Journaling filesystems in widespread use log filesystem metadata only, NOT actual file data. So if the OS has not flushed file data out of its cache, and you unplug the device, the file data itself could be in a bad state, though the filesystem structures should be okay or recoverable from the journal.
If you have no open files on the device, the chances of this are slim (esp as time passes)...but it's hard to know for sure when everything in the cache has been flushed to disk.
You would have to sync the filesystem before unplugging to be sure this wouldn't happen. But then, you might as well just inform the OS properly that you're about the remove the device:)
Try reading the article all the way to the end next time...
In one possible scenario, software owners would subscribe to an automated patch service. Those without a subscription would receive the patch through current means, but it would expose those users to greater risk. Subscribers would receive a predeployed, encrypted version of the patch. At a predetermined point, a decryption key would be passed to a patch installer on all subscribed systems. Since the size of the key is small compared to the patch itself, the key distribution could be considered nearly instantaneous, and all affected systems would have the patch installed simultaneously with the official release of the patch. By the time the code exploiter even begins to reverse-engineer the patch, most affected systems would be immune.
It seems like this could present some fairly serious problems. I'm curious what the effects would be of suddenly rendering the filesystem of a running system unreadable (because the user is out of range and the keys have been destroyed in memory). It would seem to be approximately equivalent to yanking the hard disk out of a running machine (electrical detail aside).
Does anyone have any details about this? Perhaps the encrypting filesystem layer it uses simply blocks on any fs API calls until the keys are re-established? Still seems like it could cause problems.
I've seen so many comments about mattress tags on this site...please please tell me I'm just missing some unfunny joke or something. You all _can_ read and see that it says "except by the consumer" right? And you realize that you are the consumer, right?
And if you're completely new to cryptography, definitely check out Cryptography Decrypted by H.X.Mel. His writing style is incredible...that book could teach public-key crypto to a monkey. Hmmm...now there's a thought...
Umm...except by using that same write capability to OVERwrite the log data. I don't see your point.
What you're suggesting would be drive whose contents could never be erased, a constraint that would have to be enforced by the disk controller. I'm not sure a device like that (write-once hard disk) would sell very well.
I work a few blocks away from where the train accident was. Yes, a freight train carrying HCl derailed on the 18th and caught fire (and burned for many days) in a tunnel under downtown Baltimore. A major water main break also resulted. A bunch of buildings were flooded, and it knocked out a few of WorldCom's fiber links. Here's the brief ZDNet story, if you're curious.
However, I must say we didn't see much internet slowness as a result of either.
Slashdot Mirror
Journaling filesystems in widespread use log filesystem metadata only, NOT actual file data. So if the OS has not flushed file data out of its cache, and you unplug the device, the file data itself could be in a bad state, though the filesystem structures should be okay or recoverable from the journal.
:)
If you have no open files on the device, the chances of this are slim (esp as time passes)...but it's hard to know for sure when everything in the cache has been flushed to disk.
You would have to sync the filesystem before unplugging to be sure this wouldn't happen. But then, you might as well just inform the OS properly that you're about the remove the device
It's an interesting thought at the very least.
Exactly, well put. I don't see how this is even a gray area for the courts, let alone tilted heavily in favor of the RIAA.
If a small percentage of people break the law, I call that a crime. If 93 million people break the law, I call that a revolution.
It seems like this could present some fairly serious problems. I'm curious what the effects would be of suddenly rendering the filesystem of a running system unreadable (because the user is out of range and the keys have been destroyed in memory). It would seem to be approximately equivalent to yanking the hard disk out of a running machine (electrical detail aside).
Does anyone have any details about this? Perhaps the encrypting filesystem layer it uses simply blocks on any fs API calls until the keys are re-established? Still seems like it could cause problems.
Man, NOBODY will buy a stolen laptop if all the previous owner's data is encrypted!
I've seen so many comments about mattress tags on this site...please please tell me I'm just missing some unfunny joke or something. You all _can_ read and see that it says "except by the consumer" right? And you realize that you are the consumer, right?
And if you're completely new to cryptography, definitely check out Cryptography Decrypted by H.X.Mel. His writing style is incredible...that book could teach public-key crypto to a monkey. Hmmm...now there's a thought...
Effective C++ and More Effective C++, by Scott Meyers
Umm...except by using that same write capability to OVERwrite the log data. I don't see your point.
What you're suggesting would be drive whose contents could never be erased, a constraint that would have to be enforced by the disk controller. I'm not sure a device like that (write-once hard disk) would sell very well.
I work a few blocks away from where the train accident was. Yes, a freight train carrying HCl derailed on the 18th and caught fire (and burned for many days) in a tunnel under downtown Baltimore. A major water main break also resulted. A bunch of buildings were flooded, and it knocked out a few of WorldCom's fiber links. Here's the brief ZDNet story, if you're curious.
However, I must say we didn't see much internet slowness as a result of either.