A story of a snake-oil lock

2010 July 9
by Ilya

The office next door has a new electromagnetic lock installed. Well, a picture is worth a thousand words, so here it is (click to enlarge)

A snake-oil lock

Yes, you are getting it right: the electromagnetic unit is outside the door. The irony is that the company provides network & system security solutions for customers. And they do not see any problem here. That is an epic fail, isn’t it?

Reddit this / Add to del.icio.us / Digg this!

Re: Monkeys and Secure Erasure

2010 April 29
by Ilya

I have been asked few times about any good solutions for secure erasure of SSD/flash devices after the post about monkeys and secure erasue. Let me simply copy here one of my replies to answer all such questions:

  • There is a set of SE commands for ATA devices. Send these to the device and hope the firmware shall do the rest.

    Kiasu, you may first simply delete all files and fill the drive with a single huge file of 1’s before sending ATA SE commands. However, that wear levering thing makes this step a ’so-so’ useful. NTFS and small files makes it even less useful.

    Better yet simply use disk encryption.Then, whenever you want secure erase, just discard the encryption key and send ATA SE.

    For a cheap flash device - just shred it and get a new one :)

Reddit this / Add to del.icio.us / Digg this!

Monkeys and Secure Erasure

2010 April 13
by Ilya

Recently, whenever there is a discussion about secure erase of files on SSD/flash devices, I always think of the classic experiment from a psychology textbook. The one involves five monkeys in a cage and a banana.

In case, you have not heard about the experiment: it starts with five monkeys in a cage. A banana hung inside the cage with a ladder underneath. After a while, a monkey tries to climb the ladder to get the banana. As soon as he touches the ladder, all monkeys are sprayed with cold water. Another monkey tries to reach the banana with the same result. And so on, until the monkeys learn that the best way to stay dry is to prevent any monkey from attempting to reach the banana.

The next stage is to exclude cold water and replace one monkey with a new one. Of course, the new monkey tries to get the banana and the other monkeys attacked him to prevent that. After few attempts, the new monkey will learn that touching the ladder is bad.

Next, replace another of the original five monkeys with a new one. The newcomer goes to the ladder and is attacked by all the other monkeys, including the previous newcomer. Likewise, replace a third original monkey, then a fourth, then the fifth. Every time the newest monkey takes to the ladder, he is attacked.

After replacing the fifth monkey, none of the monkeys had ever been sprayed with cold water. They have no idea why they were not allowed to climb the ladder and get the banana. Still, no monkey ever again approaches the ladder to try for the banana. The reason is simple: as far as they knew, it was the way it had always been around here.

How is this relevant to secure erasure?

Well, most of so-called “security experts” are like that monkeys. They have no idea why exactly multi-pass overwrite procedures were introduced in a first place. They do not know the physics of the process. They could not tell the difference between magnetic storage media and SSD/flash devices. They have no clue about blocks randomization. They are unaware about the limited number of writes. Yet they bluntly recommend using the same multi-pass secure erase methods for SSD/flash, just because it was the way it had always been around here.

Reddit this / Add to del.icio.us / Digg this!

Send More Money 2.0

2010 March 18
by Ilya

So, you have mastered the classic Send More Money puzzle once, have you? Great. Let spice things up and bring the puzzle to a next level. How about the modern variant? Can you solve this one too?

apple ^ lolpig = google

upd: and yeah, the numbers are decimal, not binary :)

Reddit this / Add to del.icio.us / Digg this!

Google Chrootme

2009 November 10
by Ilya

I wonder what may explain Google Chrome behaves like a rootkit. Why on Earth a web browser need to mess-up with NtOpenProcessToken, NtOpenThreadTokenEx and stuff like that?

Google Chrome is rootkiting

Reddit this / Add to del.icio.us / Digg this!