OK, the paper is "Secure Deletion of Data from Magnetic and Solid-State Memory" by Peter Gutmann of the Dept. of Comp. Sci. at the University of Auckland.
If it's flash, assuming they are erasing it, I doubt it's possible.
Well, I don't know how much time is a factor, but I have a nifty little paper at work that describes how it's POSSIBLE to recover previous bit states off of both magnetic and electronic memory (i.e. disks and flash). When I get back to work, I'll post the title and/or link for it.
What frightened me about the paper is that, while the equipment to do so is costly, the physical techniques for doing it are known.
There was just an program on the Weather Channel about 2-3 weeks ago about the hurricanes. They stated that the last few years' worth of hurricanes were LIGHT compared to the average. If you go back over the time people have been tracking such things (ahem, BEFORE the time that "global warming" was a tree-huggers whine), they said, you'll find that the average hurricane season is more than we've been getting lately, and it's expected.
Interestingly enough, there was a sci-fi book years ago that had this concept as an important detail. The book is called Superluminal and the author is Vonda K. McIntyre.
The book is about faster than light travel through other dimensions beyond the 4th. The pilots of the ships had their hearts removed and replaced with pumps that the pilot could control through biofeedback to allow them to control their bodies more closely through the stresses of superluminal travel.
And, anyway, what on earth was this cop going to do with an ID, had he been presented one? What difference could it have made?
Let's set aside the identities of the people involved in this case and look at the circumstances instead.
The officer has **suspicion and probable cause** that something amiss is going on. If he can determine who the person is by looking at legal ID (granted they can be faked) and run a check on the driver's license and name, and finds out that the guy is wanted for murder, the guy can be taken off the streets. The officer protects himself and apprehends someone with a warrant out against him.
Try to not look at it from the point of view of what we already know (or think we know) and look at it from the point of view of the cop who shows up on what he *believes to be* a domestic battery charge. Generally, domestic battery situations are highly emotionally charged and frequently more than a little dangerous for the cops. If you want a kind of lame example of this, watch Cops a few times.
I've said it before, I'll say it again: the cop, if he thought Hiibel was drinking, should have approached Hiibel DIFFERENTLY. I agree, he screwed up. But take the screwup out of the story a bit and look at how any officer might decide he needed to protect himself a bit in a similar situation.
And I do believe you're correct about the precedent issue.
I revise my earlier comment about the importance of the case from the general point of view. I don't think a police officer has the right to request an identification at any old time, for no reason.
However, I still maintain my earlier belief that in this case, the officer was justified.
I hope the USSC uses this as an opportunity to reaffirm the Fourth Amendment while at the same time pointing out that in this particular case, no Fourth Amendment violations occurred.
If you read the brief the Solicitor General filed with the USSC, you'll see that the arresting deputy noted his suspicions that Hiibel was drunk.
I agree with whoever posted that the officer should have first asked the guy's name, and not gone into a confrontation over the ID unless he had suspicion that he was lying.
OK, the officer started off acting irresponsibly. You don't approach drunks antagonistically. You approach them gently so they think there isn't a threat. Then you lead them through.
But this suit is nuts. The guy screwed up in refusing to offer his ID, even as the officer was wrong in his actions.
But, this should be a CIVIL case in a local court over the way the police assaulted the daughter, not a case over whether or not it's reasonable for the officer to have asked for some kind of identification in order to assess whether or not there was any kind of elevated danger presented by this guy.
The web site makes him out to be some nice old fart just having a simple argument with his daughter. They don't mention the suspicion of drinking.
And for those/.'ers who think this is a slipper slope, come on! Yeah, the Nazis did a LOT of nasty things to a LOT of people. You are attempting to make a connection between what happened here and a Nazi soldier breaking into someone's house at 2:30am demanding to see papers. It's just not there, folks.
Yes, there's a lot of injustice in the world. Personally, I think both police officers should be fired with prejudice for the way they handled things. But my reading of this indicates Hiibels screwed up, too, and he's far from the innocent country bumpkin the website seems to make him.
I'm going to beat on the conspiracy drum just a little bit... I think so far all the comments I've read missed this little tidbit:
Given the source, and given their manpower, and given all the recent news in security forums about how full of holes Windows is... if *you* got access to the source of the OS that the U.S. Federal Government is using, wouldn't YOU be spending every waking moment of all YOUR software hackers trying to find ways to exploit vulnerabilities in Windows? It would not take more than a few infected computers and poof! there go parts of the U.S. Government... and the British and any other country fool enough to trust Microsoft "security."
Admittedly, they have a tough job ahead of them, since nothing like the security they need has ever been seen on such a scale before in all of human histor... oh wait a minute, I forgot about the BSDs... whoops! Sorry about that! (Yes, I know they've got their holes, too, but those holes are much fewer and far between!)
Given the sheer numbers of the computers that have Windows on them that the government uses, the probability that *all* of them are secure and protected from attack via an email or a web viewing with IE is absolutely zero.
I know this *sounds* a bit kooky... but it's also realistic enough to be believable.
I read the article and noted that other governments are also talking with Microsoft... but China appears that it's going to be the first, and this concerns me.
Because with the same tools and commands they can verify that a HUGE percentage of the generated code (all of the text, some of the data might be different, like embedded strings) would be the same. That would be easy to verify if you had a couple thousand programmers forced at gunpoint to compare bytes.
And I'd like to know how many software engineers in the "rest of the world" actually use those as opposed to those who use the "standard" reckoning of 1K = 1024.
Don't get me wrong; I don't think the suit has a snowball's chance in hell of getting passed any preliminary hearings. The concept that K=1000 is MUCH older than the concept that K=1024.
But people that work on computers know the difference, and we're probably about the only ones who give a damn about this stuff.
Well, I had just read the post someone made about something happening in France, where the guy found out that someone had opened lots of accounts in the guy's own name. Wouldn't *THAT* be nice... someone steals your identity to hide income so that they don't have to report it, and that you would, and then you find out about it and then take the money!:-)
Yeah, I'm sure you're right... but wouldn't it be wonderful if they *were* that stupid?
What if, upon finding accounts in your name that weren't yours, with hefty balances, you simply took the money out and closed the accounts?
Sure, the guy'd probably come after you for "his" money when he figured it out, but you could report the identity theft and tell the government "an eye for an eye" and they'd let you keep the money, right?
Did you even read the article? He specifically mentions that figure.
It comes from his ability to gather X number of names, and each name has an estimated rip-off values (as computed by the U.S. Secret Service) of $217,000 (which was an average computed from a sample of identity thefts in one study).
They may in the sort term. But some bright boy is going to set up a class action lawsuit once he figures out he's been had (usually after an audit). They're gonna pay in the long run.
Maybe we should be watching the airports for McBride and company??
What's the average user going to be able to do to fight spam this way? Nothing.
Unless you're an ISP, for the most part, you're not going to have an MX record pointing to your machine.
So the spammer isn't going to be "attacking" you with his spam directly.
And I have a feeling that, as much as I love the idea of holding open all the outbound connections from a spammer so that he can't do anything (like setting the window to 1 byte and then holding the acks for a long time), I doubt many ISPs are going to be willing to do that.
Slashdot Mirror
OK, the paper is "Secure Deletion of Data from Magnetic and Solid-State Memory" by Peter Gutmann of the Dept. of Comp. Sci. at the University of Auckland.
d ings/sec96/full_papers/gutmann/
I found it on www.usenix.org: http://www.usenix.org/publications/library/procee
Hope this helps/is interesting.
If it's flash, assuming they are erasing it, I doubt it's possible.
Well, I don't know how much time is a factor, but I have a nifty little paper at work that describes how it's POSSIBLE to recover previous bit states off of both magnetic and electronic memory (i.e. disks and flash). When I get back to work, I'll post the title and/or link for it.
What frightened me about the paper is that, while the equipment to do so is costly, the physical techniques for doing it are known.
More later.
If I set it to -1, does it eat up IE?
These people are hilarious.
There was just an program on the Weather Channel
about 2-3 weeks ago about the hurricanes.
They stated that the last few years' worth of
hurricanes were LIGHT compared to the average.
If you go back over the time people have been tracking such things (ahem, BEFORE the time that
"global warming" was a tree-huggers whine), they
said, you'll find that the average hurricane
season is more than we've been getting lately,
and it's expected.
Interestingly enough, there was a sci-fi book years ago that had this concept as an important detail. The book is called Superluminal and the author is Vonda K. McIntyre.
The book is about faster than light travel through other dimensions beyond the 4th. The pilots of the ships had their hearts removed and replaced with pumps that the pilot could control through biofeedback to allow them to control their bodies more closely through the stresses of superluminal travel.
Read my other follow-up comment.
And, anyway, what on earth was this cop going to do with an ID, had he been presented one? What difference could it have made?
Let's set aside the identities of the people involved in this case and look at the circumstances instead.
The officer has **suspicion and probable cause** that something amiss is going on. If he can determine who the person is by looking at legal ID (granted they can be faked) and run a check on the driver's license and name, and finds out that the guy is wanted for murder, the guy can be taken off the streets. The officer protects himself and apprehends someone with a warrant out against him.
Try to not look at it from the point of view of what we already know (or think we know) and look at it from the point of view of the cop who shows up on what he *believes to be* a domestic battery charge. Generally, domestic battery situations are highly emotionally charged and frequently more than a little dangerous for the cops. If you want a kind of lame example of this, watch Cops a few times.
I've said it before, I'll say it again: the cop, if he thought Hiibel was drinking, should have approached Hiibel DIFFERENTLY. I agree, he screwed up. But take the screwup out of the story a bit and look at how any officer might decide he needed to protect himself a bit in a similar situation.
And I do believe you're correct about the precedent issue.
I revise my earlier comment about the importance of the case from the general point of view. I don't think a police officer has the right to request an identification at any old time, for no reason.
However, I still maintain my earlier belief that in this case, the officer was justified.
I hope the USSC uses this as an opportunity to reaffirm the Fourth Amendment while at the same time pointing out that in this particular case, no Fourth Amendment violations occurred.
If you read the brief the Solicitor General filed with the USSC, you'll see that the arresting deputy noted his suspicions that Hiibel was drunk.
/.'ers who think this is a slipper slope, come on! Yeah, the Nazis did a LOT of nasty things to a LOT of people. You are attempting to make a connection between what happened here and a Nazi soldier breaking into someone's house at 2:30am demanding to see papers. It's just not there, folks.
I agree with whoever posted that the officer should have first asked the guy's name, and not gone into a confrontation over the ID unless he had suspicion that he was lying.
OK, the officer started off acting irresponsibly. You don't approach drunks antagonistically. You approach them gently so they think there isn't a threat. Then you lead them through.
But this suit is nuts. The guy screwed up in refusing to offer his ID, even as the officer was wrong in his actions.
But, this should be a CIVIL case in a local court over the way the police assaulted the daughter, not a case over whether or not it's reasonable for the officer to have asked for some kind of identification in order to assess whether or not there was any kind of elevated danger presented by this guy.
The web site makes him out to be some nice old fart just having a simple argument with his daughter. They don't mention the suspicion of drinking.
And for those
Yes, there's a lot of injustice in the world. Personally, I think both police officers should be fired with prejudice for the way they handled things. But my reading of this indicates Hiibels screwed up, too, and he's far from the innocent country bumpkin the website seems to make him.
Look, Dr Wolfram, that's all very nice.
But when you post on slashdot, would you please use your real name?
kthx
Yes, it's still going... not very strongly, but the continuum and psychos servers usually have games every night.
I don't play paradise. I don't know of any servers any more.
I play a lot of netrek, and do some bittorrent stuff too.
:)
What region of the world do you live?
I sure hope it's not the midwest U.S.
Oh, that is a SCREAM!
Both.
I'm going to beat on the conspiracy drum just a little bit... I think so far all the comments I've read missed this little tidbit:
Given the source, and given their manpower, and given all the recent news in security forums about how full of holes Windows is... if *you* got access to the source of the OS that the U.S. Federal Government is using, wouldn't YOU be spending every waking moment of all YOUR software hackers trying to find ways to exploit vulnerabilities in Windows? It would not take more than a few infected computers and poof! there go parts of the U.S. Government... and the British and any other country fool enough to trust Microsoft "security."
Admittedly, they have a tough job ahead of them, since nothing like the security they need has ever been seen on such a scale before in all of human histor... oh wait a minute, I forgot about the BSDs... whoops! Sorry about that! (Yes, I know they've got their holes, too, but those holes are much fewer and far between!)
Given the sheer numbers of the computers that have Windows on them that the government uses, the probability that *all* of them are secure and protected from attack via an email or a web viewing with IE is absolutely zero.
I know this *sounds* a bit kooky... but it's also realistic enough to be believable.
I read the article and noted that other governments are also talking with Microsoft... but China appears that it's going to be the first, and this concerns me.
Because with the same tools and commands they can verify that a HUGE percentage of the generated code (all of the text, some of the data might be different, like embedded strings) would be the same. That would be easy to verify if you had a couple thousand programmers forced at gunpoint to compare bytes.
And I'd like to know how many software engineers in the "rest of the world" actually use those as opposed to those who use the "standard" reckoning of 1K = 1024.
Don't get me wrong; I don't think the suit has a snowball's chance in hell of getting passed any preliminary hearings. The concept that K=1000 is MUCH older than the concept that K=1024.
But people that work on computers know the difference, and we're probably about the only ones who give a damn about this stuff.
Well, I had just read the post someone made about something happening in France, where the guy found out that someone had opened lots of accounts in the guy's own name. Wouldn't *THAT* be nice... someone steals your identity to hide income so that they don't have to report it, and that you would, and then you find out about it and then take the money! :-)
Yeah, I'm sure you're right... but wouldn't it be wonderful if they *were* that stupid?
ROFLMAO... yeah, you're right. I missed that totally and completely.
:)
I guess I should have RTFAC (carefully)
It would be bad, but what if...?
:)
What if, upon finding accounts in your name that weren't yours, with hefty balances, you simply took the money out and closed the accounts?
Sure, the guy'd probably come after you for "his" money when he figured it out, but you could report the identity theft and tell the government "an eye for an eye" and they'd let you keep the money, right?
Riiiiiiiight
Did you even read the article? He specifically mentions that figure.
It comes from his ability to gather X number of names, and each name has an estimated rip-off values (as computed by the U.S. Secret Service) of $217,000 (which was an average computed from a sample of identity thefts in one study).
Next time, RTFA.
The postage alone will kill you. :)
They may in the sort term. But some bright boy is going to set up a class action lawsuit once he figures out he's been had (usually after an audit). They're gonna pay in the long run.
Maybe we should be watching the airports for McBride and company??
People are actually BUYING this STOCK!
The insiders must have buyers to whom to sell their stock. The question is WHO in their RIGHT MIND would even CONSIDER buying this stock??
What's the average user going to be able to do to fight spam this way? Nothing.
Unless you're an ISP, for the most part, you're not going to have an MX record pointing to your machine.
So the spammer isn't going to be "attacking" you with his spam directly.
And I have a feeling that, as much as I love the idea of holding open all the outbound connections from a spammer so that he can't do anything (like setting the window to 1 byte and then holding the acks for a long time), I doubt many ISPs are going to be willing to do that.
Well, it actually **IS** "about" a 17" monitor. :)