, it doesn't sound like you would need whatever was in the safe anyways :)

Self-Expiring Password Hardware

[Nuclear+Elephant]

Store all your passwords on a burned CD, that way they'll have a shelf-life of 3-5 years tops.

Re:Self-Expiring Password Hardware

[mdielmann]

And giving that CD to a kid under 6 is just as effective a method to destroy the data as putting it in the microwave...

Hard disks? This article is about RAM.

[Audigy]

and I did RTFA, and realize they're talking about the swap file... ...but I have 1.5GB of RAM, and I have a 20MB swap file that's overwritten each time I reboot my PC.

Most Windows systems use the default setting for virtual memory, which is "windows managed" -- which means it's overwritten each time the system is rebooted. What's the big deal?

Has anyone here actually hex edited a swap file before? How is the data actually stored? For the reasons mentioned in the article, I imagine it would at least... not store data transmitted via SSL in plain text (why the heck would form data stick around in RAM anyway?)

Sounds like a neat project for after work today. :)

Whew

[thedillybar]

And everyone laughed at me when I put 2GB of RAM in my computer, allocated 1GB as a RAM disk, and pulled the harddrive out. None of those security issues here!

Re:Whew

[CRC'99]

And everyone laughed at me when I put 2GB of RAM in my computer, allocated 1GB as a RAM disk, and pulled the harddrive out. None of those security issues here!

WAIT! I can't play a game yet! When the power went out, I lost my whole system!

Re:Whew

[cgenman]

I use my RAM disk as a swap drive, to make the system go even faster.

Repairs

[pubjames]

One thing that worries me is sending machines away to get repaired.

I have a Sony Vaio laptop which I had to send to be repaired. I phoned the support number to tell them I was going to take the hard disc out before sending it. They said that if I did I would be charged for a new hard disc (at a hugely inflated price) and they wouldn't repair it without one.

I once sent a PC for repair and the teenage dork who repaired it actually said I had some great games on my machine and that he had played them. In another case in the UK, some padeophile was caught (was it Garry Glitter?) when he sent his PC in for repair. Now, I'm all for catching kiddie fiddlers, but that is not the way to do it.

I don't want the repair staff looking through the stuff on my hard disc. There should be a standard industry guarantee that this won't happen, or a privacy law about it or something.

Re:Repairs

[Claire-plus-plus]

simple solution, repair your own machines.

Re:Repairs

[pubjames]

simple solution, repair your own machines.

Not so simple when you are talking about something like a thin Sony Vaio laptop. They don't have standard parts, and anyway unscrewing them and fitting them back together again is not a simple task.

Re:Repairs

[Claire-plus-plus]

I avoid any hand-held that doesn't have password protected files anyway. I loved my old palm III and when it was stolen I was so glad all the important files on it were password locked.

Re:Repairs

[Woy]

I have a computer services company, and a client of ours, a lawyer, never ever lets his computer out of his office. All repairs, no matter what, are done in his office, under his scrutiny. He has no problems paying for it, he says he is required by law (we are in Spain) to be sure that his clients' data is safe at all times. There just isn't another option.

Re:Repairs

[mopomi]

My solution to this has been to dump the hard drive as soon as I get the computer. If I need to send it back for repair, I re-image the hard disk with the initially installed system, thereby cleaning the hard drive of all of my information (to most people). I, of course, make a dump of MY stuff just before replacing it with the original crap.

This also helps with idiotic companies that don't support Linux as I can just dump the old OS back on the system before I send it back for repair.

Re:Repairs

[Isao]

How about encrypting the data on your hard disk? Even Windows lets you do that now, built-in. It's transparent when you log in to use it, but maintenance staff can't read it. There are no guarantees, but it certainly raises the bar.

Re:Repairs

Using Dell laptops where I work seems to be different. Whenever we have to send off a unit we're told to yank the HD, PC Cards, batteries, and any other user removable items. I always figured they just didn't want to be responsible for them if something happened at their shop or in transit.

Re:Repairs

[Reziac]

I've had people ask me what I do about the fact that I can see all my clients' sensitive data (and in some cases have their backup archives stored on one of my everyday work machines):

Even tho in the course of sorting out a mess, I may need to use your passwords and look through your files, the *content* goes in one eyeball and out the other. I just don't CARE what's on your hard disk. Your personal life isn't that interesting. I have a million files and passwords and accounts of my own; I don't need to be burdened with yours.

And I think you'll find that's the attitude any mature tech has. It's pimply kids still at the "overly curious" phase of life (or people who never matured beyond the snoopy stage) who will root through your data just because they CAN.

Trouble is, you don't always have control over who works on your machine. And no amount of privacy laws or industry guarantees can stop some kid from snooping when no one is looking.

Re:Repairs

How about encrypting the data on your hard disk?

From what I hear, many programs are so poorly written that Passwords Can Sit on Hard Disks for Years. The swap space is not encrypted.

Re:Repairs

[julesh]

Yes, but nobody has said that the operating system is.

I have heard that MS went to substantial lengths to ensure that the password of your encrypted files never gets swapped.

Re:Repairs

[Epistax]

I think dell realizes this. Every time I have sent my laptop in to dell they remind me not to include the harddrive. When you think about it, they really don't have any proper use for it. All that it really does for them is open the doors for lawsuits. "You read this idea I had and used it here.." type stuff.

It would be nice to have a cheap external device that zero'd out an entire harddrive, regardless of any other physical problems with the disk. If those problems include not spinning, perhaps a device could create a strong (contained) emp to simply scramble everything. I'm thinking production model-- either it's something you buy and use yourself, or perhaps stores would have harddrive wipers and charge $5 (random number) for it, depending on price of the machine.

Re:Repairs

[julesh]

It's a good policy, but what happens if you can't do anything with the hard drive? I possess a single laptop computer, and when its motherboard went faulty a while back, I had no choice but to send it in to be serviced without touching the hard disk.

I tell you, getting a guarantee from the service company that they wouldn't do a 'system restore' or anything else destructive to the hard disk was a nightmare.

"We recommend you perform a backup before sending the computer in."

That's really useful, but the system won't boot and I don't have any others with the right connector for the hard disk.

Re:Repairs

[mce]

But what about this scenario: it's the hard disk that is broken. Suppose you still have a valid warantee for the box in question, so they will replace the disk at no cost. But of course they want to have proof that you're not just trying to cheat them out of an additional harddisk. If this happens, HP/Compaq demand that you trade in the old disk for the new one (it just happened to me, so I know first hand).

Note that "the hard disk is broken" does not imply that the data is lost forever, but just that it is currently unreachable.

Re:Repairs

[harrkev]

Maybe a removable hard drive would be much easier on the wallet. Keep the programs/OS on the computer's hard drive, but all client data can be kept on an external firewire/USB hard drive. You can even buy two and copy one to the other once a week or so for backup. All for under $100 (if you shop around).

Re:Repairs

[ObjetDart]

I had this exact same problem with Dell. My hard disk failed on a new Dell system after about a month. I called, and they sent some local company over with a replacement. They showed up, replaced the drive...and then expected me to just hand them the old drive.

I said you've got to be f'ing kidding me. I used this PC for contract programming work, the drive had hundreds of files of clients' source code on it. And since I couldn't access it, there was no way to erase them. Physically destroying the drive with a hammer was not an option (I asked.)

After hours of complaining to Dell on the phone, I was only given one choice: pay for the new drive, or give it back. So the bottom line is, the mfg warranty on hard drives is utterly worthless, unless you don't mind handing over all of your files and personal data to a complete stranger.

Re:Repairs

[harrkev]

First of all, if you are this paranoid, you CAN buy EEPROM-based hard drives which can competely erase in five seconds. Try here, but hold on to your wallet first.

Second, if you did try a complete magnetic erase, you would completely destory the hard drive. There are certain magnetic "marks" on there which mark the locations of the tracks. They are written at the factory, and cannot be restored by the user.

Re:Repairs

[evilviper]

One thing that worries me is sending machines away to get repaired.

I have the same concerns, but there are simple solutions...

#1. Backup all your data, and re-format your hard drive.

or

#2. Leave the original hard drive alone, remove it, and insert your own. Then when you need to send it in, remove your drive, and reinsert the original.

I do this myself because notebook manufacturers charge hundreds of dollars extra when you choose the same notebook with a larger hard drive. Screw them, I'll buy the cheap 20GB version, then insert my own 60GB hard drive. If they want to say I've voided my warranty, they can explain their position to a judge, most of whom have notebook computers themselves :-)

Re:Repairs

[Perianwyr+Stormcrow]

The password lock on Palms is pretty weak. But it does keep the bozos out.

Re:Repairs

[mce]

Physically destroying the drive with a hammer was not an option (I asked.)

Indeed. And that is actually the most scary part: they won't allow you to do that, because they want to have the option to repair the broken disk and sell it as an "as good as new refurbished part" to some other poor soul with a broken disk.

$DEITY only knows what happens with the data during the process of finding out whether this item can be salvaged and/or afterwards. Considering that it is technically possible to retrieve erased bits even after they have been overwritten a few times...

Re:Repairs

It's offtopic, so I'll post anon, but yes, it was Garry Glitter.

Re:Repairs

[Kent+Recal]

How about just taking out the harddrive before sending the device back?

Re:Repairs

[cgenman]

America is great because America is good, and if America ever ceases to be good, she will cease to be great.

I think your sig is a little out of date...

Re:Repairs

[cgenman]

For future reference, the laptop hard disk connector standard is very similar to a standard desktop IDE, except without the power connectors... 40 pin vs 44 pin. Many converters exist on the market for it becase Laptop drives, as well as PCMCIA and Compact Flash cards, are all nearly identical pin-for-pin with IDE.

Re:Repairs

[mopomi]

I use Linux to boot and do a data dump to/from another system via NFS. If the system won't even POST, then that's a problem--I haven't had that problem yet. [crosses fingers].

Re:Repairs

[pappin]

That is exactly what I do, although it doesn't protect passwords cached by the system, any user generated data is on a separate removable disk. THis is also good when you wnat to redo your system you don't have to worry about collecting and saving all your old data.

Encrypt your disk

[PSUspud]

When I read the headline, I was alarmed. But
then I read the article, and all my worries went away.
I encrypt my swap partition, and that fixes the problem.

It's not hard, and since it's swap (i.e., data
you don't need for very long), you don't even need
to remember a password (your computer uses a random
one every time is sets up the swap). Really, it's
pretty easy -- see the HOWTO at http://www.tldp.org/HOWTO/Disk-Encryption-HOWTO/
and keep your goatsex links and pictures confidential.

Re:Encrypt your disk

Yeah, but how is performance?

Slower swap?
Memory usage?
Increased CPU usage?

Re:Encrypt your disk

[hankwang]

Encrypting will make it harder to recover passwords, but the encryption key is still somewhere in the memory. An attacker with root permissions may be able to peek at a live memory image in /proc. I'm not sure where it is nowadays, but in the linux-1.0 days there used to be this huuuge 8 MB file in /proc and otherwise you can always insert a kernel module that does the job. An attacker who is willing to figure out the format of the swap space AND of the user program's data memory won't have a problem with creating a kernel module.

Re:Encrypt your disk

[PSUspud]

Memory usage? Slower performance? CPU usage?

I have been using encrypted swap on my two laptops
(a K6-2 380 MHz and a P2 450 MHz), neither of them
speedburners, for a year, and never once have I
noticed any problem. When I started encrypting
the swap, I looked hard for any performance hit,
and found none.

And why would you expect a problem? CPU is so fast
and the disk is so slow, it's like having a 10baseT
for your local lan that then feeds through a 56K dialup --
absolutely not noticable.

Re:Encrypt your disk

[PSUspud]

Different attack, different safeguards.

Encrypted swap protects against data hanging around
on the computer for years after you've used it.
I agree, if somebody's got root on your box, encrypted
swap won't stop them. But then again, not very much
else will either. But rebooting or unmounting/mounting
the swap partition frequently will at least stop root
from digging up stuff from long ago.

Re:Encrypt your disk

Ok, thanks. I'll check it out (on my P2 300MHz laptop).

Error in article

You can prevent writing pages to swap using mlock(2). Works on most *NIXes. You do have to be root though. Perhaps an idea for Linux: allow non-root users to lock just one page for passwords ?

Too much effort

[lachlan76]

Why go to the trouble?
We all know that 70% of people will give you their passwords for chocolate.

And I'm fairly sure that the other 30% will give it to you for sex. And then probably change it, but, you can take that chance.

Re:Too much effort

[SpaceLifeForm]

I'd rather get the chocolate than wonder if they change their sex.

Re:Poll Troll Toll

no. they are the work of

PollTroll

I'm over my comment limit, thank you very much.

Stupid

[barcodez]

I've always found it stupid that you can log on to a windows domain without being connected to the network assuming you have sucessfully logged onto the domain with that machine.

I'm assuming that a windows machine keeps a copy of every username and a passord hash (NTLM?) used to log in to any domain locally somewhere on the harddrive.

That is scary news really especially in hotdesk/shared desktop environments.

Isn't there something along the lines of "Client side security is no security at all" in Microsofts security axioms. Can't even follow their own standards.

Re:Stupid

[abh]

If you're not connected to the network, you can't do anything on the domain, except on the local computer. If you regain network connectivity, your credentials are then evaluated as you attempt access, meaning it's just the same as if a domain controller had been available at logon.

That said, You're sitting in front of the computer. At that point, you have breached physical security, and passwords are not really that important of an issue.

And that local cached password? Expires after 10 attempts according to Microsoft documentation.

Re:Stupid

[barcodez]

Yes, that's not the point.

Allow a co-worker to use your company laptop. Then take your laptop home - grab the NTLM hash. Apply dictionary and or brute force password checks against it at your leisure. Then go back into work connect to the network and log on as them.

Re:Stupid

[julesh]

I don't believe you _can_ grab the NTLM hash that simply. Don't domain servers use kerberos authentication? At that point, the password ought to be stored encrypted with the server's public key (? not too sure on the details of kerberos, but I think that works), so you would have to crack that public key to get it out... at which point the network has worse problems than you find a coworker's password :)

Growing by the day?

[curtisk]

dangers of storing personal information on computers are growing by the day, security experts say

Which is directly proportional to the growth of access and availability to PCs worldwide, and the danger is not growing, stolen passwords are stolen passwords, today or 5 years ago. And the "hacks" they speak of have been around

How about encrypted databases?

[Bourdain]

I keep my passwords on my computer, but in an encrypted database. I don't know of any safer way to manage my passwords and user accounts for countless web sites and pieces of software.

The only potential downsides to this threat are two-fold. One, a hacker could install a keylogger on my machine. I find that unlikely as I keep my anti-virus software up to date and I don't receive any spam or virus emails since they are all filtered. It is possible that one could install via a worm, but unlikely that it would go undetected for long.

Second, someone could break the encryption used on the database. I find that doubtful since it's pretty high-level encryption and the amount of effort to crack it would not be trivial.

The primary issue I see above is whether the value of the information exceeds the potential effort in obtaining it. I really doubt anyone would ever want my personal information thus I see the value of my information as being far lower than the difficulty needed to obtain it.

Re:How about encrypted databases?

[maximilln]

keep my anti-virus software up to date
I am truly amazed that anyone who purports to comment on a security related issue places such trust in anti-virus software. Have you thought about how anti-virus software works? Have you thought about what a virus definition is? A virus is a patch to program code or a library. A virus definition is like the command "patch", only it doesn't apply the patch, it just runs the check to see if the patch has been applied. Now think about it seriously for a moment. If any hacker took enough interest in you personally to take the time to drop a keylogger on your system, they would probably take the most ubiquitous virus available which suits their purpose and then modify it in such a way that it is not identified by the virus definition. You can run your anti-virus software 24/7/365 and it'll never show up. What's better is that, in the case I've presented using the most ubiquitous virus available, the anti-virus authors and maintainers have already seen so many variants that they truly believe that they have found _all_ the variants and won't bother with the one custom variant that's secretly sending all of your passwords back to me.

Second, someone could break the encryption used on the database
I use a plain text database written nice and neatly on a tab of paper right out in the open on my desk both at work and at home. I keep the encryption algorithm in my head. It's not the most complicated algorithm but I doubt highly that anyone's going to look at my tab of paper and randomly guess that I've decided to switch case on every even numbered position and go two off (negative) on every odd numbered position.

Honestly though you're probably a-okay. 99% of this security stuff is hype and paranoia. Other than nuking processes, killing performance, and sending spam viruses and trojans don't do a whole lot. Real identity theft or online harassment takes a dedicated effort that script-kiddies just don't have the will to apply to just one person. Script-kiddies want to see something big. Now your boss, however... he just might be interested in tanking you. That trojan gives him a convenient window to your world to let him know just which buttons he can push tomorrow to frizzle your frazzle be-dizzle dazzle.

Re:How about encrypted databases?

[Bourdain]

I don't place any sort of complete trust in anti-virus software in catching anything specific. I only place trust in its ability to catch virii that are infecting multiple computers in which case the chance it has the intention of specifically stealing my personal information isn't as high. I seriously doubt anyone would bother to custom-make a virus just to get my personal information. I'm fully aware of that flaw of anti-virus software in its weakness in finding new things not included in a definition file. I don't use it as any sort of safeguard for that. If I truly had information that was so valuable that I think someone would go to such lengths to get it, I would bother to specifically open and close ports as necessary on my firewall as such to minimize any worm coming in from that angle. Someone could always physically access my computer and install something, but if I saw any danger, I would use some sort of encrypted file system, but as I stated in my previous post, I don't see any real danger.

Re:How about encrypted databases?

[WuphonsReach]

I keep my passwords on my computer, but in an encrypted database. I don't know of any safer way to manage my passwords and user accounts for countless web sites and pieces of software.

Just as easy to keep your account information stored in seperate text files in your home directory, but with the contents encrypted to your public-key. (e.g. using GPG in combination with GPGShell) I create one file for each website, varying the internal layout of the text file (e.g. not always using the word "password").

Text files are easy-peasy to backup, you don't have to worry about someone swiping the contents of your home folder, and it gives you an excuse to use that 8192bit encryption key.

Re:How about encrypted databases?

[Bourdain]

I considered doing that too; however, there are some advantages to using a piece of software designed for the task. I use "password safe" -- open source (sourceforge) and it has some convenient features.

http://passwordsafe.sourceforge.net/

Umm, news flash...

[justkarl]

But if you think your personal details disappear as soon as you hit the Return key, think again: they can sit on the computer's hard disk for years waiting for a hacker to rip them off.


So, then, we're operating on the assumption that I've ever had a hard drive for more than a year...
And if I did, i didn't format it at least 3 times/year.

SO THERE!

swap

[austad]

I have no swap partition.

No they can't

With the 1 year warranty on a lot of drives now, no they can't, because the drives don't last that long.

Just plain wrong

[Rich]

The comment that 'operating systems such as windows and linux' have no way to stop RAM getting paged to disk is just wrong. The mlock(2) call does exactly that - the problem is people not using it. I would guess win32 has a similar API call.

Re:Just plain wrong

[flipdaddy]

Yep. From MSDN: "The VirtualLock function enables a process to lock one or more pages of committed memory into physical memory (RAM), preventing the system from swapping the pages out to the paging file"

Find them using Kazaa

[Drunken_Jackass]

You'd be amazed what you can find on Kazaa when you search for documents with password or resume or account as the keyword. People don't realize that you don't need to be a hacker to break into your machine - just someone with access to the folder you share on and P2P network...which, if it happens to be your My Documents folder....look out.

Re:Find them using Kazaa

[stimpleton]

"There are 01 types of people in this world. Those that understand binary, and me."

Shouldn't that be: There are 10(two) types of people in this world. Those that understand binary, and me.

Re:Find them using Kazaa

[Eponymous+Mallard]

"There are 01 types of people in this world. Those that understand binary, and me."

Shouldn't that be: There are 10(two) types of people in this world. Those that understand binary, and me.

No. You're missing the point of the joke. He's saying he's part of the set of people who don't understand binary. Therefore he uses binary incorrectly, writing 01 instead of 10. But what makes it clever is that his use of this .sig indicates he does in fact really understand binary. It's a variant of the classic self referential paradox as in "All Cretans are liars. I am a Cretan" or Magritte's "Ceci N'est pas un pipe" and closely related to Bertrand Russells paradox "the set of all sets that are not member of themselves." Probably more than you wanted to know. But I am comforted by the fact that, given the logical explanation, you now find the joke uproariously funny.

Eponymous Mallard. "If it quacks like a duck ... it may be the Eponymous Mallard."

I never get rid of a hard drive....

[callipygian-showsyst]

...until I physically destroy it! (Of course, my sledgehammer method may not stop the FBI from getting the data back, but it'll stop most hackers!

Re:I never get rid of a hard drive....

[CommanderData]

Funny, I thought I was the only one who took a hammer to my old hard drives. Actually, I don't even do it myself- I let my wife smash it to get out her frustrations over me working on computers till the wee hours of the morning. Needless to say, she kills them reeeealllly good!

Re:Poll Troll Toll

huh? I did make the IMPoll poll service and i post polls to slashdot somewhat often but the poll trolls are not my work. (and don't say "oh look at the coincidence that they are both posting on slashdot at the same time. it is just a coincidence).

disk cache

[JSkills]

Well RAM overuse will end up using (and temporarily staying) your hard disk, but the real issues have to do with no letting someone get onto your machine in the first place. Stay patched, keep ports closed, etc.

Practice safe-sex security measures on your box and you'll not need to worry about swap files, browser caches, and even that set of nude photos you and your wife took of each other last evening after a bottle of champagne ;-)

Pointing out the things someone can get on your machine once they've hacked you isn't really very useful. It's your machine and you're bound to keep things on it you'd prefer not be seen by strangers. Pointing out how not to get hacked is.

Encrypting keystrokes before RAM?

[DeadVulcan]

From the article:

Perhaps the ultimate solution would be to encrypt data as it is entered, before it is saved into RAM, and arrange for programs that use it to decrypt it first.

Huh? Does this make any sense to anybody? After all, once you've decrypted the text, you probably have it in RAM anyways, so you still have to deal with it in the same way.

You don't always need to sign up...

[elid]

...on a site asking for registration. Just use bugmenot.com (the Firefox extension is useful). That way, you can limit what your password is used for (if you only use one password) and avoid having to memorize 50 different passwords (if, for security reasons, you use different passwords at different sites).

OpenBSD

[GlobalEcho]

OpenBSD encrypts the swap space by default, specifically to avoid these problems. I would hazard a guess somebody has hacked Linux to do the same, but I haven't seen it.

Of course, if you have so much RAM that you never swap, this is less of an issue.

Re:OpenBSD

[Big+Jason]

Umm, no.

vm.swapencrypt.enable is set to 0 (zero) by default, take a look at your /etc/sysctl.conf

I can't quite see the point

[arevos]

Correct me if I'm wrong, but if an attacker has the permissions to trawl through the swap, then couldn't they just insert a keylogger, instead? That seems to be considerably simpler, to me.

I suppose there's an argument about someone getting the passwords off old machines that have been thrown out. But even then, surely any respectable business will use some software to scrub out all the last traces of sensitive data on any hard drives they're dumping.

An encrypted hard drive wouldn't protect against a key logger. It would protect sensitive data against physical theft, I suppose. But I wouldn't call that "hacking".

ton o' fun

Forget using dd to wipe a drive. Me and a friend prefer the usage of small arms fire to totally shatter the platter.

Nothing like a .223 or a 7.62x39mm tearing through a crappy Maxtor.

Learn How To Use Encryption

[$criptah]

Panther, Mac OS 10.3, has a nifty tool that encrypts your user directory on a hard drive every time you log out; then it decrypts it when you login. Although I am not paranoid, I will use it in case my laptop has to go for repairs because I simply do not trust technicians.

Re:Hard disks? This article is about RAM.

[GPLDAN]

I think it is because each time the swap file is allocated, it doesn't necessarily use the same inodes and blocks on the hard drive. Therefore, your hard drive has reminants of old swap files all over it.

Windows could just be set to not use a swap file at all. I'm not sure how far that would go towards solving the problem. Perhaps Garfinkel's USENIX paper will explain.

Cleaning hard disks of passwords etc

[Zog+The+Undeniable]

1) Set the pagefile to be automatically wiped on shutdown. Windows will do this for you.

2) To delete things properly, turn off paging and disk caching, reboot, then run something like Mutilate to fill all the unused disk space with rubbish. Remember to turn paging and caching back on afterwards or performance will be slooooow.

3) If you're disposing of a PC and you want to sell it with the HDD, it's usually easiest to reformat the HDD in another PC (as a slave) then run a file wiper as above.

4) Running a good file wiper once is perfectly adequate. Physical data recovery techniques using misaligned drive heads to pick up "ghost" images may or may not exist (hence the occasional recommendation to wipe 9 times) but the cost of doing so is so high that it would have to be a matter of national security. Commercial data recovery/forensic services do NOT use physical recovery techniques, they just go for deleted files and slack space.

Re:Cleaning hard disks of passwords etc

[jim_deane]

When I had a disc that was failing under warranty, I used a bootable hard disk wiping utility as the final step before sending the drive back.

Autoclave is the one I used. It is quite nice, fits on a bootable floppy. I felt better sending my drive in for warranty replacement after using this program.

Also see:
UBCSwipe
Darik's Boot and Nuke

Jim

Re:Cleaning hard disks of passwords etc

[Jonsey]

Setting the Page File to Wipe on Win NT/2k/XP

(Stolen from Wayne's Registry Tips: Google Cached

Edit the REG_DWORD value to '1' for "ClearPageFileAtShutdown" located under: HKLM\System\CurrentControlSet\Control\SessionManag er\MemoryManagement\

So, set that value to '1' and on clean shutdowns, windows will spin & whir for a bit (shutdown times will be increased) and this should clear your page file out, at least mostly.

Re:Cleaning hard disks of passwords etc

[Alioth]

3) If you're disposing of a PC and you want to sell it with the HDD, it's usually easiest to reformat the HDD in another PC (as a slave) then run a file wiper as above.

Or use Knoppix (or other similar live CD) and do, as root:

dd if=/dev/zero of=/dev/hda bs=128K

which will overwrite the entire drive with 0x00. If you're really paranoid I suppose you could write a script to alternately write 0xAA followed by ~0xAA to each block).

(Make sure DMA is turned on; some live CDs don't turn it on - hdparm -d1 /dev/hda)

Re:Cleaning hard disks of passwords etc

Eraser also works well and is Freeware.
http://www.heidi.ie/eraser/

Re:Cleaning hard disks of passwords etc

[julesh]

I suspect Knoppix has wipe(8):

NAME
wipe - securely erase files from magnetic media

SYNOPSIS
wipe [-f][-c][-r][-q][-i]

(That doesn't suggest it should work with devices, but it does...)

Re:Cleaning hard disks of passwords etc

[evilviper]

2) To delete things properly, turn off paging and disk caching, reboot,

And unless you have massive ammounts of RAM, your system will refuse to do anything...

I turned off the swaping on a Windows 2000 system that had 256MB of RAM, and rebooted, only to find that I couldn't do anything at all. The system started-up, but no programs could be opened. I could even get to the command-prompt, or the control panel to turn the page-file back on. Result, one completely destroyed and unsavable Windows system.

Don't recomend doing things that you've never done yourself and/or don't know enough of the details about how it works...

Re:Cleaning hard disks of passwords etc

[Zog+The+Undeniable]

Hmmm. Works perfectly on my three different XP installations with 256MB RAM. Do you have a *lot* of stuff in your system tray? I've successfully booted XP without a swapfile on systems with only 128MB, although it will refuse to play if you only have 64MB.

Protective measures

[Woogiemonger]

Some basic tips that not enough people know, in no particular order:

1. Make sure you have a firewall configured to allow incoming connections from only ports you need open. You might be able to do just fine with no incoming connections allowed at all.
2. Have an updated virus checker.. Norton or Mcafee. By updated, I mean having it auto-update for you. Have it check every file accessed on media accessed by the computer, and email. At the very least, all the incoming media and email should be scanned on the fly, but outgoing is a good idea too.
3. Use Spybot or Ad Aware at least once a month to scan for spyware. Also keep these updated. I forget if they auto-update, but just be sure it checks for updates before you run them.
4. Only use credit cards that keep you free of liability for any fraud.
5. Buy a separate unnetworked little organizer with a keyboard to store hints to remember your passwords. Don't store the actual password.
6. Cancel credit cards you don't use.
7. Photocopy the backs and fronts of all the credit/debit cards you use and whatever else you keep in your wallet. Write in the customer service phone numbers if they're not clear.
8. Have Windows auto-update and auto-install all critical patches, or keep your Linux distro updated.
9. Don't open email attachments that you have no reason to trust, and certainly not until you have antivirus software checking incoming emails.

Re:Protective measures

10. carefully screen your office cleaners - they tend to have unmonitored physical access.

Re:Protective measures

[evilviper]

4. Only use credit cards that keep you free of liability for any fraud.

Despite the FUD TV ads the credit-card companies want you to believe, THERE ARE NO OTHER KINDS OF CREDIT CARDS IN THE USA. It is federal law that you cannot be held liable for unauthorized charges on your credit card. Actually, I believe you may be required to pay up to $50, but that is really a trivial ammount.

So, don't believe the hype.

Re:Protective measures

[tnak]

THERE ARE NO OTHER KINDS OF CREDIT CARDS IN THE USA.

I'm willing to bet that he was thinking of check/debit cards. Just because they have the visa/mastercard label doesn't mean that they come with the same protections as a credit card.

if somebody empties you account using one, your recourse is the justice system. rather notoriously slow.

Re:Protective measures

[Aexia]

I believe the $50 deductible only applies to charges made *before* you notify the credit card company that the card was missing/stolen.

*After* you notify them, you are not liable at all.

Re:Protective measures

[evilviper]

Yes, but I don't know how you are going to realize your number was ripped-off until you see a charge or two on your statement... Unless the first charge they make is under $50, you're going to have to pay the $50.

Also, the instant you report your card as lost, it is canceled, so whoever took it won't be able to put any charges on your card, so there's no need to pay the $50 in that senario anyhow.

In other words, what was your point?

Re:of course, I've used the same password for year

[Paulrothrock]

I use a handy javascript I wrote (and ported to PHP, Perl, JSP, and ColdFusion) to generate pronounceable passwords for my work computer. They make me change it every month and I'm not allowed to use the same one for twelve months. This keeps me out of a rotation, and it's really easy to remember because it's pronouncable.

Passwords can sit on hard disks for years

[mcgroarty]

And sometimes, they just sit on the front page of Slashdot.

I have

[Prince+Vegeta+SSJ4]

the most secure password ever, it is joshua, well maybe not anymore.

There's another password risk...

[mikael]

People sign up for web services using a throwaway webmail/domain name. Typically these web services allow the user to recover a forgotten password by entering their E-mail address. The only problem is, they lose interest in the web service and forget about their webmail account/domain name. After some time, the webmail account/domain name will be placed back in the public domain, ready for anyone else to stake a claim.

post-its can be useful

[cuzality]

...three year old password on a postit note on the side of my monitor...

I've got a million accounts online, and I use different names for most of them, and try to vary the passwords also. I've got a 5 or 6 passwords that I add one of 5 or 6 enhancers to, and to keep track I use a post-it note (or unsent email in the draft folder), but only to indicate which combination of pwd and enhancer I use for each account, i.e. --

nytimes.com
name:b_______
pwd:m_______9___

hsx.com
name:h____
pwd:g___g____2___

Passwords don't sit on disks

[spidergoat2]

Passwords are written on little yellow sticky paper, then they sit on the side of the monitor.

Holy Crap!

[uncledrax]

["Operating systems such as Windows and Linux have no facility for stopping data being written to the hard drive."]
In fact.. such operating systems are DESIGNED to write to the hard disk..
(like someone said above.. someone just discovered the swap/page file)

I think the author needed to be alittle more articulate with the wording.

Re:Holy Crap!

Alittle.


ALITTLE!!!


It's "a little." Like "a lot."

I don't see the problem.

Passwords lying around in swap files eh?

Why is the hacker being allowed to see the swap file again? Seems your system has bigger risks.

Thanks

Re:I don't see the problem.

[orion41us]

Sure, But you gota boot off a floppy/cd to read the swap. As far as I know remote access to the swap is not possible.

Not just P2P

[Ann+Elk]

http://johnny.ihackstuff.com/

Permit pinning in RAM

[Jokkey]

Wouldn't this be a good reason for the OS to permit programs to pin pages in RAM? The only reason I can think of not to permit that would be that a hostile program could DOS a system by pinning lots of memory in RAM; if the OS strictly limits the amount of memory that a program can lock in RAM, that would fix that.

I think that gpg runs setuid just so that it can lock its memory in RAM; why don't Linux and Windows offer this feature to non-privileged programs?

Re:Permit pinning in RAM

[BigDumbAnimal]

Mod parent up. This is an example showing that the article is wrong.

gpg doesn't run setuid by default, but it does warn you if you are worried about leaving your passwords in swap space.

Of course, the solution is to either keep HD's when you sell old systems, or use shred from a linux live CD.

Re:Permit pinning in RAM

[kscguru]

Linux requires you to be root to lock pages in RAM (it's called mlock()), Windows has a similar method (VirtualLock() / VirtualUnlock()) that are unimplemented in old versions of Windows and advisory in some others.

Yes the OS has this feature - no, the feature doesn't work as expected. (And you are exactly right - a reason to not quite fully implement this feature is that DoS attack).

KeePass for Windows

[Mustang+Matt]

Here's the windows equivalent: KeePass

Re:KeePass for Windows

[Sneeka2]

Another Windows alternative

*runs away* ;)

Re:KeePass for Windows

[cuzality]

Funny... gator...

Here's another excellent password utility, from Bruce Schneier called Password Safe, which stores the passwords in a file and uses Blowfish to encrypt it. Very lightweight (requires only the executable -- no installation) but has the features everybody needs.

Tattoos

[The+Angry+Mick]

I've found that the best way to record my passwords and not have to worry about some nefarious h4x0r types stealing it is to get it reverse tattooed on my ass.

The obvious advantage is they're not visible to the wandering eye, and if I ever forget one, a quick glimpse in the mirror is all I need to refresh my memory. Also, it's not like anyone's going to be trying to steal my ass anytime soon.

Re:Tattoos

O.K. That's one image I never want to have in my head again.

Removable cache

[Mick+Ohrberg]

How about setting it up so that all that kinds of cache would be stored on something like a key fob? Like the already widely available USB memory plugs. As long as you restrict the storing of cached passwords, cookies etc to such a device, you could at least remove it easily.

But which is more likely...

[laigle]

That a hacker will necromance your password off the hard drive, or that you'll get a keylogging spyware installation? To avoid the first you need to never store your password, to avoid the second you need to always store it. Sure, we could all go to scratch pads couple with retinal scans, but nobody's going to pay for that infrastructure.

Bottom line, patch your software, get a firewall, be carfeul about opening email, don't use IE or Outlook, and do virus/spyware scans regularly. You'll be safe from all but the most determined hackers, and they don't care about your password.

Details.. details...

[farzadb82]

McGyver would ony have to look in the episode script to find the password!

KeePass

[namelessone99]

If you are worried about securely storing passwords, you should check out this application: KeePass. My Favorite feature is that you can randomly generate a password, copy and past the password (which is displayed as asterisks) from the application to the destination, and never know what your password is. It works natively in windows and runs on Wine in Linux.

Re:Hard disks? This article is about RAM.

[Reziac]

As I posted above, back in the Win3.1x era, I did peruse my permanent swapfile with a hex viewer, and found data therein that was over 3 years old. (At the time, the Win3.1 setup wasn't much older than that, and with 32mb RAM -- a lot for Win16 -- the swapfile was seldom touched.) Passwords which I knew for a fact were encrypted on disk, and didn't exist anywhere else in plaintext format, had passed through the swapfile AS plaintext, exactly as typed. Win32 swapfiles tend to be too large to conveniently view, but when I've looked at 'em, they aren't that different from Win16 (tho I've noticed Win32 pagefiles have a lot more "white space").

For the most part, the swapfile is tolerably readable, in about the same way a memory dump is, or the compressed volume file on a Doublespaced hard disk (yes, I've looked at those too :) There's lots of binary gibberish, but also a lot of obviously identifiable structures, such as big chunks of documents, logfiles, and the like; in my observation, it tends to be heavy on files that are written and rewritten to disk in a given session, and light on other stuff.

I know someone who has indeed recovered lost documents from the swapfile after a crash, courtesy of a hex editor. If you know what the document header looks like, you can just search for that and chances are the whole thing will be right there behind it.

I'm not a coder and I may have this wrong, but to my understanding, unless RAM is specifically cleared, it's kindof like "deleted" data on a HD -- the segment is marked not in use, but data isn't actually removed until something else overwrites it (either more data, or a tool to zero out the old data). So just about anything *could* stick around if not deliberately killed off.

and..

[MasTRE]

Remeber kids, the most popular OS (which shall remain nameless, *cough* Windows *cough*) does not have secure memory, so it's not too far of a strech to assume that even as you input a password into a dialog box it may swap it out to disk (if, say, you happen to be copying a raw DVD image from one drive to another).

Real men...

[confused+one]

My password is stored on a public mirror...

forget tough passwords, just crack the reset prog

[will_die]

One of the systems I use requires 10+ char with a variety upper/lower/special/etc.
Forgot this so I went to the reset link and was given the form to reset which required 2 pre-asked questions(pet name and birth place) along with info which was available on my info page.
The only safe guard was that I got a piece of e-mail sent to the predefined e-mail address alerting me of the change.
The really bad thing is that this is not a unique site, almost all sites I am on allow you to reset your password with just some earlier given info. The bester ones(with no e-mail themselves) then sent the password to you.

Run it all in RAM baby!

[pgnas]

I just use a bootable CD and run it all in RAM, the shutdown sequence wipes the disk. In addition, I don't use phones,credit cards, I burn all of my garbage, I walk everywhere I go (at night only).

wait...everyone is looking at me! STOP STARING AT ME!!!

Re: Old passwords are OK

[Alwin+Henseler]

The real question is, if a password's that old, what use SHOULD it still have?

It doesn't matter how OLD a password is. For security, all that matters is how well a password is kept.

If it's used by multiple parties, transfered in different ways, etc., it might improve security to change it regularly. But if it's used very rarely, and kept written on a piece of paper that's sitting inside a fireproof safe & only one person has an access key, it can still be a very secure password even after years.

What matters is the opportunities evil parties might have to obtain it, and if changing a password involves transferring it somehow, than that is just one more possible moment where 'evil parties' could intercept it.

Eraser will help

[stecoop]

Go download Eraser. It will erase empty space and swap files using DoD mil quality and even higher. It will erase empty space on your drive while you sleeping swiping it clean of bits 32 times over. On shutdown it will erase the swap file with the same quality. You can also get the source code and make it better if you want.

I have mine run once a week. I'm more concerned of my hard drive failing having to returning it under warranty and someone else receiving that drive they could then retrieve my data.

Re:Eraser will help

Just an FYI: technically a swap file != pagefile

Re:Eraser will help

[shannara256]

> erase ... files using DoD mil quality and even higher.

People keep saying this, but I remember being disappointed when I was trying to find free hardware because military protocol regarding hard drives involved some sort of explosives. What's the point of doing the rewrite thing if they then destroy the hard drives?

Re:Eraser will help

I have doubts that the US Military will use a product of Ireland for secure deletion. The only method of secure deletion sanctioned by the military is destruction.

Re:Eraser will help

Surely you mean the product of Finland, mate.

Re:Eraser will help

[stecoop]

Here's the standards Eraser claims to satisfy. It uses US DoD 5220-22.M and Guttmann . The Guttmann method of erasing is only exceeded by using C4 as you decribed.

Mine are Secure

[heybo]

My passwords are secure. They are on a post-it note under the keyboard. Please don't tell anybody. Besides I use "password" for the password no one would ever guess that!

computers are secure. People are unsecure.

DoD 5220.22-M takes care of this issue.

[Saeed+al-Sahaf]

We have a utility that formats all of our surplus drives (and all the drives we re-deploy internally, as well) to DoD 5220.22-M. You can buy consumer software that does the same thing. No problems.

Re:DoD 5220.22-M takes care of this issue.

Where? Any url to this software?

Re:DoD 5220.22-M takes care of this issue.

[Nick+Harkin]

Just google for 'military spec hard drive eraser' or something of the sort.

You want one that will allow you to write any hex values you want over the sectors.

The greatest security vulnerability is the user

I only hastily read the given article, but it seems to me that the persons cited within wish for the software developers to write their software so entered passwords should be kept on RAM for the shortest possible time ('Garfinkel hopes the results will galvanise software developers into action'). While I do believe developers should take the measures necessary for the security of the user, I also believe the greatest security vulnerability to a computer system still is the user. One does not need to be a hacker to obtain someone's password -- it is so easy, basically everyone can do it.

I would like to point out that this is not an incitation to acquire someone else's password; I am just saying how easy it is to obtain one -- of course, I am not giving depict details. You need to download a specific keylogging software, with which you can create a remote keylogger which can periodically send you logs and screenshots by e-mail and is simply dissimulated within another executable -- think a Flash animation, for example. All you need to do is subsequently send the keylogger to the person you desire to spy on, who will open it and see the content of the executable of your choice while the keylogger is installed.

I find this rather scary myself, but I think it just goes to show that more than software developers, it is the users who should take precautions. (The keylogger can be removed with Spybot Search & Destroy or Norton Antivirus 2004.)

Rubbish!

[arvindn]

Article says:

Operating systems such as Windows and Linux have no facility for stopping data being written to the hard drive.

That's a flat out lie.

$ man mlock

MLOCK(2) Linux Programmer's Manual MLOCK(2)

NAME

mlock - disable paging for some parts of memory

SYNOPSIS

#include

int mlock(const void *addr, size_t len);

DESCRIPTION

mlock disables paging for the memory in the range starting at addr with length len bytes.

OpenSSH uses paging protection. It also zeroes out the password in memory. Immediately upon hashing it. I've seen the code.

Authors are at Stanford? Paper at USENIX? Can't believe this shit.

Re:Rubbish!

[julesh]

Operating systems such as Windows and Linux have no facility for stopping data being written to the hard drive.

That's a flat out lie.

$ man mlock

MLOCK(2) Linux Programmer's Manual MLOCK(2)

NAME

mlock - disable paging for some parts of memory

Indeed, and under Windows (quoted from msdn.microsoft.com):

The VirtualLock function enables a process to lock one or more pages of committed memory into physical memory (RAM), preventing the system from swapping the pages out to the paging file.

Re:Rubbish!

[evilviper]

Operating systems such as Windows and Linux have no facility for stopping data being written to the hard drive.

That's a flat out lie.

$ man mlock

And if I remember correctly, you need root access to use mlock(). Now then, how do you feel about running Mozilla/Firefox as root? Mozilla and any other applications you might possibly type a password into... GPG has the same issue: http://www.gnupg.org/documentation/faqs.html#q6.1



Meanwhile, for quite some time, OpenBSD has had the "swapencrypt" sysctl option, which causes everything swapped to disk to be encrypted with a random key that is stored only temporarily in RAM, never on disk... thereby taking away any possibility of getting usable data out of the swap partition.

For more info: click here.

Re:Rubbish!

[kscguru]

Under some versions of Windows, VirtualLock is simply advisory. It wasn't even implemented in 95/98/ME.

The "solution" increases the risk

[Nofsck+Ingcloo]

"Perhaps the ultimate solution would be to encrypt data as it is entered, before it is saved into RAM, and arrange for programs that use it to decrypt it first."

Sheesh! Where is the input buffer located? The decrypted password en-route the application or site? They're in RAM, of course. What this proposal assures is that the plaintext password will be in RAM more times than if the proposal is not adopted.

Sigh....

old hat

That's why OpenBSD allows you to encrypt your swap.
Provos wrote this in 2001: Encrypting Virtual Memory

Re:old hat

[gehirntot]

That's why OpenBSD allows you to encrypt your swap.
Provos wrote this in 2001: Encrypting Virtual Memory

The new scientist sort of misrepresented the findings of the paper. The fact that passwords and other sensitive information gets retained on swap for a long time. The paper was looking at memory tainting, i.e. if an application handles a password where does it end up in memory. The results were slightly surprising. Nontheless, most people would be even more surprised to see how much sensitive information ends up in swap. That's why you want to encrypt your swap partition.

An Even Better Solution!

[quadra23]

Nah, don't run to the hills. Just get a new hard drive for every session that you use your computer. Sure it's a pain to reinstall your operating system a zillion times, but soon you'll do the install in your sleep. When your done using your computer smash the hard drive (so no one can get a hold of your information) that's real "security". Who would have thought it would be so simple. Your wallet might not thank you but at least you'll have "peace of mind" knowing that your data is secure [even from yourself]!

Besides there are snakes in them hills and I'd actually like to live another day to do a reinstall and another "secure" computing session ^_^

Re:An Even Better Solution!

[Jane_Dozey]

Actually I beleive you should incinerate the hard drive, split the ashes up onto small piles and flush each pile down toilets in a different locations just incase soem sneeky bugger does some forensics on it. ;-)

OpenBSD encrypted swap

[nsayer]

The problem of swap containing sensitive data from running programs was addressed some time ago by OpenBSD. They generate a random key at boot time and use it to encrypt reads and writes to swap. By definition, you are not interested in the contents of swap the next time you boot up, so you can start with a brand new key. Not only is swap space secure against fishing expeditions like in TFA, but it's also secure against someone getting read privileges on the raw disk (unless they also get permissions on kernel memory and can go look up the key).

Too bad more systems don't embrace the idea.

My Security Tips

[Waffle+Iron]

Here are a few security tips that I use to help keep my passwords secure:

• Don't impress your passwords into soft clay tablets then bake them and leave them in the ruins of your civilization.
• Never glaze your passwords onto pottery. Even breaking the pottery into shards is not a secure way to dispose of them.
• Do not write your passwords onto parchment then leave them rolled up in caves in a desert environment.
• Remember, security through obscurity doesn't work. Even if you keep your passwords in a totally hidden chamber under thousands of tons of stone, determined hackers will still be able to find them.

Too damn many passwords.

[gfxguy]

The problem is that everywhere wants a password. For some places it's perfectly logical (banking comes to mind), but then you have a lot of services that, even though they are free, require a password (like NYT). Now, every time I order something it seems the online retailer requires an account. I can't just enter my information and order something, I have to create an account.

Then when you add in slashdot and all the other time wasters (as if NYT isn't one also), you end up with dozens of passwords.

So what do you do? Either you need to write them down somewhere, or you use the same name and password for each account. That's wonderful, of course, once one insecure site gets hacked, someone knows your name and password for all of them.

One solution to this problem would be if websites weren't so password happy. They all pretend like they are the only sites on the net, so you won't mind. What's the point when it's free anyway? There are other ways to make sure content is only accessed from your site (no deep linking), like looking at referrer information, or cookies.

Windows instability improves security

[Gax]

A simple, though extreme solution is to reinstall your OS every few months. I find Windows 2000 slows to a crawl after 12 months or so, so I backup my files and reinstall the machine. Bye-bye hidden passwords! I'm surprised that Microsoft has not promoted this as a feature for their products.

However, a big threat comes from people who hack into your machine. I've seen numerous home computers that have all their passwords stored in a passwords directory, so their owner does not have to remember them. Anyone who has gained access to their machine can simply copy one directory and access their bank, email account, web site, and other personal records.

Re:Windows instability improves security

[The+MESMERIC]

Can't do that with XP.

After my eight time - I found out I am no longer eligible for Activation. My grudge with them is very personal ;)

Re:Windows instability improves security

[orion41us]

Technically even after a format (or several) the data can be still restored... Even if you overwrite it with random bits - reason being that the way hard drives work. Data is stored as bits encoded by small clumps of magnetically charged partials. These partials are arranged by polarity. But they are never really 1 or 0, think about them as more .7877 and .2314, if I write to the same 2 bits again with the same data the # will approach 1/0 respectably. There are hardware units that based on the actual charge can uncover layers of data. Full information is here.

Evidence Eraser

[dangerburger]

This program seems to take all these concerns into account. Evidence Eraser I dont know how well it works but the resident pedorast here at work swears by it.

Don't be stupid

Only the swapfile needs to go on the ramdrive :-)

Object Reuse Policy

[Detritus]

Many operating systems, to comply with the rainbow book security standards, zero out any memory or disk space provided to applications. The problem is that this is done when a resource is reused, not when a resource is freed. How difficult would it be to instead immediately zero memory/disk upon deallocation?

chicken or egg, chicken or egg...

[blunte]

Perhaps the ultimate solution would be to encrypt data as it is entered, before it is saved into RAM, and arrange for programs that use it to decrypt it first.

I love this. Be sure your program encrypts the password before it ever enters RAM! Of course this could be tricky, but I'm sure you'll work out the magic (hint - solution involves clairvoyance, but I hear Alienware's top machines can do that).

More alluring tasks...

The main disincentive is that zeroing or encrypting data consumes processing power that could be used for other, more alluring tasks...

Such as for animating paperclips?

What about...

[kusanagi374]

There are some obvious safeguards, such as never allowing your computer to store your passwords.

What about that friendly cute walligator that offered himself to store my passwords for me late this moring?

Re:Hard disks? This article is about RAM.

[Audigy]

That's actually a very good point.

I suppose the only way to take care of this... in Windows, would be to create a separate partition solely for the swap file have a boot batch file run that would format/0000 the swap file drive each time the system is restarted. (of course, if doing this from command prompt, it would require the partition to be formatted to FAT32, ew. No thanks.)

Also... of course, the first thing I did when I got my load o' RAM, was to try to run without a swap file at all.

Amazingly, everything was splendid until I tried to print something. Bloody HP printer bloat crap. If there's anything I'd like to see open source/custom drivers made for, it would be the HP All-in-One printer/scanner things. The install is over 100MB. >_

but... yes, apparently my printer "needs" a swap file present to spool. I don't understand why it can't just spool to RAM. :)

Ouch

[Mustang+Matt]

Don't lead some newb astray...

Gator is spyware, KeePass is not.

Here's what works for me

[sahuaro]

I keep client info in an encrypted text file (clients.txt.gpg) with most client enrties on a single line and access it this way:

gpg --decrypt client.txt.gpg | grep Smith
Enter password:

Which outputs the info for Smith to the terminal like this:

Joe Smith http://hissite.com Login: joes Password: hispasswordhere

Then "wipe" it from the screen with CTRL L

I think that offers a reasonable solution to security vs. convenience.

sahuaro

Re:of course, I've used the same password for year

it's really easy to remember because it's pronouncable.

I tried a dozen times and didn't find a pronouncable one. Then again, English is my first language, not jibberish.

Re:of course, I've used the same password for year

[noidentity]

Of course, I've used the same password for years and nobody's figured it out yet.

Or maybe you've used the same password for years and haven't figured out that somebody else has.

Encrypted Swap

The problem of password retention on swap partitions has been known for years. OpenBSD, for example, automatically encrypts the swap partition with rotating keys so that information becomes automatically when it gets stale, i.e. even before reboot. There is a paper on this called Encrypting Virtual Memory. Makes for an interesting read.

Re:Encrypted Swap

[markana]

For Linux users BestCrypt from Jetico does this quite nicely...

Re:of course, I've used the same password for year

[smchris]

Levels are good. I suppose anyone with my single login for all newspaper web sites could get me carted away by the secret service within hours, but it is convenient all around.

The _important_ stuff is compiled onto a file on a Bochs cylinder with a heck of a pass phrase for the blowfish encryption. Called from a parameterized batch file with a Norton wipefile on editor close. I figure short of a tin foil hat and RFI grounding the room that should be adequate protection against individuals.

I might add a few more

for windows users, specifically:

1) Install Mozilla and use that as your default browser. IE is a huge security hole, and should only be used for windows update.

2) Don't download those free screensavers, or other neat little toys, that you find all over the web. You really don't need them, and most of them come with adware, spyware, or worse. If you must download free stuff, take extra steps to learn what they come with, such as reading the EULA and user feedback. If you have no means of finding this out, then just say "no."

3) Don't install browser toolbars. Install as few browser plugins as possible, and try to keep them to the list of generally trusted plugins (shock, flash, quicktime, java).

4) Don't click on banner ads, pop up ads, or anything that says you have won something or can get something for free.

5) Delete spam and do not respond to it (don't bother to unsubscribe). :)

What good (or b4d) is an old password

[Flagella]

If you could find my highschool band teacher's 5-7 year old hard disk you would find that his Netware password was "brahms". Using that password you could go back in time and change my grades. What good is an old password?

Overwrite with all 111s then all 000s then alternating 1010 then alternating 0101.

mlock

[42forty-two42]

Operating systems such as Windows and Linux have no facility for stopping data being written to the hard drive. So Garfinkel reckons the best strategy is to ensure that data is kept on RAM for the shortest possible time.

NAME
mlock - disable paging for some parts of memory

SYNOPSIS
#include <sys/mman.h>

int mlock(const void *addr, size_t len);

DESCRIPTION
mlock disables paging for the memory in the range starting at addr with
length len bytes. All pages which contain a part of the specified mem-
ory range are guaranteed be resident in RAM when the mlock system call
returns successfully and they are guaranteed to stay in RAM until the
pages are unlocked by munlock or munlockall[...]

Sheesh, whatever happened to checking one's facts?

Encryption

[42forty-two42]

Perhaps the ultimate solution would be to encrypt data as it is entered, before it is saved into RAM, and arrange for programs that use it to decrypt it first.

The key would need to be in RAM for the data to be decrypted, thus negating the usefullness of encryption.

This has aleady been done

[Orion+Blastar]

the original person who used Orion Blastar had a hard drive that he left the passwords on and sold to me on eBay. Now I have the passwords to all his accounts. Running data recovery programs and probing the virtual memory file can be very useful.

Of course, nobody noticed the difference when I took over all his accounts in 1999 and kept on posting in the same style that he did.

Well not really, I am the original Orion Blastar, and this post was yet another one of my jokes, ala Andy Kaufman. At least that is what I want you to believe, muahahah! ;)

Re:This has aleady been done

[jrockway]

I made my account in 2000 or so and have a lower UID than you. So 1999 is not the right date :)

Not quite the same problem, but...

[Cmdr+TECO]

I once bought a Microvax from an place where a co-worker had been a decade or two earlier. I ran crack on /etc/passwd. Interestingly, only a handful of the hundreds of accounts had guessable passwords. But guess who still used the same one?

Re:Full Security!!!

What if the password is person's key + DVD's 4.7 GB?

open4free © : Osakas Lomortal Otejo Des

I think maybe it can

[SethJohnson]

Though it may be theoretical, I believe data may be able to reside in RAM after a device has been shut off.

I suspect this because I used to work at Apple in the Printer Technical Support department. We supported the various postscript laserprinters Apple used to rebrand and sell. I recall a support call made by some people at the CIA. Their printer was going to need servicing for whatever the problem was and they were going to need to remove the RAM from the printer because it was used to print 'Secret' documents. I told them that changing out the RAM wasn't a user-supported operation. They said they didn't care about the warranty, etc. that they are required to not let RAM leave the building in any equipment because it may contain information such as the last document printed by the printer.

Coincidentally, I later purchased a black Next Turbo Slab from a guy on the internet. He was selling a huge batch that he had bought from the CIA. Mine came with a sticker that reads 'sanitized'... oh, and no RAM or hard drive in there, either. Of course, the guy could have been skimming the RAM out of all these used computers, but I'm betting the CIA just crushed those RAM chips up and then burned them.

Re:I think maybe it can

The CIA _may_ just be trying to prevent undiscovered attacks from leaking classified documents.

Re:I think maybe it can

[Dinjay]

First of all:
IDNWFOGA (I do not work for other government agencies).

I think that the requirement may be to sanitise anything that has held a secret document. As well as the RAM and the HD, I wouldn't be surprised if they sanitised everything else that document came into contact with (the toner, paper in/out tray, etc). But this doesn't necessarily mean that RAM stores anything after shut down.

Re:I think maybe it can

[Quelain]

There was an Amiga virus which could survive in RAM for a few minutes with power off. I forget what it was called, but on power on it would laugh at you and refuse to let you boot anything else :)

Even if your standard RAM didn't have any chance of storing recoverable data, I'd bet any spooks worth their salt would do it anyway. There always the chance someone could have substituted in some flash-ram backed 'custom' jobbies.

Re:I think maybe it can

[taped2thedesk]

Here's my poorly-thought out theory:

RAM is basically an array of flip-flops. When you first "power on" a flip-flop, it's in an unknown state and you have to initialize it to known value.

I would also assume that when you cut all power to the flip-flop, the flip-flop loses it's state (which would be data) data - but maybe someone could rig something up so that power to the ram was maintained while the system was off?

So, I suppose that a scenerio could play out like this:
1. KGB spy attaches special power-maintaining device to some RAM and installs it into a CIA machine.
2. CIA agent turns on computer. It properly initializes memory to known state.
3. CIA agent looks at/edits important classified documents and stuff. Some of it ends up stored in RAM.
4. CIA shuts down computer. The KGB device maintains power to the device though, so all of the data stored on the chip is maintained.
5. KGB removes ram with power-maintaining device and attaches it to some device that does NOT initialize the memory at bootup. KGB agent now has access to whatever was stored on RAM.
6. ???
7. Profit!

As long as power to the RAM was maintained, and it isn't reinitialized... it's possible that you could get the data out of it. It wouldn't be easy, but again, this is the CIA.

It's been a while since I took logic design, and I'm too lazy to go dig up my book... but that's what I came up with off the top of my head.

Also, keep in mind that this is highly simplified... it'd be pretty hard to do much with any modern RAM, IMHO.

Manipulating data that is not stored in ram?

[Spam.B.gone]

Perhaps the ultimate solution would be to encrypt data as it is entered, before it is saved into RAM, and arrange for programs that use it to decrypt it first. That would be a nice one.. a program that can encrypt a password that is not stored in ram..

Keychain encrypted notes

[plsuh]

Are you aware that the Keychain spec supports freeform encrypted notes? Open Keychain Access, go up to the toolbar, and click on the "Note" icon.

Keychain also supports other types of data like X.509 private keys and certificates. If you are using S/MIME email via Mail.app, all of the certificates and private keys are stored in your keychain.

You can have multiple keychains. There is the default login keychain that exists for every user, and is unlocked on login. However, you can have as many other keychains as you want, each with its own password. Each can be locked or unlocked individually, and if an app calls the Keychain API any items that are on a currently locked keychain will raise a dialog asking the user to unlock the keychain as needed. I store banking info, server keys, etc. in encrypted notes on a second keychain.

Lastly, there are a couple of security settings that really ought to be on by default, but aren't: Lock when sleeping and lock after 5 (or 10 or 15) minutes of inactivity.

--Paul

Re:Keychain encrypted notes

[andy55]

Open Keychain Access, go up to the toolbar, and click on the "Note" icon.

*sigh* Sure, but the util mentioned steamlines things more by having a variety of fields already there, already labled, right in front of you, and everything gets encrypted (including the item title). And b/c it has separate fields, there's none of having to cram your data/pin/passwords/URL into the single note's edit field and have it look nasty.

Don't get me wrong, i'd love to see keychain streamlined in how i've described, but the reality is that the current version is not (and I *still* don't wan't people to see the names/titles of my keychain entry. If you have a item named "Money Safe Combo", an intruder could see that title and know you have a money safe nearby!

Lastly, there are a couple of security settings that really ought to be on by default, but aren't: Lock when sleeping and lock after 5 (or 10 or 15) minutes of inactivity.

Good points--you should submit those.

secure password policy defeats this

[SethJohnson]

A password three years old should be irrelevant if the user has a secure password policy. A password should be changed every thirty days or so.

Just use Knoppix

If I need to make a purchase, I reboot into knoppix and do it from there.

Re:of course, I've used the same password for year

[Paulrothrock]

Yeah, knowledge of gibberish or PHONICS is a good way to remember it.

Take this one: 'fuquwimu' Sound it out. foo-coo-wee-moo. Simple, stupid, and easy to remember. But very hard to guess. Two clicks got that one. Keep trying and you get ones like horanori, xepufado, or wamodahu. (Adding a mnemonic to remember the first few chars, like using XP for 'xepufado' will help you remember it better.)

you want somebodies password?

look in their bash (or tcsh or whatever their fav flavor is) history.

Seriously. Have you ever accidentally typed your password instead of your username? Grep your history for your password and see what you find.

Re:Hard disks? This article is about RAM.

[42forty-two42]

A swap file is just a bunch of disk pages that the OS uses to back application pages. A page in swap will contain one page of application memory (unless it's a new swap file, and thus blank). The mapping of application virtual memory to swap pages is generally held in RAM and not swapped, though, so if the data you're looking for is more than 4kB in size, you'll have to search for both pages manually. The OS can't know that a given page has sensitive data except through memory locking primitives, and memory locking can cause a local denial of service, so it is usually restricted.

Re:Full Security!!!

Yes!!! A DVD of passwords!!!.

Asks to Travis Dane how to get those passwords from the Steven Segal's film "Siege 2: Dark Territory".

open4free ©

Microsoft Engineer? RTFM

[jwgoerlich]

"Operating systems such as Windows and Linux have no facility for stopping data being written to the hard drive."

Incorrect. Set the page file to 0 and watch Win2000/03 run dog slow. Or, configure Win2000/03 to erase its page file when the computer shuts down.

http://msdn.microsoft.com/library/default.asp?url= /library/en-us/gp/567.asp

Is this new news? Maybe to some. However, the problem with many of these new Microsoft engineers is that they do not read the manual or pay attention during the MCSE courses.

My two cents (and yes, I am an MCSE).

Secure Programming

[solodex2151]

Whenever I am programming an encryption program or something that needs to be secure, I use a bit eraser algorithm that is modeled after one presented in th book "Secure Programming in C and C++" (very good book btw. Very Practical) I am surprised no one has written open source for a cron job that does the same thing.

Article:

[npsimons]

CygnusXII writes ""As people spend more time on the web and hackers become more sophisticated,

Can I mod this article as "Troll"? Please?

FileVault

[johkir]

I just took a quick glance at the Apple site, and didn't see anything. But doesanyone know if Panther's FileVault option encrypts the users swap as well, or is that strictly used by the OS and outside of FileVault's control?

problem solved

[ArbitraryConstant]

for i in $( seq 100 ); do dd if=/dev/urandom of=/dev/${whatever}; done

In other words...

... someone else receiving that drive they could then retrieve my data.

Of course, by "data", you mean p0rn and pirated MP3s, right?

libsd might help you (secure delete for ALL apps)

[flok]

Altough this might sound like an ad (it is not - it is not commercial) one might take a look at 'libsd': libsd makes ALL applications on your system do a secure delete without changing a single line of code.
It does this by intercepting calls like 'unlink' (delete files) and 'truncate': before deleting or truncating a file, the previous contents is first overwritten with garbage which is forced to disk.
So if you use this library and you delete a file with a password in it, that password should not be recoverable (altough it might still reside in your swappartition...).

USENIX

[kscguru]

To all the clowns posting here about problem X, Y, and Z in the article, and about how the reporter just discovered the page file...

This is the media version of an academic paper for USENIX Security '04. It glosses over a lot of details.

Examples:
- mlock(). Available to root only under Linux, so useless outside of setuid programs - and we all have so many of those we trust, right?
- VirtualLock()/VirtualUnlock(). Win32 versions of mlock(). Not implemented in the 9x series, advisory in a few other Windowses (I can't find the docs on where, but it's in the original paper).
- zeroing memory. Oops, your optimizing compiler just optimized away that memset() call as dead code. This was a known flaw in some crypto libraries a few years ago.

The system described is a whole-system simulator, it traces bytes of input from the moment they pass the keyboard through the kernel, into the user-mode applications that use the bytes (e.g. kernel to X server to Mozilla), and how long those bytes hang around in the physical RAM of the machine.

This does not necessarily describe a highly practical attack, but more a quantification of how vunerable systems are to such an attack. In fact, the original paper is about data lifetime information.

- Did you know the most recent 4K keystrokes (passwords included) are stored in the kernel's tty buffer?
- Did you know several dozen of your keystrokes are stored in the Linux kernel's entropy buffer (for random number generation)? They aren't actually consumed for as long as several hours.

My solution:

I have a small circuit incorporating a basic stamp and some optical isolators that I designed to remember my passwords, it hooks up to the PS/2 port between the computer and keyboard. It is capable of reading keys presses so I can use something like CTRL-SHIFT-1 to have it type in username1 enter password1 enter etc..

Next revision will include a serial lcd module to allow me to display info and some code to generate random passwords, can easily store/enter very long passwords this ay.

3 months

[Gr8Apes]

The point is Gates recommended data center servers to be rebooted weekly for stability. We had stable systems up for 3 months, counter to Gates' advice. These were 24/7/365 servers with intended 99.999% uptime (with exceptions allowed for scheduled maintenance windows). Due to that and the load this was a bit of an accomplishment at the time. (largish exchange servers, DBs, file servers, WINS, and domain controllers with regular in-service backups for roughly 60+ core servers in multiple geographic locations and subnets with over 5,000 users with at least one machine each - and that was within 1 domain. The total numbered in the 100s of thousands of users that I personally saw, and yes, this is enough information to figure out whom I'm talking about) In 2 years, we only had 1 problem meeting the SLA - the initial email virus, Melissa I think it was.

We managed this feat by hacking the servers down to only necessary services and placing them in an architecture designed to overcome MS OS's shortcomings, of which there were many.

Re:Ultimate solution.... anal probe

nahhhhhhh man ! Use da alien anal probe!

Re:of course, I've used the same password for year

[glesga_kiss]

Thar be good advice above.

I've taken it a step further. I got a password manager for my mobile phone and I keep everything encrypted in there. Each website gets an unique e-mail and password e.g. ebay@mydomain.com 4jd74jks. As I don't need to remember the passwords, each one is random gobblegook. I always have the phone anywhere I am, so I don't have to worry about someone messing with it without me knowing.

The password manager is doubly secure as the phone is also locked and the only way to unlock it without the correct code erases the internal storage, along with the password file.

Of course, this still leaves a major vunerability; compromised machines. The next improvement would be using a one-time password system. Then if you get your details tracked by a keylogger, virus or any other technique described in this thread, it really doesn't matter as the password is worthless the moment it gets used.

As soon as someone does this for mobile phones, I'm on it!! Of course, it will only work for systems I own, but they are the ones I care about the most. My credit card insurance takes care of the rest, and I could handle the karma loss if this account got hijacked... ;-)

Encrypt the swap

[mi]

OpenBSD can encrypt the swap. FreeBSD, -- in even more generic way -- can encrypt any partition -- including, what you'll then use for swap.

For everything else, there is KWallet.

re: windows encryption

[woodsrunner]

all you have to do is copy the directory or file to another device using admin rights, which the repair guy would need to repair the system, and the encryption is decrypted and the files are readable.

M$ security is no security, again.

Re:of course, I've used the same password for year

Or maybe you've used the same password for years and haven't figured out that somebody else has.

Shhhhhh...

-cmh

yea, well,

[way2trivial]

you'd have an easier time rolling back the charge on the toner cartridge... get the bit o the last page that way..

Re:yea, well,

[SethJohnson]

I totally agree. I can't remember for sure, but I would bet that they had the toner cartridge base covered on sending this equipment out to be serviced.

Encrypt memory???

[wazerface]

Perhaps the ultimate solution would be to encrypt data as it is entered, before it is saved into RAM, and arrange for programs that use it to decrypt it first.

How the heck do you do that?! So ok the program decrypts the memory when it needs it... into what?? cpu registers!?

On the other hand

[Alien54]

If you install some distro of Linux on the Drive, being sure to repartition and reformat with some non MS filesystem, that could overwrite it enough to make any previous data non-recoverable. Plus you also do the public service of letting the buyer experience a properly configured Linux system. (which you set up)

This would kill two birds with one stone.

I imagine it would be a pain to do data recovery on system like that.

Re:On the other hand

[Stephen+Samuel]

If you just do a linux filesystem format, this can still leave gobs of residue data on the drive. If it's a 20Gig drive, and the Linux install uses 5, then you've still got 15GB (minus inode info) of possibly interesting information floating around.

From the linux command line, 'dd if=/dev/urand of=/dev/hd{abcd]' should make life hard on most casual browsers, and the 'shred' command should thwart anybody who isn't seaching at 'secret' clearance or above.

Once you've done that, THEN you can do a Linux install.
(( FYI: for the RedHat/Fedora install disks ctrl-alt-F2 takes you to a commandline ))

They Destroyed these drives?

[serutan]

All the 100 hard drives and laptops purchased as part of Pointsec's research will be destroyed.

Jeez, we're not talking about lab rats here. How about wiping them and donating them to a non-profit?

From my init scripts.....

[Yottabyte84]

dd if=/dev/random bs=1 count=54 | \
mimencode | \
losetup -e AES128 -p 0 /dev/loop3 /dev/hda3 &&
mkswap /dev/loop3 &&
swapon /dev/loop3

This sets up encrypted swap with a random key when my computer boots up. Once I shut down, nothing can be recovered, even by me, because I don't know what the key was.

vm.swapencrypt

[mirabilos]

The more sophisticated (ie, non-GNU) operating
systems, such as OpenBSD and its derivates MirOS
and ekkoBSD, have had encrypted swap, although
disabled by default, for years.

Dat's OK

[rixstep]

the use of a 'task list' generated from 'TODO' comments in source code

Dat's OK, cos Big Blue still got dibs on "/* */" from PL/1.

64 bittedness

[Gr8Apes]

The 64 bit race is already in full swing. The most common apps that will benefit most from 64 bits are DBs, along with a slew of specialty apps that do large data manipulation. If systems like Oracle, Sybase, MySQL, Postgres, and yes, even MS SQL all start running on AMD machines, it's pretty much over. My opinion from what I've seen of these chips is that this trend will be in full swing by year end. Once it starts, Intel's barrier to 64 bit CPUs rises significantly. (Forget the Itanium 2, who the hell in their right mind would by a single CPU system for the cost of an 8-way NUMA system that blows its doors off? Ok, that might be a little bit of an exageration, the cost of a dual Itanium 2 system...;) Tests I've seen show that a dual opteron system can outperform a loaded Sun V880 (don't know the exact specs on the Sun box, but it did have 8 processors).

Re:64 bittedness

[Reziac]

Point being, we haven't seen big business do a wholesale shift to 64bit yet -- and just because the big DBs will *run* on it doesn't mean it's in mainstream *use* yet. And the jury is still out until mainstream happens. It could go either way, but judging by long history (all the way back to the 286 era), I wouldn't bet all my marbles on AMD even if they're first out of the gate. They tend to be faster starters in a new market, but fall behind down the stretch.

I remember when the K6-2 was going to be the P-II killer, too -- but it didn't happen, despite that at the time the K6-2 was ~$300 cheaper and had more initial penetration in clone systems (which are about 40% of the total PC market). AMD has a habit of setting its sights on one particular niche and sticking there until it's very old news (they did this with 386 and 486 tech too), and meanwhile Intel leapfrogs over 'em and into the future -- IMO a matter of business foresight as much as tech prowess. One thing Intel has learned, and historically has timed well, is when to simply ditch a product line and go on to the next generation, leaving the older tech market to whoever wants it (historically, this has meant mostly AMD).

Anyway, competition is good, regardless of who "owns" the market, as without the Big Race we'd still all be using XTs with $10,000 CPUs :)

Re:64 bittedness

[Gr8Apes]

Businesses have shifted to 64 bits. All those Sun, IBM, and suppsedly hot Itanium boxes.... But, the point being, what they haven't shifted over to yet, they will start, especially when they realize that they can run in-memory caches of 16GB or more, versus today's 3.5GB. That alone will be a selling point for the bigger corporations, especially at the price point we're talking about here. (very cheap)

The K6-2 could only mimic the Intel PII, and it was an older design to boot with 3DNow added. The Athlon 64 is a new design, with several innovative /new features to x86 that Intel does not have, including the 64 bit extensions. That's why this may be a moot point soon, imho, as a pretty decent dual Opteron system can currently be put together for around $2000 with 6GB of RAM. I don't think, given Intel's past pricing behavior, that they're going to play well in that price arena with their new top end chips. Their current top end chips which were made specifically to compete with the first Athlon 64s out are still priced near $1K each.

Hmmm, given that, maybe there's more to the dual P6 core than I thought. With new fab processes, I bet they can churn out dual core chips rather cheaply, and they should run relatively fast too. My current Dual PIII runs respectably fast. However, Intel hasn't given any indication of these getting 64 bit extensions.

Re:64 bittedness

[Reziac]

That AMD's 64bit CPUs are a new design, I take as a Good Thing, because their habit of coming along a bit late with a wanna-be (like the K6-2) is not exactly a great way to break new ground technologically nor in the marketplace, and that historically is part of why they have much less total marketshare than one would expect at their price scale. And regardless of whose CPU I'm buying at the present (which could change in the future) major points of competition keeps 'em all on their toes and is good for all of us.

Intel always gleans whatever can be had from the highest-priced markets, then comes down as needed to get best market penetration, so that's kinda to be expected. Doubtless AMD would like to do the same, but they don't have enough existing market penetration to count on top-end sales, so are better off to come in at a lower initial price and get looked at more seriously than they would if they were up at Intel's initial-entry price range. Which is pretty much standard for AMD too.

Anyway, we'll see how it shakes out over the next 2 or 3 years. What server farms may be doing is pretty minor compared to where the mass of workstations end up, and LISB4, I don't think we'll have a clear winner until M$ produces a 64bit Windows that everyone "has to have" as their new desktop.

MS 64 bittedness

[Gr8Apes]

Supposedly out in Oct or Nov, from what I recall hearing. (Too lazy to look it up) The initial performance numbers for memory are pretty incredible, and may make it a "must have" for high end gamers and the like, just to squeeze out that extra framerate or 3 beyond 120 fps... I mean, you know you just cannot play a game unless the frame rate is at least a nice smooth 120 fps. That aside, I don't think it's going to be quite that long, perhaps 1-2 years. Things seem to be changing ever faster in some areas, while others seem to stay stagnant (MS OSes and Office, for instance;)

Re:MS 64 bittedness

[Reziac]

Lordy, and here my poor old 486 would limp along at 5 or 6 fps... I don't know how I'd stand not being able to see each and every frame draw from scratch. :)

M$ OSs grow well in some areas, and in others I find myself saying "whaddya mean, that's STILL not fixed?" or "awright, who broke that?" And I suppose if you're into office automation and have a captive macro programmer, M$Office might have shown some growth too.. and in some ways it's not as cranky as it used to be... but to this old WordPerfect hand, WordXP still has all the frustrations Word6 did way back in 1994.

Today I was thumping on a 1500 page textfile, about 49,000 lines (actually a comma-delimited datafile which started life as a bunch of concatenated HTML files) and found that none of the current tools could handle it. Wound up hand-editing it from HTML tables to CSV using variously EditPad and WordPerfect 5.1 for DOS (which has a nice fuzzy search function, here necessary to kill unwanted link structures w/o mangling desired text). Goes to show that newer and shinier ain't necessarily more competent.

Here's a dumb question... is anyone working on a 64bit DOS, or at least a 64bit console mode? (32bit DOS has existed since 1990ish.)

Re:MS 64 bittedness

[Gr8Apes]

Hey, don't knock that watching the frame render! You can learn a lot about how computers, or your code anyways, work and debug in-frame rendering that way!!! ;)

Word still sucks, if you need to do anything other than have a program format your document for you how it thinks is best. Then again, they claim Word is not a desktop publishing app. So how many version of a word processing program do I need if it doesn't add anything of merit?

For big text files, use gvim. It just works.

Re:MS 64 bittedness

[Reziac]

LOL!! oh man, when we were thumping on DOOM source, the bugs I could see, that no one else did, *because* at the time I had the 2nd slowest machine out of all 26 beta testers... so in fact, that's very true. And now.. how many people realise that WinXP reloads the destop from scratch when it comes back from the screensaver? don't think so? try it on a lowly P3-500. You'll see. :)

I hate even having Word installed because of the stability issues it introduces (as I've said for years, M$Office is Windows' worst enemy) ... and "did without" until recently. Now I've got OfficeXP on the WinXP box, and reading the crashlog is entertaining... WordXP *usually* does a silent crash and restart every time I run it. Tho I suspect this is because of compatbility issues (OXP is a bit older than WinXP, and unlike other apps, IS allowed to clobber system files when it installs). Here, its only reason for existence is morons sending me WordXP documents that nothing else will read.

As you say, WTF new features? Word's menus are still disorganised and fine control is still sadly lacking (it did finally get watermarks, tho -- done via the same kludge we used in WP5.0 in 1988). Tho a lot of the limitations are due to Word's shitty file format, essentially a textfile with an appended database that counts lines and characters to tell where to insert formatting. That's why one munged byte can render a .DOC useless, and why it argues with you every time you want to change certain types of formatting (there's no way to select certain structures without selecting the whole line or whole paragraph). -- Conversely, WordPerfect (all the way back to 5.0) has much finer-grained control, and works very well for complex page layout, with a much shorter learning curve than real layout apps (even Ventura). And the file format is saner -- formatting is applied where it happens, not by remote. A mangled .WPD can be fixed with a hex editor in a pinch, and major substructures (like text boxes) are treated internally as "separate documents" so applying formatting to 'em by their lonesome is no problem.

Don't know gvim, but I see the download page and I'll drag it home on G.P. (who knows, it may have some feature I can't live without, and besides, it's not emacs :) -- WP5.1 can handle files up to the limit of your available disk space, and does intelligent paging so on anything faster than a 486 you don't see any lag, plus it does paranoid saving (doesn't kill previous version til the new one is confirmed written to disk, and the file is NEVER left open on disk). I have a Handy Macro for saving as text with one keystroke.

Re:MS 64 bittedness

[Gr8Apes]

LOL is right! So you were the one I read about that was "debugging" frames on Doom? What a job! ;)

As for WP, I used 5.1 and 5.2 (winblows) as my last two copies. I hated 5.2, but, the on screen WYSIWYG was cool eye candy, if they could have only made it work right. The killer? MS Word 5, then 6's file formats (actually, WP suffered the same fate as any large company that thinks it has a monopoly generally suffers when they enter their "sloth" stage, they pretty much collapse). WP refused to support the new formats, and missed the boat on WYSIWYG.

BTW, on page layouts and Word, I had huge problems with having pages numbered i-..., then skip a page number (for a title page) and then start counting on page 1 again. I don't know if it's been fixed since O97, since I haven't had to write that kind of report since 99....

And as for unlimited WP5.1 files, it's limited to 2GB I believe, the maximum partition size of DOS. Unless you run it under Windows of some flavor with bigger drives, and then I'm not sure you can exceed 2GB.

Finally, as an aside, there was this really cool word processor/desktop publishing app on OS/2 called ClearLook. A cell based word processor. The full codebase was 5MB (ie, could load the entire source in RAM faster than Office anything brings up the splash screen ;) and did everything a word processor needed to do, and then some. You were able to do cell overlays, include pictures, make layers transparent, watermarks anyone? And it was extremely fast. All in about 94. More memory lane stuff. Wonder if I still have that program?

Re:MS 64 bittedness

[Reziac]

I remember what I post here about 30 seconds (in one eyeball and out the other!) which means I doubtless repeat myself a lot [g] -- but if it involved slow machines and DOOM, likely it was me. If I haven't killed a few hellspawn, my day is a bust!

OS/2 and I did not like each other much, so I never got as far as investigating OS/2 native apps (tho I've got oddities in my collection like Partition Magic for OS/2, and the DeScribe word processor which got glowing reviews but sold so poorly that they resorted to giving it away). Compared to Win3.1x, Warp3 was a hog. On the same hardware, with the same app (WP6.1), WFWG sent a 300k document to the printer in about 30 seconds, without touching the swapfile. OS/2 ran up a 24 MEG swapfile (huh?!!), and 10 minutes later printed a couple pages, then crashed. Shortly thereafter it nuked itself for the 2nd time (there was a bug in shell-to-DOS that caused Warp3 to destroy critical system stuff), and I didn't feel like once again digging up page 180-something in the manual to recall the otherwise-undocumented fix. So it went away.

Yeah, I suppose the real limit for WP5.1 DOS is 2.1GB, at least on FAT16, tho since that's about twice the Encyclopaedia Britannica, I doubt it'll ever be an issue :) I remember that the max project size for Ventura Publisher 5.0 (1994ish) was documented as 1.2GB. But even old Ventura for DOS could always handle whopping huge files, on ancient hardware no less.

Actually, WordPerfect 5.1 supported up thru Word 5.5 format, and WPWin6.1 handled Word6 files. I had Winword6 and WPWin6.1 on WFWG at the time, and experimented a lot with converting complex files back and forth; the Word to WP conversion was less than stellar, probably because of Word's ugly (and at the time completely undocumented) internal file format. WP to Word went somewhat better, but anyone with a copy of WP can work out what the major codes mean just from "apply formatting, look at file with hex viewer, see change, that's the formatting code." -- There's really no excuse for how absolutely shitty WordXP is at importing WP documents, since WP's file format hasn't changed (it's still WP6.1 format by default); Word6 did a much better job!!

However, even tho WP6.1 format (via the DOS version, which uses the same file format as WPWin) had been out for an entire *year* when Word6 was released, M$ tried to avoid admitting it; you had to call M$ and whine to get the conversion filter.

WPWin5.1/2 were the same program with some interface tweaks. It was really just a shell around WP5.1 DOS.

WP started falling behind in the mass market not because of getting on the Windows boat about three ferries too late, but rather, somewhat earlier -- when WPCorp decided to stop giving free/1-800 tech support to all comers (registered user or not). They'd had a steady flow of upgrade buyers from people who warez'd WP5.1 then had good experiences with WP's tech support, but that died when they got hard-assed about only supporting registered copies. And that was really the beginning of the end.

At the time Winword was still very small potatoes with plenty of issues of its own, and WP could still have kicked their ass even coming as late to the party as they did. But between people still new to Windows being shellshocked by how bad WPCorp's WPWin6.0 was, followed by Novell's shit marketing (even tho Novell's WPWin6.1 was vastly improved, and really *very* good -- much better than Word6!) WP missed that boat too.

I kinda collect WP stuff. I think I have something like 19 different versions, from v4.x (including a version for SCO/Xenix) to v11. And a T-shirt. :)

WP, OS/2, and other ancient remedies

[Gr8Apes]

Oh boy. Where to start? :)

First a quick discussion of OSes. I ran NT/OS/2 since somewhere around 91. Don't recall the exact dates, so the entire issue of Windows hardware vs OS/2 hardware was irrelevant to me, other than OS/2 blew NT's socks off on the same hardware. I bet WFW did require less hardware than OS/2, then again, try running an SMTP gateway, FTP daemon, NNTP daemon, Telnet daemon, WordPerfect (DOS), and Cadkey on a WFW box concurrently. ;) Ran fine on a loaded 486.

Describe? You got that one? Cool. Been a while since I've even heard of that one. ClearLook kicked its butt in practice though (of course, imho only;). I too have some oddities in the old closet for OS/2, including 2.1, 2.3, 2.4, and Warp3 server (should be version 2.3 Server, but not sure):

• BackMaster
• Avarice
• Object Desktop (think WindowsBlinds 10 years earlier, and richer - Stardock rules!)
• Patrol
• Borland's C compiler
• Some collection of OS/2 games, includes things like a DigDug clone

Don't think I have ClearLook anymore, that probably got lost over the years, as well as my registered copy of Graham's utilities.

To me, what killed WP was that it completely sucked on windows, compared to Word, for 90% of the populace. They wanted simple WYSIWYG, Word gave it to them, WP was clunkier than crap, and unstable to boot (not that Word was all that stable either). Oh, and there was an extremely badly hacked port of WP5.2 to OS/2. It was so unstable, it actually occassionally forced a reboot of OS/2, something the emulated windows versions never managed to do.

I ran WP6.1 for a while, and it was much better for writing more desktop published type papers, but finally the inertia of the rest of the world forced us into Word. Shame really.

Re:WP, OS/2, and other ancient remedies

[Reziac]

Back in that era, I mostly ran DRDOS (well, NWDOS7), with WFWG when I needed multitasking. I have WP5.2 for OS/2 here somewhere, but never did more than admire the box as an oddity, since it fell on my head long after OS/2 got the heave-ho. The DeScribe CD is supposed to have versions for OS/2, Win16, Win32, and I forget what else on it, but I never got around to trying it out, as by then I no longer did much print-oriented writing and the need/motivation just weren't there any more.

WP5.1 DOS is still my everyday workhorse, with random versions of WPWin mainly for when I need fonts or am in a hurry on some complex layout (I have 8/9/10/11 installed on various machines, depending mostly on which was the most recent swapmeet fodder when I built a new box, tho I like WPWin8 best).

I never did NT4 or before, since by the time copies landed in my evergrowing pile of software kipple, I didn't see the point in backtracking to an OS less competent than Win9*/NT5+. Lately someone gift me with NT3.1!! [runs away screaming]

I managed to do without Word entirely all the way from Word6 up until this past year, but finally had too many yahoos send me Word docs at once, and I had the OXP CD already, so I held my nose and installed the nasty thing. It promptly disabled file import in WP10. (Seems this is a known issue, which will not be fixed; it has a page in the M$KB.) Which is why the XP box now has WP11. And why I can attest that OXP not only nukes "protected" system files even on XP, but also the damage cannot be fixed with Restore. You have to run SFC to fix it.

Re:WP, OS/2, and other ancient remedies

[Gr8Apes]

Due to work issues, we had to run something able to address more than 16MB of RAM. WFW and DOS just didn't cut it. (We were working with 100+MB data files, try opening one of those in Notepad or Word...;) OS/2 was just a heck of a lot more stable on EISA machines, as NT 3.5 had this nasty habit of being able to rewrite CMOS during driver installs. (I forget the exact combination of drivers needed, but it was tracked down to a default NT setting) If you've never rebuilt an EISA machine from 100% scratch, here's my advice, don't. I had to do it 5 times in 3 days (multiple machines, although this wasn't consistent, always a fun thing, as 4 boxes out of 7 did not fail, go figure).

So, having jumped shipped in about 96/97 when work forced Word DOC format as the standard. Office 97 broke all backwards compatibility, and this was during a huge upgrade across all of work, therefore 40-50% of the workforce got all these spiffy new machine with Word97 on them and started sending these nifty new non-comopatible files through their new Outlook email system, we had no choice. (See previously mentioned O97 breaking OS/2 compatibility via a nasty little hack, by asking for memory at the 2GB barrier. OS/2's VMs supported 512MB and therefore O97 would no longer run on OS/2. Otherwise, OS/2 might have taken away NT's sales.)

But all this reminiscing makes me think maybe I should load a copy of OS/2 on that spare 2.4GHz Celeron. Be interesting to see how a 10 yo OS compares to today's XP side by side. I wonder if Quake III will play on it, as it is OpenGL. Of course, there's the video driver issue. Maybe not. Guess the ole PPro is the only thing I have left that it will run reliably on, unless I grab a compatible graphics card from somewhere.

BTW, don't knock NT 3.1, it's the closest thing to a real OS MS ever sold. ;) That's before they fubar'd the entire graphics/IO architecture in NT 3.5, so that they could port apps to it more easily.

Re:WP, OS/2, and other ancient remedies

[Reziac]

Never had any EISA machines myself, tho I'd always heard "good for bus speed, but cranky as hell for anything else". And by the time I got around to upgrading from the (t)rusty old 286, EISA had faded into the hardware sunset. The fact that none have since come into my infamous Computer Closet is some indication that the hardware's survival rate was relatively poor (hence went into the trash rather than being given away). Your tale of woe tends to confirm this :(

All I ever heard about NT3.1 was sighs of relief from sysadmins escaping from it [g] WFWG can use up to 64mb RAM, however some EMM386 variants (NWDOS7's for one; bug is fixed in DRDOS7) won't let Win16 start with more than 32mb RAM. -- My WFWG setup, despite being maxed out (couldn't install anything else, as the then-limited registry was full) ran 100% stable for 7 years, working its little ass off; I could count its total crashes in all that time without taking off my shoes.

I know people who run WFWG on a P2 (everything happens RIGHT NOW!!) and Win98 on a top-end P4 (boots in 5 seconds flat and runs like magic). If you don't need a newer OS, those old OSs on new hardware are a joy to behold!

Personally, I wish M$ would have released XP as the naked OS (nothing but the OS, a basic browser fit for downloading a better one, DUN, a basic firewall, the admin tools, and the usual small utils that came with Win95) and put all the rest of the kitchen sink shit in a separate Plus Pack. They'd have sold more total copies (witness how well it worked with Win95 and its Plus Pack!), and XP wouldn't need such honkin' hardware to run smoothly, so more people could have upgraded without buying a whole new monkey -- and everybody woulda been happier (well, except the hardware dealers**). But noooo, marketing says you gotta make each iteration even shinier, or the plebes won't buy it!!

**From what I saw in newsgrope discussions, XP was designed to run specifically on Dell hardware, and if it ran on anything else, it was by sheer chance. Draw your own conclusions. :)

Re:WP, OS/2, and other ancient remedies

[Gr8Apes]

Actually, EISA machines, as servers, are still in the datacenters.... No one in their right mind would run one as a workstation, unless it came adequately prepped from the factory with everything you'd need forever. We had a need at the time to run them as workstations. They ran for us for 6 years, if I recall correctly. Not bad. The last time I touched an EISA machine was in 2001, having switched careers post that time.

WFW, if you got it stable and never upgraded, yes, it was rock solid. Otherwise, get your 18 disks out (still less than OS/2's 65+ floppies for the whole friggin thing, CDROMs were extremely necessary, but you only installed it twice, once to unlearn windows behavior, and then once for the rest of the hardware's lifespan.) I had 98 and ME running on P4s, and I wasn't really that impressed. Of course, they weren't naked OSes.

I concur with wishing XP had been a naked OS, with a separate plus pack. Matter of fact, #1 wish is that IE gets totally removed from the system and we get back the old explorer (stupid search utility is asinine these days, no wonder there's 30+ file search utilities for sale on tucows!) I'd almost say don't even bother with a browser, I'll get one myself, thank you very much. But then I thought, if I have only the new PC, how would I get said browser these days? Whoops! Maybe they'd ship it with Firefox? LOL!

I can say this about XP, runs fine on my home built PC, matter of fact, better than this Dell. So like all MS products, if the above statement is true, they succeeded with their usual competence. ;)

Re:WP, OS/2, and other ancient remedies

[Reziac]

The trick with WFWG was if you were going to install M$Office, do that FIRST, then install other stuff. Cuz M$O was horrible about clobbering .DLLs belonging to other apps. With that, and good video hardware/drivers, it was pretty damned steady. I've had clients who were so unused to a crash, that in the rare event, they'd call up in a panic, thinking their computer had died :) The only way to really FUBAR it, short of random deletia, was to uninstall crap that left halfbaked messes behind, and even then it could be fixed by hand without too much trouble. In those days the registry was very straightforward. My original WFWG was migrated across 2 partitions, 2 major upgrades, and 3 HDs without a reinstall.

I remember running the OS/2 CD to floppy util, all day long :) Finally decided this was for the birds, and dug up a CDROM for that box. This was back when a "multimedia kit" (CDROM + sound card) was serious bucks, so they weren't yet standard, let alone common as castoffs.

Oh yes, XP's lame-assed Search -- it's outright broken. I've sometimes had the file right there in front of me in Explorer, yet Search can't find it. A lot of XP's interface, including Search and Help, seem directly descended from the half-baked versions in WinME. Another stupid thing they did, in their quest to drive us all to web-access for everything [read: apps by subscription], was having half the Help be accessable only online, as microsoft.com URLs. Some of which were already dead links when WinME came out, let alone XP!!

I reached the "built for Dell" conclusion from following what did or didn't work, and why, in the XP ngs. (By now I don't recall specifically what.) What I meant was, AFAICT it was designed to be guaranteed to work on Dell hardware, and just hopefully would on other stuff. Of course, Dell is the largest OEM, and that's a big chunk of guaranteed income...

XP runs fine on my home-built box too (tho XP's native Matrox G200 driver is nowhere near as good as the one supplied by Win2K -- which offered every resolution you ever heard of, colour/gamma correction, and some other stuff), but I use very standard hardware. Still, I've had the thought that the new HAL is broken, given how herky jerky console windows are compared to W2K, and how poorly XP deals with hardware changes (tho some of that is probably the activation bullshit, even tho it's, um, neutered on my box). You can throw a whole new monkey at Win98/ME or W2K, and they will cope just fine (tho W2K can be stupid about endlessly trying to install drivers it doesn't have). XP can only deal with one hardware change at a time.

Come to think of it, I haven't checked in a while to see if XPLite has been released or not. I'd like to assault XP with that, get rid of all the crap, then build what's left back into a clean custom install for older hardware.

Re:WP, OS/2, and other ancient remedies

[Gr8Apes]

DLL hell, the memories. I now code in Java, but I do recall throwing out MS's advice on DLLs back in the day. Seemed incredibly stupid then to "add onto" system DLLs, or to co-locate DLLs with system DLLs. Shared DLLs always were local, especially after the VC 4 days, when it seemed a new version of MFC would come out about every other day.

Everything I coded always came as a group, and could be "installed" without an installer. I still don't know wtf is better about a "registry enabled" app vs a text/XML file with 5 entries in it - can't your app handle 5 entries? Most apps, contrary to popular belief, do not need to share their information with the OS or any other app. The best thing about that approach was you could move, copy, reconfigure, or delete the entire app by operating on a single directory. (Wait, I see it now, copy and delete was too easy!!!)

XP's GUI is probably starting to suffer from having too much crap loaded on top of an unstable base. It's been posted that Longhorn is totally redesigned from the ground up, and it would have to be, to support the new GUI functionality. W2K is fine, but games have issues running on those, as the vid/DirectX drivers don't seem as stable as those for XP. Since that no longer matters to me, I'm not all that concerned. It's one of the reasons I'm again exploring alternative OSes for my main desktop. My goal is to be MS free on my main desktop, and keep a "game" machine around for MS. Hardware really has gotten cheap lately, hasn't it? I even have 2 dual Sun Ultra 2s sitting upstairs... unused... Silly really. 5 years ago, I'd have given my right arm for just 1 box. Oh well.

Re:WP, OS/2, and other ancient remedies

[Reziac]

M$ changed their mind several times about shared DLLs... one minute it was "put 'em all in \system" and the next it was "keep 'em to yourself". IMO, if you need to share .DLLs with related apps, do your own directory tree like the Corel apps do, and put all your shared stuff THERE, not in \system! That way the worst that happens with a mismatch is that a single app gets FUBAR'd; it can't mangle the OS or any other apps.

If an app has system-wide uses (that is, it is called by or speaks to a bunch of other apps at need), then there's some logic to using the registry to keep 'em all on the same page, but for purely standalone apps, all they need is their legit file associations (and while we're there, let's not be grabbing filetypes that aren't unique to that app!!) and anything else can be an .INI file. I see nothing wrong with local config files!!

I've been dragging the same Netscape 3.04 install between various machines (from Win95 to XP) for years without ever bothering to reinstall it, and it still works just fine. If it needs a registry setting, it goes forth and creates it when it's needed rather than whining about its absence. It shares a cache and bookmark file with half a dozen other NS versions. (NS2.02, which I use for testing since it adequately emulates what WebTV displays, has also been unceremoniously dragged from one machine to the next, and it dates all the way back to WFWG.) Self-contained apps are a GOOD thing!!

I think the DirectX issue was more likely that there were several bad versions of DirectX in a row, and they happened to coincide with Win2K. I remember being surprised that some game installed a stable version of DX7, since that was supposed to be a really bad version. The current DX versions are supposed to be better.

I'm sure the core Windows under XP would be perfectly good if the GUI were stripped back down to a reasonable weight -- as it is, it lugs around more blubber than a sumo wrestler. I've noticed XP doesn't multitask as well as older Windows (neither did WinME, but I attribute that to IE5.5, which is hell on resource management). I can run way more crap at once on the old Win95 box than I can on any of the later ones, even tho it's a lowly P233 with a mere 128mb RAM.

Hardware *was* getting cheap, but as of the top-end P4, prices have pretty much stalled. But there hasn't been any new comsumer-level stuff to push 'em down yet, either. Memory prices are 3x what they were 3 years ago (then $51/gig). Of course, this still looks good compared to the $40/meg we were cheerfully paying 10 years ago :)

I keep hoping for a linux desktop I can migrate myself and my clients to, but until I can use random hardware and install any app I want the way I can with Windows, and without having to scour the world for MAN pages and configure weird and wonky Windows emulators, it ain't there yet. And speaking of overweight desktops..!! I was using a P200/192mb as a test box for middle-aged linux disties (various ones concurrent with MDK7) and it was *painfully* slow. Moved to a P3-450/256mb and now it's tolerable, but not crisp. :(

Re:WP, OS/2, and other ancient remedies

[Gr8Apes]

Hear, hear. I agree on DLLs 100%.

As for system wide uses, apps such as AV might have the need to add to an OS entry in the registry. Personally, I feel very strongly against keeping anything for other apps out in the registry. I actually have trouble thinking of an app that's not part of a suite (like Corel) that would require that.

That said, there is the process of registering COM objects, and that's probably done in the registry too nowadays - it's really been a while.... That's another story though.

As for XP, it multi-tasks fine. Then again, I don't run anything IE-wise except "explorer". Firefox for web browsing, Mozilla or Thunderbird (if I can get it to work reliably) for mail, and the rest is pretty much non-MS code. Office is probably the worst pig you can install on XP. It's almost like instantly downgrading your PC a couple of generations of CPUs. ;)

Hardware is dirt cheap. Get a dual Opteron with 6GB of RAM for under $2K!!! That's less than either of my first three machines, a 286, a Pentium 133, and a 180MHz PPro. That latter box was $3600 due to an incredible deal with a pricing mistake on Micron's part. A top end 800 FSB P4 (not extreme) costs about $1000 with 1GB RAM and a good video card. You can compare that with the dual opteron with 2GB RAM for $1200 (these were prices I looked at about 2 weeks ago) Oh, and that dual opteron will smoke a heck of a lot more than that P4... Try some comparisons with Sun boxes ;) Of course, it does matter what you run on it.

Linux does require you to be slightly choosy about hardware, and the latest and greatest hardware may not have Linux drivers, yet. I see this changing (optimistically hopefully) this year. If it does, that would spell serious trouble for MS.

Re:WP, OS/2, and other ancient remedies

[Reziac]

I still use FProt for DOS as my AV and do all my scanning manually (well, with some batch files). I use a braindead email client so the worst malware can do is waste a little disk space (go to gfi.com and use their nifty test suite of emails -- works once per email addy; my beloved old NS3 is 100% safe even for Stupid User Trix, and Moz is almost as good), I don't use IE/OE, and I follow the old DOS-era rule that "All files are infected until proven otherwise" :)

No, what I meant is that at least on a poor old P3-500/768mb, I can tell that XP does not multitask as smoothly as older Windows. It's not that it won't, it's that it seems to do a lot poorer at allocating CPU cycles sensibly. On a faster machine you might not notice.

I don't do OEM machines (unless they fall on my head), I build my own from scratch, and wind up with way more box for way less bucks. I'd like to have a shiny new P4 with shiny new trimmings, but can't really justify it (unless I got into processing video; the current machines can handle everything else I'm doing right now) nor truly afford it right now either.

Post-486 residents of the Infamous Computer Closet, mostly built from salvage:
http://home.earthlink.net/~rividh/pc/the _borg.htm

I know Intel is mucking about with dual-core and beyond, so maybe I'll just wait a bit regardless... :)

Even with the major linux desktops being 1) pigs, and 2) not all as usable as they could be, I think linux could have a significant if not killer marketshare if only it could eat any driver and any WinApp that were thrown at it. Come to be reminded of it, wasn't there a project to get WinDrivers usable as-is on linux systems??

M$ is structured such that the company can go FIVE YEARS without making a dime, and still not be in any real trouble, so the notion that anything will "kill M$" is just wishful thinking (if Apple couldn't when they had 20% of the market -- BTW Apple is down to 2.4% as of this week -- what makes anyone think linux, at under 1%, is a M$ killer? Internet servers are NOT the real business or user world.) And the death of M$ probably would NOT be a good thing from a standpoint of application usability -- remember how it was before Win32 pretty much standardized How Things Are Done WRT The UI? Before that, about all you could count on was that you'd have to learn everything all over again from one app to the next. Linux has *that* problem in spades as it is. IMO only having M$'s example to compete against has got the linux desktops to the point of being as usable as they are. Otherwise, UIs would be be every developer for himself, just like you see in any random sampling of FOSS apps.

Re:WP, OS/2, and other ancient remedies

[Gr8Apes]

Eek. DOS.

Well, I use Firefox now, wonderful browser. I cringe whenever some site forces me to use IE (not often, but it does occassionally happen)

Personally, I'm looking forward to a dual Opteron system. Something that can spank an 8-way RISC system for under $2K is definitely something I'd like. Right now though, I just cannot justify it. My machines, likewise, do everything I need. (BTW, a P4 system can be had for <$400 if you need to build from scratch, won't be the biggest or the baddest, but definitely doable, AMD is even cheaper)

As to MS, I cannot help but recall the days of DEC, IBM, or Netscape, or even the big 3 car makers for that matter. Just when you thought they owned the market... someone came along and yanked them. Some are no longer around. Others are transformed and coming back. In any case, the next couple of years will be very interesting to observe MS's actions. Things will happen.

Re:WP, OS/2, and other ancient remedies

[Reziac]

No system is complete without DOS :)

Actually, you can get a complete P4 for barely over $200, if you don't mind bottom-end parts. But if I'm actually paying money for new stuff... well, the Tyan motherboard I've been eyeing is about $150 all by itself!

IBM's heyday never really ended (I dearly wish I had back my IBM stock that we sold when everyone thought IBM's world was about to end). Netscape dug its own grave by failing to have a product in the pipeline when the market was ready for it, because of their *own* decision to scrap and rebuild right when the competition was ready to leap into the gap. DEC lacked any sense of vision in the real market. American auto makers failed to notice that fully-developed companies, who had the majority market in their home countries, ALREADY had come up to speed wrt what American consumers expect, and at that point it was merely a matter of importing goods that already had the majority share elsewhere, and the Big Three counting too much on brand loyalty instead of quality products. -- M$ isn't in any of those positions.

What I think *will* happen, once "Trusted Computing" is entrenched, is that computerdom (and the net) will become a land of Haves and Have Nots, with M$ and TC comprising the Haves camp (very much like how in much of the world when access was still limited, you either did AOL or did without an internet connection at all). :(

Re:WP, OS/2, and other ancient remedies

[Gr8Apes]

Still, DOS, urk! Seriously, haven't had a DOS based system since about 91. Haven't missed it either.

The P4 system I was thinking about for $400 included parts that won't smoke the second you turn it on ;) You might want to keep an eye on your local Fry's (if you have one) as they have weekly sales and sometimes put a rather decent motherboard comparable to a Tyan (once even a Tyan) paired with a P4 for $200.

Netscape helped dig its own grave, although MS's practice of bundling in no way helped their situation. I do not know that the outcome would have been any different had Netscape continued development with their existing code-base.

DEC was a victim of the "me too" philosophy. They saw a huge market opening, and wanted to participate, but came late to the party carrying nothing but a paper hat. You're correct, they certainly had no vision, but became followers in the biggest sense (this is in the software and services arenas). In hardware, they designed and built a great chip, and we're seeing the legacy of that chip now with the Opteron. HP must be hitting itself over the head over that "minor" mistake.

As for American auto makers, they designed and built huge crap cars (I owned and worked on many from the era right before the imports really started) and also several of the new imports. The US cars needed constant maintenance to run, were expensive, had absolutely crap gas mileage: an in-line 6 cylinder 250 cu in engine in a 2 ton car got around 6 mpg on a good day. The imports were crappy tin boxes, light, but the engines only required minor maintenance to run well over 100K miles while getting relatively good gas mileage to boot. The imports also didn't suffer from drive train problems, many were manuals, during that 100K+ miles. American cars generally lost a tranny by 80K, or, if automatic, and what wasn't in those days, slipped like mad. So, put all that together with the oil embargo and economy of 73-78, and there's no problem in seeing why the imports spanked domestics.

TC - another EEEEEK. But, like your analogy, I think an MS/TC Haves camp won't last, just like AOL didn't last. Last I heard, AOL's membership is dropping. Their move to "broadband" is hugely flawed, as they're using a proprietary PPoE solution not supported by routers, and thus people wanting to utilize a router for multiple computers or laptops wirelessly with their cable solution pretty much are SOL. Unless, of course, you pay AOL's $10 per additional computer per month charge. (or whatever ridiculous amount it was, since you didn't get a second connection, more bandwidth, or anything)

Oh, and that's provided an MS/TC thing ever happens. I'm not so sure it will, as TC is going to have some hurdles to overcome. Especially when it comes to custom software that's currently running in the business, and may not be TC friendly. Guess which product will get the boot?