Topic Actions

Topic Search

Who is online

Users browsing this forum: Mycall4me, phillies and 45 guests

Hacking 2000 years from now...

Join us in talking discussing all things Honor, including (but not limited to) tactics, favorite characters, and book discussions.
Re: Hacking 2000 years from now...
Post by Jonathan_S   » Mon Oct 17, 2016 8:10 am

Jonathan_S
Fleet Admiral

Posts: 8269
Joined: Fri Jun 24, 2011 2:01 pm
Location: Virginia, USA

The E wrote:This is highly unlikely. A secure storage system would start with full drive encryption, and when the drive gets decommissioned, it gets overwritten several times with random data. At the end of that whole process, whatever remains on the drive platters is unrecoverable.

And this doesn't cover the increasingly popular and increasingly cheap solid state drive tech: It's already much harder to recover data from these as it is, add drive encryption on top, and all you're getting back is randomness.
Though those have new deletion plobslems because of the wear leveling firmware. There's always a chance that the information you most want to erase got left
Now you've basically got to pull the chops out and read them directly; bypassing the drive firmware so is non trivial. But it's a risk because you don't have direct control over whether any given area actually get overwritten or not.

You really need the drive firmware itself offers a secure wipe routine which ignores the normal wear leveling and actually writes to each cell. Or you need physical destruction of the storage chips.
Top
Re: Hacking 2000 years from now...
Post by aairfccha   » Mon Oct 17, 2016 1:05 pm

aairfccha
Commander

Posts: 206
Joined: Tue Apr 08, 2014 4:03 pm

Jonathan_S wrote:You really need the drive firmware itself offers a secure wipe routine which ignores the normal wear leveling and actually writes to each cell. Or you need physical destruction of the storage chips.


That's what ATA secure erase is meant for.
Top
Re: Hacking 2000 years from now...
Post by Jonathan_S   » Mon Oct 17, 2016 3:00 pm

Jonathan_S
Fleet Admiral

Posts: 8269
Joined: Fri Jun 24, 2011 2:01 pm
Location: Virginia, USA

aairfccha wrote:
Jonathan_S wrote:You really need the drive firmware itself offers a secure wipe routine which ignores the normal wear leveling and actually writes to each cell. Or you need physical destruction of the storage chips.


That's what ATA secure erase is meant for.
True. You just have to hope that the vendor did a good job implementing it.

Where SSD are more problematic is when you're trying to do targeted secure erasure - such as erasing some cryptographic keys without wiping the whole drive.
Top
Re: Hacking 2000 years from now...
Post by cthia   » Mon Oct 17, 2016 3:35 pm

cthia
Fleet Admiral

Posts: 14951
Joined: Thu Jan 23, 2014 1:10 pm

Guys. I've been talking about Linux until I'm blue in the face. You can wipe a hard drive with the better schemes. Especially overwriting with actual garbage data, and not just binary digits. Then wipes. Several layers makes it quite difficult to recover. Automatically set and forget.

At any rate, this discussion is barking up Linux' tree. Some of the best forensics software is available for free. The CIA and FBI both use it. Police departments and other government agencies to boot. And major businesses too. It was even featured on an episode of CSI with Abbey. You can play with the tools yourself and see exactly what its effectiveness is.

You don't have to install Linux as your main OS to use its tools. You don't have to install Linux at all.

The forensics tools will run on a live CD. I keep several. They're my monkey wrenches!

The SANS Investigative Forensic Toolkit ("SIFT") is a computer forensics VMware appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with expert witness format (E01), advanced forensic format (AFF), and raw (dd) evidence formats. The new version has been completely rebuilt on an Ubuntu base with many additional tools and capabilities that can match any modern forensic tool suite.

All for free. That is the advantage of an open source system. The entire world of professionals write cutting-edge software for it. It is a collaboration of knowledge across the globe. It matures quickly. ALL FREE!

Why reinvent the wheel?

It's a completely free full forensics workstation!

If you want to play state of the art games, Linux isn't the OS. Forensics? I'm your OS.

Did I say free?

This Live CD will allow you to repair Windows. To remove virus infected files from the Live CD.

Did I say Free?

Edit:

This also installs on a bootable USB.

Other forensic systems:
https://en.wikipedia.org/wiki/List_of_d ... sics_tools

If you haven't played with any of them, you should.

Son, your mother says I have to hang you. Personally I don't think this is a capital offense. But if I don't hang you, she's gonna hang me and frankly, I'm not the one in trouble. —cthia's father. Incident in ? Axiom of Common Sense
Top
Re: Hacking 2000 years from now...
Post by cthia   » Mon Oct 17, 2016 4:43 pm

cthia
Fleet Admiral

Posts: 14951
Joined: Thu Jan 23, 2014 1:10 pm

I should have linked to a free download of the SIFT workstation system. Though completely free, it's a whopping 2.4GB download.

http://digital-forensics.sans.org/community/downloads/

It has so many tools it borders on overkill and might overwhelm many. You may be able to find tools to examine your nasal passage or any other orifice.

Again, this can all be installed to a bootable USB device

or

Live CD.

Son, your mother says I have to hang you. Personally I don't think this is a capital offense. But if I don't hang you, she's gonna hang me and frankly, I'm not the one in trouble. —cthia's father. Incident in ? Axiom of Common Sense
Top
Re: Hacking 2000 years from now...
Post by Annachie   » Sun Oct 23, 2016 7:27 am

Annachie
Fleet Admiral

Posts: 3099
Joined: Fri Jun 17, 2011 7:36 pm

NCIS, not CSI.

Easy enough to confuse the acronyms.

Sent from my SM-G920I using Tapatalk
~~~~~~~~~~~~~~~~~~
You are so going to die. :p ~~~~ runsforcelery
~~~~~~~~~~~~~~~~~~~
still not dead. :)
Top
Re: Hacking 2000 years from now...
Post by cthia   » Sun Oct 23, 2016 10:57 am

cthia
Fleet Admiral

Posts: 14951
Joined: Thu Jan 23, 2014 1:10 pm

Annachie wrote:NCIS, not CSI.

Easy enough to confuse the acronyms.

Sent from my SM-G920I using Tapatalk

Thanks. Even easier to make that mistake when you watch all of the spinoff acronyms too. I guess that makes me acronemic since I have an iron-will deficiency in staying away from Abby. NCIS with Abby makes me weak. Pauley Perrette is my girlfriend. Just as soon as I bump into her and tell her.


Back to our regular programming.


My niece and I were discussing the human element as a vector for infecting computers. My English wife — who is enjoying a wealth of unwatched American media — says "That is basically the premise of 'The Net' with Sandra Bullock."

Neither my niece or I had seen it. Go figure. So we did. Interesting movie. This brilliant CEO and software engineer develops an unparalleled security system called the 'Gatekeeper.' Every agency from the White House to the Outhouse uses this security program which has a purposely engineered back door that opens a front door into every conceivable government agency. The human element is the vector to spread the virus.

Isn't it odd that some of the better antivirus programs hail from abroad? Does it strike anyone else to be a bit precarious for any US citizens, companies or agencies to install foreign antivirus software on their computers?

If any government agency relies on Russian antivirus software...is crazy. And weren't the Russians involved in the Clinton email leaks?

Son, your mother says I have to hang you. Personally I don't think this is a capital offense. But if I don't hang you, she's gonna hang me and frankly, I'm not the one in trouble. —cthia's father. Incident in ? Axiom of Common Sense
Top
Re: Hacking 2000 years from now...
Post by Tenshinai   » Sun Oct 23, 2016 10:21 pm

Tenshinai
Admiral

Posts: 2893
Joined: Tue Nov 02, 2010 8:34 pm
Location: Sweden

cthia wrote:Isn't it odd that some of the better antivirus programs hail from abroad? Does it strike anyone else to be a bit precarious for any US citizens, companies or agencies to install foreign antivirus software on their computers?


USA is the place where folks like the NSA and FBI can and DO dictate software and even hardware companies to have a backdoors for them "or else".

There´s also the limitations(and backdoors) enforced on encryption software, which is why almost noone here buys the US ones, especially when the freeware options are so much safer.


cthia wrote:If any government agency relies on Russian antivirus software...is crazy.


Do you have any idea what level of scrutiny those software are under?

And do you actually know anything about them?

Kaspersky AV(to take the most common) is popular because it has a VERY good and proven trackrecord for almost 20 years now. On review sites it´s on every single top ten list i can find, nearly always in the top 5.

Outpost Security Suite, while it doesn´t manage to get into the review top 10 lists in 2016(it has managed a few top 10 lists before), it´s not because it´s unsafe, but because it doesn´t have all the bells and whistles that the more expensive ones have(personally, the stuff it tends to get penalised for not having, are features i have never once used ever).

NANO Antivirus, freeware, slightly big on RAM and a bit slow on complex scans, but reliable even while still in betatest. Also has the no longer so common feature of playing nice with any other security software on the same system.


So, AFAIK, that´s the 3 Russian AV/Firewall softwares that are available today, which of those are you saying is suspect, and what evidence do you have to support such?

None of the companies behind them are connected to Russian government, all 3 have spent years of working up a good reputation, and no hacker has ever found their code to contain anything suspicious...

cthia wrote:And weren't the Russians involved in the Clinton email leaks?


Considering all the bullshit propaganda spewed in the last 10-15 years?

Might be true, but i question it.

Far more likely that it was an internal screwup or manufactured by "political opposition" and then spindoctored to try to take as much advantage of the problem as they could while reducing the fallout.

Ie. standard procedure in US politics today.
Top
Re: Hacking 2000 years from now...
Post by cthia   » Sat Oct 07, 2017 7:45 am

cthia
Fleet Admiral

Posts: 14951
Joined: Thu Jan 23, 2014 1:10 pm

cthia wrote:Isn't it odd that some of the better antivirus programs hail from abroad? Does it strike anyone else to be a bit precarious for any US citizens, companies or agencies to install foreign antivirus software on their computers?

If any government agency relies on Russian antivirus software...is crazy. And weren't the Russians involved in the Clinton email leaks?
Tenshinai wrote:
cthia wrote:Isn't it odd that some of the better antivirus programs hail from abroad? Does it strike anyone else to be a bit precarious for any US citizens, companies or agencies to install foreign antivirus software on their computers?


USA is the place where folks like the NSA and FBI can and DO dictate software and even hardware companies to have a backdoors for them "or else".

There´s also the limitations(and backdoors) enforced on encryption software, which is why almost noone here buys the US ones, especially when the freeware options are so much safer.


cthia wrote:If any government agency relies on Russian antivirus software...is crazy.


Do you have any idea what level of scrutiny those software are under?

And do you actually know anything about them?

Kaspersky AV(to take the most common) is popular because it has a VERY good and proven trackrecord for almost 20 years now. On review sites it´s on every single top ten list i can find, nearly always in the top 5.

Outpost Security Suite, while it doesn´t manage to get into the review top 10 lists in 2016(it has managed a few top 10 lists before), it´s not because it´s unsafe, but because it doesn´t have all the bells and whistles that the more expensive ones have(personally, the stuff it tends to get penalised for not having, are features i have never once used ever).

NANO Antivirus, freeware, slightly big on RAM and a bit slow on complex scans, but reliable even while still in betatest. Also has the no longer so common feature of playing nice with any other security software on the same system.


So, AFAIK, that´s the 3 Russian AV/Firewall softwares that are available today, which of those are you saying is suspect, and what evidence do you have to support such?

None of the companies behind them are connected to Russian government, all 3 have spent years of working up a good reputation, and no hacker has ever found their code to contain anything suspicious...

cthia wrote:And weren't the Russians involved in the Clinton email leaks?


Considering all the bullshit propaganda spewed in the last 10-15 years?

Might be true, but i question it.

Far more likely that it was an internal screwup or manufactured by "political opposition" and then spindoctored to try to take as much advantage of the problem as they could while reducing the fallout.

Ie. standard procedure in US politics today.


****** *

Mistake? Deliberate? Who gives a shit! I rest...one more phucking case.

Vet! Vet! Vet!

And this is for any rebuttals... :roll: :roll: :roll:

Son, your mother says I have to hang you. Personally I don't think this is a capital offense. But if I don't hang you, she's gonna hang me and frankly, I'm not the one in trouble. —cthia's father. Incident in ? Axiom of Common Sense
Top
Re: Hacking 2000 years from now...
Post by Joat42   » Sat Oct 07, 2017 1:40 pm

Joat42
Admiral

Posts: 2142
Joined: Tue Apr 16, 2013 7:01 am
Location: Sweden


If you read the article it says that the Kaspersky AV was exploited. Since you seems so sure, you do have all the facts - right? Not jumping to any conclusions - right?

---
Jack of all trades and destructive tinkerer.


Anyone who have simple solutions for complex problems is a fool.
Top

Return to Honorverse