| tonyyarusso | Tools only let you get data if your opponent is dumber than you. An informed opponent can not be beaten by technology. | 00:01 |
|---|---|---|
| Obsidian1723 | true, thats why informed people shred the hard drive. | 00:02 |
| kermit | Obsidian1723: maybe your coworkers use the word 'shred' to refer to what we were by the term, not physically shreding. | 00:02 |
| Obsidian1723 | Funny thing is, part of SOX compliance is that all companies that are publically traded, must store all hard drivers for 10 years in case the feds need them. | 00:03 |
| Obsidian1723 | When I say shred, I mean phjysically shred. | 00:03 |
| Obsidian1723 | Data recovery is sticky, especially when you mess with HIPPA and SOX, good times.. glad I dont do that shyt personally. | 00:04 |
| Obsidian1723 | but as for my drives, because of financial data, I physically run them thrugh a hard drive shredder. they are cheap enough to just buy new ones. | 00:04 |
| Obsidian1723 | If a drive dies, its shredded physcially. end of story. Not even the NSA can get that data. | 00:05 |
| tonyyarusso | Maybe it's all a scam by the hard drive makers :P | 00:05 |
| Obsidian1723 | doubtful | 00:05 |
| Obsidian1723 | There's many court cases which involve forensics (computer) in some way. | 00:06 |
| kermit | cite one that recovered overwritten data on a drive made in the last decade | 00:06 |
| tonyyarusso | What kermit said. | 00:06 |
| Takyoji | of just simple temporary files or things that could be recovered with even PhotoRec | 00:06 |
| tonyyarusso | I know the stuff in the court cases - that's what I study. But it's nothing like what you're saying. | 00:07 |
| Takyoji | for the criminals that don't know crap about technology. | 00:07 |
| kermit | heh to recover NON overwritten data, i've uset 'strings' and 'grep' on the dev | 00:07 |
| tonyyarusso | Hell, I've used photorec just to recover from a misplaced rm command. | 00:07 |
| Obsidian1723 | most dont know, true. | 00:07 |
| kermit | uset/used | 00:07 |
| Obsidian1723 | yerah | 00:07 |
| Obsidian1723 | Do a 35-pass of 1 and 0, that will keep most people out. | 00:07 |
| Obsidian1723 | *most* | 00:07 |
| Obsidian1723 | Just like a WEP key would keep most people out. | 00:08 |
| Obsidian1723 | for wifi | 00:08 |
| Obsidian1723 | most people are technologically idiotic | 00:08 |
| Obsidian1723 | They know nothing. | 00:08 |
| kermit | Takyoji: about your original question regarding the shred command, in theory some filesystems might write to different physical locations than the original data, for either wear leveling or speed, and i suspect shred doesnt take that into account. | 00:08 |
| Obsidian1723 | but that doesnt tive carte blache for not beding secure on your part | 00:08 |
| kermit | Takyoji: the xfs devs tell me theirs does not. | 00:09 |
| Takyoji | ahh; it's on EXT4 by the way | 00:09 |
| Obsidian1723 | just stay out of the gunsights of the feds and youll all be ok. | 00:09 |
| Obsidian1723 | peace | 00:09 |
| tonyyarusso | The shred man page says quite explicitly that it's intended for use on entire devices. | 00:10 |
| kermit | i bet all this time he's been handing a drive off to some department for "shredding" not realizing what they meant by the word | 00:10 |
| Takyoji | Most likely | 00:10 |
| tonyyarusso | aww, big bad scary guvvmint man ran away. Guess we'll have to go find some other conspiracy theory to talk about for a while. | 00:10 |
| tonyyarusso | nah, a lot of government agencies actually do shred them - what better way to waste taxpayer money and make it sound legit? If people knew it was unnecessary they'd get mad, so clearly that can't happen. | 00:11 |
| Takyoji | I just had a simpler idea for the basic cryptology. | 01:38 |
| Takyoji | Or tunnelling for that matter | 01:38 |
| Takyoji | I'll just install an HTTPS/HTTP proxy on my web server. | 01:38 |
| Takyoji | of which would force HTTPS | 01:39 |
| Takyoji | and would gzip the content | 01:39 |
| Takyoji | Just a simple PHP script is all it would need to be, even | 01:39 |
| Takyoji | Gah, the US Pirate Party has an IRC server with the worst availability | 01:42 |
| kermit | worse than undernet? | 01:44 |
| kermit | php script for what? | 01:45 |
| Takyoji | It would be like a typical anonymizer, but would force you to connect via HTTPS, would require you to authenticate in order to use it, and would compress any of the proxied content. | 01:47 |
| Takyoji | It would be exactly all I need | 01:48 |
| Takyoji | I could probably even write it myself, or modify a pre-existing one to do what I want. | 01:49 |
| Takyoji | because I don't need to tunnel some instant messaging or anything like that; all I need is HTTP | 01:50 |
| kermit | i dont see what all that has to do with php though | 01:51 |
| kermit | that sounds like just some config options in a proxy server | 01:51 |
| Takyoji | I'd just plop a PHP file on my webserver | 01:51 |
| Takyoji | rather than having to install some daemon or anything extensive | 01:52 |
| kermit | i dont know php but it sounds harder than just running a proxy server | 01:52 |
| Takyoji | How do you select a character in a specific range using regular expressions? Such as from 0x0590 to 0x05FF | 05:59 |
| Takyoji | Oh fun, grub-setup segfaulted! :D | 07:14 |
| Takyoji | When you dual-boot with a Windows OS, and use GRUB, does the installer mark all partitions except the Ubuntu partition as bootable? | 08:01 |
| tonyyarusso | Someone tell Takyoji later that it's [\x0590-\x05FF] | 08:23 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!