It also adds a risk factor to the backup integrity.
fishbowl is absolutely correct. Encrypting backups significantly increases the chances of being unable to restore a tape when needed. Restores already fail quite frequently due to media problems, operator error, or software issues. Adding another risk to a restore is often a very difficult sell to management.
Laws like the California disclosure law will help make this an easier sell to management since under this law if the data's encrypted notification isn't necessary.
The backup need not be perfect from head to tail in order to restore, since most enterprise class backup systems encrypt/compress in large blocks rather than complete backups. You may lose a few hundred megs of your data, but not the whole backup. (However, often this is just as devastating as losing the whole thing.)
Without encryption/compression usually only the actual damaged tape blocks (a few kilobytes) are lost.
The biggest risk from encrypting is needing a restore and being unable to locate the decryption key. (I.e. several years have passed, company has changed hands several times, different backup system in use, admins safeguarded the keys a bit too well, etc.)
Yes, I am an Ameritrade customer, but haven't received a letter so I assume (!) that means I wasn't on that backup tape.
This may just mean that your address of record with Ameritrade isn't in California, currently the only state to require notification by law.
Ameritrade is doing the minimum that the law requires for them to do business in California.
As to "special hardware", this is hardly unusual. Most tapes are designed only for a small set of tape drives. However, unless it was encrypted by the backup program (highly unlikely since this devastates performance and increases the chances that a needed restore will fail) the data could be easily read.
With that said, in all likelihood it was misdirected to someone who has no clue what it was and promptly got tossed into a landfill.
Computer-as-appliance is a bit of an ideal that's still a long way off...maybe Mr Norman can pursuade me otherwise
For what it's worth, he hasn't convinced me that the appliance route is the solution to computer usablility problems either. However, his discussion of the problems with computer usability and the reasons behind them were a real eye-opener.
I can't foresee a time where general purpose computers don't require a degree of skill be acquired on the part of the operator.
I fully agree with you here, and in fact I'd even go one step further and say any general purpose tool is going to require a degree of skill on the part of the operator.
One of Mr. Norman's points is that the vast majority of people don't want a general purpose computer. Or from his activity-based point of view, they don't want to "compute"-- they want to write letters. They want to check the local news. They want to send/receive E-mail. Perhaps play a few simple games. They don't give a damn what goes on behind the scenes to make these things happen.
They don't want to select an ISP. They don't want to configure their computer's TCP/IP settings. They probably don't even want to know what their E-mail address is, so long as their friends can E-mail them easily.
The book is a quick read, and well worth the two days it might take to get through it.
Here's a Slashdot review on one of his other books:
But in your example, you're not actually trying to fly the plane.
Most people just now entering the market for computers aren't "trying to fly the plane", either. To continue the analogy, these people want to be passengers but are instead told they need to learn to be pilots.
This trend is not new to computers-- earlier this century the first radios required considerable setup and weeks to learn to use. The first phonographs were notoriously hard to use, again taking several weeks for smart folks to learn to use.
The only reason radios and record players (now CD players) are so widespread is their usage was simplified. The earliest ones even had two competing incompatible standards (Edison vs. Victor.) Sound familiar?
The book "The Invisible Computer" by Donald Norman goes into gory detail on why the continuing efforts to blame the users for failing to learn their equipment aren't going to work:
This doesn't mean that in the current state of things people should be lazy about their responsibilities with a networked computer-- e.g. not patching because "it's too hard" is a lame excuse.
If this is too hard, then disconnect from the network or find a computer/OS combination where it isn't too hard. If there is no such computer/OS combination, then start asking the manufacturers for one.
Well, for this situation finding a potential problem is easy: Port scan, security scanner. Two things that you should be doing on every network enabled device.
These would not have helped. There was no unusual port to be found via the portscanner-- the Arkeia client was listening on a documented port and since it was installed intentionally, this open port would be considered normal. The Nessus security scanner only looks for known vulnerabilities and again would not have helped here.
HD did an excellent job of following his curiosity and found a very interesting "feature" built into Arkeia.
I bet that Nessus will have a check for this soon enough.
If you've seen Michael Moore's "Fahrenheit 9/11", you'll have found out that Oregon's entire coastline is protected at most by about 8, that's eight, state troopers.
The Oregon State Police is charged primarily with traffic enforcement on state highways. Speeding on a narrow coastal highway covered in water, moss, and algae next to 500 foot drops over rocky cliffs into the ocean tends to be a self-correcting problem.
The MM half-truth is in implying that 8 State Troopers means 8 total police officers. In most rural Oregon counties, locally funded sheriff offices perform routine law enforcement.
CSI is laughable in how little it reflects reality. If you want a more relistic TV-based view on forensics, try the Discovery channel show "The New Detectives". It's still going to gloss over a LOT of details (it's TV) but rarely do they present something patently wrong as fact, as happens all the time on CSI.
For more info on CSI's lack of attention to detail try this site:
Wikipedia has the right basic structure but they need a rotating team of pro Guest Editors to go through and fact-check and then "lock" articles
This is exactly how I interpret a "fork" happening.
A new site would open, say "www.wikipedia-reviewed.com", which would take selected articles submitted by the unwashed masses and have experts fact-check them. Corrections and supporting material (references) would be put back into the original Wikipedia where (hopefully) they would remain until the next round of article polishing.
You actually can get free copies, or as near to it as makes no difference. For example, check out White Box Enterprise Linux. Totally legal, totally legit.
Another good, free, Open Source Red Hat Enterprise clone is CentOS. Unlike White Box (which is also good), they Have a Red Hat Enterprise version 2 clone as well as version 3.
When companies buy RHEL, what they really want (and get) is the ability to call up Red Hat and have useful discussions.
I agree with you on the "what they really want" part, but I sure don't "get" any useful discussions. This is one of the main reasons I found CentOS/White Box.:-(
Hibbert: Homer, I'm afraid you'll have to undergo a coronary bypass operation. Homer: Say it in English, Doc. Hibbert: You're going to need open heart surgery. Homer: Spare me your medical mumbo jumbo. Hibbert: We're going to cut you open and tinker with your ticker. Homer: Could you dumb it down a shade?
They're a 10 digit number emitted over RF at 13.57mhz. RFID ain't magic, it's just barcode over AM radio.
I'm glad someone else chimed in on this-- people seem to think that RFID is black magic that is inherently copy-proof. In fact, the opposite is true. There are readily-available RFID tags that are completely writeable with whatever data you want them to send. It's trivial to replicate the ID of any given tag.
As mentioned in the article, the real advantage is giving each bottle sent to the pharmacies a unique identifier. Any duplicate identifiers detected along the way will trigger an investigation.
The same thing could be done with unique barcodes.
The tools are nothing particularly complicated, generally a boot CD, a spare hard drive slightly larger than the original, and any reasonably modern PC are all you need. I've never seen anyone use a hardware-based disk copier, they all just use PCs with linux boot disks and "dd". Maybe I'm just seeing people with a lower budget...
Obfuscation and "plausible deniability". Every time a human rights organization actually manages to figure out what sweatshop is actually making (insert major fashion label here), the label acts all shocked, says "Gosh, we had NO idea, we have POLICIES to PREVENT this sort of thing, we TOLD them we didn't want them to use sweatshop labor, heads will ROLL!" So they simply find another company, in secret of course, and the whole thing repeats all over again.
Sadly, this happens in lots of other places as well. One that I'm quite familiar with are the US anti-corruption laws that make it illegal for a US company to offer bribes-- even when operating in a foreign country where such things are common, expected, and required in order to do business.
Now the way this is "supposed" to work is the US company refuses to offer bribes, accepts the penalties that will be applied by the corrupt government official, and eventually finds that they simply can't do business this way and pulls out. This deprives the corrupt government of the revenue/taxes/local employment of this US company and provides an incentive to clean up their act.
How it actually works is the US company hires local "consultants" to take care of things they know will require bribes (building permits, employment taxes, etc.), and the consultants pay all the bribes but charge the company for the cost of the bribes plus their "consulting fee". Not only is there no incentive to clean things up, this creates additional local employment for the corrupt government.
The more I learn about how the world works, the more bitter I get...:(
I use phishing techniques to get 419 scammers to give me their email password so i can shut them down
I wonder if anyone has thought about using a similar method to audit their own user base for inexperienced users who might fall for E-mail scams. I.e. send a message from a bogus domain registerred to "CompanyX Email Audits" requesting private data. Anyone who responds gets their account suspended until properly re-verified and a followup E-mail about how to avoid phishing attacks.:)
It might upset a few customers, but my guess is those customers might be a security liability that the company could live without...
How are we supposed to tell the difference between a legitimate email from a company and a phishing attempt when places like CapitalOne use skeezy companies like bfi0.com for sending email to their customers?
I realize your question was rhetorical-- there's no way to tell the difference between these "legitimate" off-domain links and phishing attacks based solely on the contents of the message.
What you can do is to call the help number for the company (CapitalOne in the above example) and explain that you received a "suspicious" E-mail and want to verify that it's legitimate. If they get and pay for enough of these calls (sadly, this is unlikely) they might think twice about outsourcing their hosting to another domain.
The Hole Hawg is a drill made by the Milwaukee Tool Company. If you look in a typical hardware store you may find smaller Milwaukee drills but not the Hole Hawg, which is too powerful and too expensive for homeowners. The Hole Hawg does not have the pistol-like design of a cheap homeowner's drill. It is a cube of solid metal with a handle sticking out of one face and a chuck mounted in another. The cube contains a disconcertingly potent electric motor.
During the Eighties I did some construction work. One day, another worker leaned a ladder against the outside of the building that we were putting up, climbed up to the second-story level, and used the Hole Hawg to drill a hole through the exterior wall. At some point, the drill bit caught in the wall. The Hole Hawg, following its one and only imperative, kept going. It spun the worker's body around like a rag doll, causing him to knock his own ladder down. Fortunately he kept his grip on the Hole Hawg, which remained lodged in the wall, and he simply dangled from it and shouted for help until someone came along and reinstated the ladder.
It's very, very difficult to have both the presence of mind and the physical strength to hang onto a powerful drill that's just flung you off your ladder. Kudos to that guy-- I wasn't so lucky.:)
Where my homeowner's drill had labored and whined to spin the huge bit around, and had stalled at the slightest obstruction, the Hole Hawg rotated with the stupid consistency of a spinning planet. When the hole saw seized up, the Hole Hawg spun itself and me around, and crushed one of my hands between the steel pipe handle and a joist, producing a few lacerations, each surrounded by a wide corona of deeply bruised flesh.... After a few such run-ins, when I got ready to use the Hole Hawg my heart actually began to pound with atavistic terror.
There never seemed to be a good happy medium between holding the drill tightly enough that when it hung up I had enough of a grip to let it grind through whatever was hanging it up and loosely enough that when it REALLY hung up I could abandon it without injury.
Slashdot Mirror
fishbowl is absolutely correct. Encrypting backups significantly increases the chances of being unable to restore a tape when needed. Restores already fail quite frequently due to media problems, operator error, or software issues. Adding another risk to a restore is often a very difficult sell to management.
Laws like the California disclosure law will help make this an easier sell to management since under this law if the data's encrypted notification isn't necessary.
The backup need not be perfect from head to tail in order to restore, since most enterprise class backup systems encrypt/compress in large blocks rather than complete backups. You may lose a few hundred megs of your data, but not the whole backup. (However, often this is just as devastating as losing the whole thing.)
Without encryption/compression usually only the actual damaged tape blocks (a few kilobytes) are lost.
The biggest risk from encrypting is needing a restore and being unable to locate the decryption key. (I.e. several years have passed, company has changed hands several times, different backup system in use, admins safeguarded the keys a bit too well, etc.)
This may just mean that your address of record with Ameritrade isn't in California, currently the only state to require notification by law.
Ameritrade is doing the minimum that the law requires for them to do business in California.
As to "special hardware", this is hardly unusual. Most tapes are designed only for a small set of tape drives. However, unless it was encrypted by the backup program (highly unlikely since this devastates performance and increases the chances that a needed restore will fail) the data could be easily read.
With that said, in all likelihood it was misdirected to someone who has no clue what it was and promptly got tossed into a landfill.
For what it's worth, he hasn't convinced me that the appliance route is the solution to computer usablility problems either. However, his discussion of the problems with computer usability and the reasons behind them were a real eye-opener.
I fully agree with you here, and in fact I'd even go one step further and say any general purpose tool is going to require a degree of skill on the part of the operator.
One of Mr. Norman's points is that the vast majority of people don't want a general purpose computer. Or from his activity-based point of view, they don't want to "compute"-- they want to write letters. They want to check the local news. They want to send/receive E-mail. Perhaps play a few simple games. They don't give a damn what goes on behind the scenes to make these things happen.
They don't want to select an ISP. They don't want to configure their computer's TCP/IP settings. They probably don't even want to know what their E-mail address is, so long as their friends can E-mail them easily.
The book is a quick read, and well worth the two days it might take to get through it.
Here's a Slashdot review on one of his other books:
http://books.slashdot.org/article.pl?sid=99/09/27
Most people just now entering the market for computers aren't "trying to fly the plane", either. To continue the analogy, these people want to be passengers but are instead told they need to learn to be pilots.
This trend is not new to computers-- earlier this century the first radios required considerable setup and weeks to learn to use. The first phonographs were notoriously hard to use, again taking several weeks for smart folks to learn to use.
The only reason radios and record players (now CD players) are so widespread is their usage was simplified. The earliest ones even had two competing incompatible standards (Edison vs. Victor.) Sound familiar?
The book "The Invisible Computer" by Donald Norman goes into gory detail on why the continuing efforts to blame the users for failing to learn their equipment aren't going to work:
http://en.wikipedia.org/wiki/Special:Booksources/
This doesn't mean that in the current state of things people should be lazy about their responsibilities with a networked computer-- e.g. not patching because "it's too hard" is a lame excuse.
If this is too hard, then disconnect from the network or find a computer/OS combination where it isn't too hard. If there is no such computer/OS combination, then start asking the manufacturers for one.
These would not have helped. There was no unusual port to be found via the portscanner-- the Arkeia client was listening on a documented port and since it was installed intentionally, this open port would be considered normal. The Nessus security scanner only looks for known vulnerabilities and again would not have helped here.
HD did an excellent job of following his curiosity and found a very interesting "feature" built into Arkeia.
I bet that Nessus will have a check for this soon enough.
The Oregon State Police is charged primarily with traffic enforcement on state highways. Speeding on a narrow coastal highway covered in water, moss, and algae next to 500 foot drops over rocky cliffs into the ocean tends to be a self-correcting problem.
The MM half-truth is in implying that 8 State Troopers means 8 total police officers. In most rural Oregon counties, locally funded sheriff offices perform routine law enforcement.
Yeah, I love that place.
CSI is laughable in how little it reflects reality. If you want a more relistic TV-based view on forensics, try the Discovery channel show "The New Detectives". It's still going to gloss over a LOT of details (it's TV) but rarely do they present something patently wrong as fact, as happens all the time on CSI.
3 131/csifacts.htm
For more info on CSI's lack of attention to detail try this site:
http://www.angelfire.com.nyud.net:8090/jazz/jboze
This is exactly how I interpret a "fork" happening.
A new site would open, say "www.wikipedia-reviewed.com", which would take selected articles submitted by the unwashed masses and have experts fact-check them. Corrections and supporting material (references) would be put back into the original Wikipedia where (hopefully) they would remain until the next round of article polishing.
Another good, free, Open Source Red Hat Enterprise clone is CentOS. Unlike White Box (which is also good), they Have a Red Hat Enterprise version 2 clone as well as version 3.
I agree with you on the "what they really want" part, but I sure don't "get" any useful discussions. This is one of the main reasons I found CentOS/White Box.
Hibbert: Homer, I'm afraid you'll have to undergo a coronary bypass operation.
v let/showid-146/epid-1355/
Homer: Say it in English, Doc.
Hibbert: You're going to need open heart surgery.
Homer: Spare me your medical mumbo jumbo.
Hibbert: We're going to cut you open and tinker with your ticker.
Homer: Could you dumb it down a shade?
http://www.tvtome.com/tvtome/servlet/GuidePageSer
Perhaps he already has his side job lined up and is looking to create some openings in the IT field...
Hmmm... let me fix that. *logs on to Wikipedia*
Done!
I think this old slashdot article is the one you mean:
/ 1327236
http://games.slashdot.org/article.pl?sid=04/06/10
It references this Slate article:
http://slate.msn.com/id/2102086
I initially read this as:
In addition, the Senate Judiciary Committee Sen. Orrin Hatch (R-Utah) will expire next year
I was getting pretty excited until I re-read the sentence properly. Darn!
I'm glad someone else chimed in on this-- people seem to think that RFID is black magic that is inherently copy-proof. In fact, the opposite is true. There are readily-available RFID tags that are completely writeable with whatever data you want them to send. It's trivial to replicate the ID of any given tag.
As mentioned in the article, the real advantage is giving each bottle sent to the pharmacies a unique identifier. Any duplicate identifiers detected along the way will trigger an investigation.
The same thing could be done with unique barcodes.
You should look and/or call around more. For example, Lego item 4496 is a 1000-piece bucket of nonspecialized blocks:
http://shop.lego.com/product.asp?p=4496 -- Lego info/purchase page
http://www.amazon.com/exec/obidos/tg/detail/-/B00
http://www.google.com/froogle?q=lego+4496&btnG=Se
http://stores.ebay.com/ibuyifdpriceisright_Lego-B
Hey, easy on the "wanker" comments.
Some common tools:
SANS offers a really nice class on computer forensics (track 8), if you have about $3000.00US lying around.
These tools work nicely on Linux, reiserfs, xfs, etc. in addition to the ubiquitous Win32 filesystems.
A good format for the permission in writing you need is here:
o rs/)
http://www.counterhack.net/permission_memo.html
Don't end up with a massive legal bill, and multiple felonies on your record like noted Perl author Randal Schwartz did:
http://www.lightlink.com/spacenka/fors/ (Cache: http://www.lightlink.com.nyud.net:8090/spacenka/f
It looks like the patterns made it into the Coral cache before Dremel melted:
/ tools/pumpkin_patterns.html
http://www.dremel.com.nyud.net:8090/html/products
Alas, not all of the actual PDFs seem to be cached, but some of them are.
Sadly, this happens in lots of other places as well. One that I'm quite familiar with are the US anti-corruption laws that make it illegal for a US company to offer bribes-- even when operating in a foreign country where such things are common, expected, and required in order to do business.
Now the way this is "supposed" to work is the US company refuses to offer bribes, accepts the penalties that will be applied by the corrupt government official, and eventually finds that they simply can't do business this way and pulls out. This deprives the corrupt government of the revenue/taxes/local employment of this US company and provides an incentive to clean up their act.
How it actually works is the US company hires local "consultants" to take care of things they know will require bribes (building permits, employment taxes, etc.), and the consultants pay all the bribes but charge the company for the cost of the bribes plus their "consulting fee". Not only is there no incentive to clean things up, this creates additional local employment for the corrupt government.
The more I learn about how the world works, the more bitter I get...
I wonder if anyone has thought about using a similar method to audit their own user base for inexperienced users who might fall for E-mail scams. I.e. send a message from a bogus domain registerred to "CompanyX Email Audits" requesting private data. Anyone who responds gets their account suspended until properly re-verified and a followup E-mail about how to avoid phishing attacks.
It might upset a few customers, but my guess is those customers might be a security liability that the company could live without...
I realize your question was rhetorical-- there's no way to tell the difference between these "legitimate" off-domain links and phishing attacks based solely on the contents of the message.
What you can do is to call the help number for the company (CapitalOne in the above example) and explain that you received a "suspicious" E-mail and want to verify that it's legitimate. If they get and pay for enough of these calls (sadly, this is unlikely) they might think twice about outsourcing their hosting to another domain.
Here's the whole (hole?) essay:
http://steve-parker.org/articles/others/stephenso
Some choice quotes:
It's very, very difficult to have both the presence of mind and the physical strength to hang onto a powerful drill that's just flung you off your ladder. Kudos to that guy-- I wasn't so lucky.
There never seemed to be a good happy medium between holding the drill tightly enough that when it hung up I had enough of a grip to let it grind through whatever was hanging it up and loosely enough that when it REALLY hung up I could abandon it without injury.
Apply appropriate Windows/UNIX metaphors.