This is edited to show my thinking while I was writing this.
All the data that Johnson was able to retrieve from un-allocated space came after that overwrite, he said.
Not even enough information in this quote to tell if he got the data from the overwritten part or a part that failed to be overwritten or even if the zero wipe even finished.
It is likely that whoever tried the wipe did it wrong both times. A "Gutmann wipe"? That just screams stupid.
******revisit the above quote and think about it more ******* Wait...what?
said he found 14 to 15 pages of chats in unallocated space on the hard drive
unallocated This is used more than once in the article. It's not a mistake.
Unallocated? That's a specific term in reference to partitioning. That means an "empty" space that's not available as a partition to read from or write to. It's unavailable to normal OS processes. He reformatted and reinstalled the OS. If he repartitioned too, it is likely he didn't set up the partitioning exactly the same way and wound up with a dead spot that was unallocated to any partitions. A zero wipe of free space is going to only write to the end of the partition and no further.
It's easy to have unallocated space. I've got some on this laptop because of partition boundaries not landing in neat areas.
You can run whatever regular wipe tool you want. If you tell it to wipe/dev/sda1, it's only going to wipe/dev/sda1. Whatever is on either side of that as unallocated space, doesn't get touched.
It overwrites the file multiple times if necessary before optionally deleting it. As far as I know, shred is part of standard Linux so you should have it too.
There is another tool you might like, and that's bcwipe.
It does shred, but it also wipes free space on currently mounted drives.
Jetico's bcwipe is open source and cost-free for *nix if you compile it yourself (it's *not* GPL or Free/Libre).
Forensic investigation of a computer includes a capture of the machine's memory,
But that doesn't mean you need to walk away with the whole machine. Unplugging it and carrying it out the door does nothing for preservation of data in DRAM, which needs power to refresh memory. You can yank the RAM out and put it in dry ice to keep things from discharging too quickly, but you are under a pretty strict clock to get the RAM unplugged and into the analysis machine on the crash cart. If you physically unplug the entire server and cart it out the door, you've lost whatever data that was in RAM by the time you reach the truck door.
Taking the entire server or rack of machines is nothing but intimidation.
makes it possible to look for deleted or over-written information that might not exist on a duplicated disk.
Deleted stuff is never erased, just marked as "free space" by the OS.
Overwritten data, these days, is unrecoverable, even if only overwritten once. There has not been a single criminal case that I can remember where data was overwritten and then recovered on modern drives. The standard of multiple overwrites for true erasure is from the days when disks were physically huge, and the recorded area was huge, and head alignment wasn't always the greatest thing in the world.
Actually not, the plan is to censor only those things that one segment of the population finds offensive, not everything that somebody finds offensive.
There are a lot of "one segments"
Meaning, everybody.
"It's a one time thing, it just happens a lot" - Suzanne Vega
Does anyone remember Aum Shirikyo and the Sarin gas attacks in Tokyo?
I do and the following scenario is related. I hinted at something in my other posts.
1. Plant sprayer 2. A certain chemical, that is relatively inexpensive and easy to synthesize (as far as dangerous chemicals go) that killed a researcher because a droplet penetrated her glove and caused her to die a horrific death. 3. An enclosed area 4. A salad bar 5. A rock concert 6. Anywhere people might gather.
7. and there is nothing you can do to stop this from happening should someone decide to try it, because it requires no special equipment, knowledge, or chemicals that are hard to acquire. It's *easier* than Sarin and just as deadly.
"Map data is also salted with fictional bits whose only purpose is to make it obvious when somebody has copied a map's data instead of independently doing the field work from scratch (or obtaining the data from another source), and to give the copyright holder the excuse it needs to sue the creator of the derived map."
That's not enough.
And that is not creative either. If you read the case I quoted, facts, as such, are not copyrightable. Ever. And "salted streets" are not creative.
It's the layout and artwork. It's the written descriptions. It's the artistic merit embedded in the work that makes it copyrightable.
Remember, you only need one trivial (but concrete) example of infringement to win in court,
Name a case in the US since the one I quoted. Name one.
SCO tried pointing to individual lines of code out of context (your "sentinel data" idea) as proof that Linux infringed on Unix, which they claimed to own, but didn't, and courts laughed at them.
I know of a civil engineer with a PE stamp and the whole nine yards, and while he can calculate the intersection of two logarithmic curves in his head, he doesn't have a whole lot of mechanical or common sense. And lawd knows he's impervious to practical advice.
Engineers who decide to go terrorist don't have a lot of common sense as explained in the article.
You need both common and mechanical sense to implement your evil plans. Otherwise you wind up setting your (or someone else's) underwear alight.
Compared to other things it is. Far more complicated. It's a lot more complicated than flying planes into buildings.
We're talking about people, who when they go through with their evil plans since then, light their shoes and underwear on fire. For these kinds of people, weaponizing a virus may as well have the same likelihood as you building a *successful* moon rocket in your back yard.
>ultra liberal
Yeah, I know which side of the street you came from. Go back to your freerepublic xenophobe echo chamber.
And you've been reading conspiracy websites if that's what you've been reading.
It is so far more difficult to weaponize Anthrax without the necessary knowledge *and* equipment that you're far better off trying to figure out, for example, how to synthesize certain organic compounds that cost 18-20 dollars/gram that only reveal themselves when it's too late and there's no trail to follow like with polonium, but have nearly as horrific effects on the human body.
"And if a terrorist group uses that research to kill thousands or millions? Will you still feel its justified?"
Fuck you and everyone like you.
Yes it's justified.
The benefits of scientific exchange by studying contagions outweigh whatever risks there are due to mythical terrorists behind every tree. Terrorists, I must add, who set fire to their shoes and underwear. We're not exactly talking about fucking genius. If they thought for one fucking second about what they were doing, they wouldn't try to fucking blow themselves up, would they?
People like you would drag us back to the fucking dark ages because "technology can be used by terrorists" and there would be no fucking benefit to anyone except your fucking megalomania.
There are far easier and effective ways of killing people than trying to weaponize a virus. Take your "doctor evil" bad movie script, print it out until it is all sharp corners, and shove it up your ass.
No. Sweat of the brow by sorting in chronological order is not copyrightable. Publishers do not own the alphabet. There is no creativity in sorting by alphabetical order.
The creation of an anthology, with artwork on the cover, typeset, illustrations, etc, *is* copyrightable because that is ipso facto "creative", but I can go and snag my own copy of an out-of-copyright anthology of Shakespeare's works and re-do it in my own way and copyright that, and another publisher like Penguin can't sue me.
You are correct, but it also means that those patents have to be valid.
Just because someone pays for a license fee doesn't mean the patent was valid in the first place. Remember that Microsoft and Sun both gave piles of money to SCO for "SCO Source licenses" when they already had licenses paid for in perpetuity (this was just a fig-leaf for champerty).
This is also why the astrology book company that was suing the owner of tzdata.dat also had no case and when confronted with ICANN taking over tzdata, they chickened out. Because it's one thing to sue someone who can't afford to even show up in court and another to sue someone who can defend themselves.
Feist Publications, Inc., v. Rural Telephone Service Co., 499 U.S. 340 (1991),[1] commonly called Feist v. Rural, is an important United States Supreme Court case establishing that information alone without a minimum of original creativity cannot be protected by copyright. In the case appealed, Feist had copied information from Rural's telephone listings to include in its own, after Rural had refused to license the information. Rural sued for copyright infringement. The Court ruled that information contained in Rural's phone directory was not copyrightable and that therefore no infringement existed.
1991. SCOTUS.
This is a rather famous case and anyone with even a passing familiarity with copyright should have read about this at least once.
A language is nothing but a listing of words and how they are used. It is a cataloging of facts.
Facts, as such, are not copyrightable. You can't copyright the listings in a phone book, and neither can you copyright the contents of a header file. Because there is no creative content, and as far as the US is concerned, "sweat of the brow" does not give you copyright.
This is why Oracle is not going after IBM for Iced Tea, because Oracle they know they have nothing and are afraid of what the Nazgul might do in retaliation.
"Contracts are what you use against parties you have relationships with." - Darl McBride June 2, 2003
Pet peeve: When searching for this quote, what is it with news organizations removing fucking publishing dates from articles? The time that something happened or someone said something is rather important sometimes.
Slashdot Mirror
This is edited to show my thinking while I was writing this.
All the data that Johnson was able to retrieve from un-allocated space came after that overwrite, he said.
Not even enough information in this quote to tell if he got the data from the overwritten part or a part that failed to be overwritten or even if the zero wipe even finished.
It is likely that whoever tried the wipe did it wrong both times. A "Gutmann wipe"? That just screams stupid.
******revisit the above quote and think about it more *******
Wait...what?
said he found 14 to 15 pages of chats in unallocated space on the hard drive
unallocated This is used more than once in the article. It's not a mistake.
Unallocated? That's a specific term in reference to partitioning. That means an "empty" space that's not available as a partition to read from or write to. It's unavailable to normal OS processes. He reformatted and reinstalled the OS. If he repartitioned too, it is likely he didn't set up the partitioning exactly the same way and wound up with a dead spot that was unallocated to any partitions. A zero wipe of free space is going to only write to the end of the partition and no further.
It's easy to have unallocated space. I've got some on this laptop because of partition boundaries not landing in neat areas.
You can run whatever regular wipe tool you want. If you tell it to wipe /dev/sda1, it's only going to wipe /dev/sda1. Whatever is on either side of that as unallocated space, doesn't get touched.
--
BMO
It overwrites the file multiple times if necessary before optionally deleting it. As far as I know, shred is part of standard Linux so you should have it too.
There is another tool you might like, and that's bcwipe.
It does shred, but it also wipes free space on currently mounted drives.
Jetico's bcwipe is open source and cost-free for *nix if you compile it yourself (it's *not* GPL or Free/Libre).
I like it. I use it often.
--
BMO
Forensic investigation of a computer includes a capture of the machine's memory,
But that doesn't mean you need to walk away with the whole machine. Unplugging it and carrying it out the door does nothing for preservation of data in DRAM, which needs power to refresh memory. You can yank the RAM out and put it in dry ice to keep things from discharging too quickly, but you are under a pretty strict clock to get the RAM unplugged and into the analysis machine on the crash cart. If you physically unplug the entire server and cart it out the door, you've lost whatever data that was in RAM by the time you reach the truck door.
Taking the entire server or rack of machines is nothing but intimidation.
--
BMO
10 ways cubed
That's only a thousand.
--
BMO
makes it possible to look for deleted or over-written information that might not exist on a duplicated disk.
Deleted stuff is never erased, just marked as "free space" by the OS.
Overwritten data, these days, is unrecoverable, even if only overwritten once. There has not been a single criminal case that I can remember where data was overwritten and then recovered on modern drives. The standard of multiple overwrites for true erasure is from the days when disks were physically huge, and the recorded area was huge, and head alignment wasn't always the greatest thing in the world.
Go read the epilogue to Peter Gutmann's paper
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
A simple dd of the original drives would have given investigators all the information that was available, including deleted files.
--
BMO
Actually not, the plan is to censor only those things that one segment of the population finds offensive, not everything that somebody finds offensive.
There are a lot of "one segments"
Meaning, everybody.
"It's a one time thing, it just happens a lot" - Suzanne Vega
--
BMO
If the plan is to censor everything that somebody, somewhere finds offensive then we might as well just pull the plug and be done with it.
That's probably the entire point. Free exchange of information is the enemy of the state.
--
BMO
Does anyone remember Aum Shirikyo and the Sarin gas attacks in Tokyo?
I do and the following scenario is related. I hinted at something in my other posts.
1. Plant sprayer
2. A certain chemical, that is relatively inexpensive and easy to synthesize (as far as dangerous chemicals go) that killed a researcher because a droplet penetrated her glove and caused her to die a horrific death.
3. An enclosed area
4. A salad bar
5. A rock concert
6. Anywhere people might gather.
7. and there is nothing you can do to stop this from happening should someone decide to try it, because it requires no special equipment, knowledge, or chemicals that are hard to acquire. It's *easier* than Sarin and just as deadly.
--
BMO
"Map data is also salted with fictional bits whose only purpose is to make it obvious when somebody has copied a map's data instead of independently doing the field work from scratch (or obtaining the data from another source), and to give the copyright holder the excuse it needs to sue the creator of the derived map."
That's not enough.
And that is not creative either. If you read the case I quoted, facts, as such, are not copyrightable. Ever. And "salted streets" are not creative.
It's the layout and artwork. It's the written descriptions. It's the artistic merit embedded in the work that makes it copyrightable.
Remember, you only need one trivial (but concrete) example of infringement to win in court,
Name a case in the US since the one I quoted. Name one.
SCO tried pointing to individual lines of code out of context (your "sentinel data" idea) as proof that Linux infringed on Unix, which they claimed to own, but didn't, and courts laughed at them.
--
BMO
They're not very good engineers are they?
I know of a civil engineer with a PE stamp and the whole nine yards, and while he can calculate the intersection of two logarithmic curves in his head, he doesn't have a whole lot of mechanical or common sense. And lawd knows he's impervious to practical advice.
Engineers who decide to go terrorist don't have a lot of common sense as explained in the article.
You need both common and mechanical sense to implement your evil plans. Otherwise you wind up setting your (or someone else's) underwear alight.
--
BMO
It's not difficult to make a virus.
Compared to other things it is. Far more complicated. It's a lot more complicated than flying planes into buildings.
We're talking about people, who when they go through with their evil plans since then, light their shoes and underwear on fire. For these kinds of people, weaponizing a virus may as well have the same likelihood as you building a *successful* moon rocket in your back yard.
>ultra liberal
Yeah, I know which side of the street you came from. Go back to your freerepublic xenophobe echo chamber.
--
BMO
Isn't the aggregation of tail the entire point?
--
BMO
And you've been reading conspiracy websites if that's what you've been reading.
It is so far more difficult to weaponize Anthrax without the necessary knowledge *and* equipment that you're far better off trying to figure out, for example, how to synthesize certain organic compounds that cost 18-20 dollars/gram that only reveal themselves when it's too late and there's no trail to follow like with polonium, but have nearly as horrific effects on the human body.
--
BMO
"I mean, take anything and there's always a malicious use for it"
The keyboard to an old IBM 5150 can be used to bludgeon someone to death.
--
BMO
>But biological/chemical stuff is cheap.
No, it's not. It's not because it's bloody difficult to get it to work effectively.
It's not like walking into Walgreens and walking out with the ingredients for meth.
--
BMO
"And if a terrorist group uses that research to kill thousands or millions? Will you still feel its justified?"
Fuck you and everyone like you.
Yes it's justified.
The benefits of scientific exchange by studying contagions outweigh whatever risks there are due to mythical terrorists behind every tree. Terrorists, I must add, who set fire to their shoes and underwear. We're not exactly talking about fucking genius. If they thought for one fucking second about what they were doing, they wouldn't try to fucking blow themselves up, would they?
People like you would drag us back to the fucking dark ages because "technology can be used by terrorists" and there would be no fucking benefit to anyone except your fucking megalomania.
There are far easier and effective ways of killing people than trying to weaponize a virus. Take your "doctor evil" bad movie script, print it out until it is all sharp corners, and shove it up your ass.
Go confiscate someone else's nail clippers.
--
BMO
Silly response first:
Shakespeare was a composer?
Serious response now.
No. Sweat of the brow by sorting in chronological order is not copyrightable. Publishers do not own the alphabet. There is no creativity in sorting by alphabetical order.
The creation of an anthology, with artwork on the cover, typeset, illustrations, etc, *is* copyrightable because that is ipso facto "creative", but I can go and snag my own copy of an out-of-copyright anthology of Shakespeare's works and re-do it in my own way and copyright that, and another publisher like Penguin can't sue me.
--
BMO
Aren't the locations and names of streets just facts?
Yes, and they are not copyrightable.
The *presentation* is copyrighted. The fact that you can't tell the difference between presentation and mere facts is telling.
--
BMO
You are correct, but it also means that those patents have to be valid.
Just because someone pays for a license fee doesn't mean the patent was valid in the first place. Remember that Microsoft and Sun both gave piles of money to SCO for "SCO Source licenses" when they already had licenses paid for in perpetuity (this was just a fig-leaf for champerty).
--
BMO
Follow-up
This is also why the astrology book company that was suing the owner of tzdata.dat also had no case and when confronted with ICANN taking over tzdata, they chickened out. Because it's one thing to sue someone who can't afford to even show up in court and another to sue someone who can defend themselves.
--
BMO
Sigh...
Feist Publications, Inc., v. Rural Telephone Service Co., 499 U.S. 340 (1991),[1] commonly called Feist v. Rural, is an important United States Supreme Court case establishing that information alone without a minimum of original creativity cannot be protected by copyright. In the case appealed, Feist had copied information from Rural's telephone listings to include in its own, after Rural had refused to license the information. Rural sued for copyright infringement. The Court ruled that information contained in Rural's phone directory was not copyrightable and that therefore no infringement existed.
1991. SCOTUS.
This is a rather famous case and anyone with even a passing familiarity with copyright should have read about this at least once.
Sorry to burst *your* bubble.
--
BMO
A language is nothing but a listing of words and how they are used. It is a cataloging of facts.
Facts, as such, are not copyrightable. You can't copyright the listings in a phone book, and neither can you copyright the contents of a header file. Because there is no creative content, and as far as the US is concerned, "sweat of the brow" does not give you copyright.
This is why Oracle is not going after IBM for Iced Tea, because Oracle they know they have nothing and are afraid of what the Nazgul might do in retaliation.
--
BMO
I prefer my IPA in a glass, frosted mug, or stein.
I think that using an IPA to determine whether to sue or not is a waste of good beer.
Thanks.
--
BMO
There are scumbags out there, bro.
"Contracts are what you use against parties you have relationships with." - Darl McBride June 2, 2003
Pet peeve: When searching for this quote, what is it with news organizations removing fucking publishing dates from articles? The time that something happened or someone said something is rather important sometimes.
Crikes.
--
BMO
Oh look, a shill post in the first message.
You're supposed to wait a bit so as to not be so obvious. /tip
--
BMO