[00:01] <tonyyarusso> Tools only let you get data if your opponent is dumber than you.  An informed opponent can not be beaten by technology.
[00:02] <Obsidian1723> true, thats why informed people shred the hard drive.
[00:02] <kermit> Obsidian1723: maybe your coworkers use the word 'shred' to refer to what we were by the term, not physically shreding.
[00:03] <Obsidian1723> Funny thing is, part of SOX compliance is that all companies that are publically traded, must store all hard drivers for 10 years in case the feds need them.
[00:03] <Obsidian1723> When I say shred, I mean phjysically shred.
[00:04] <Obsidian1723> Data recovery is sticky, especially when you mess with HIPPA and SOX, good times.. glad I dont do that shyt personally.
[00:04] <Obsidian1723> but as for my drives, because of financial data, I physically run them thrugh a hard drive shredder. they are cheap enough to just buy new ones.
[00:05] <Obsidian1723> If a drive dies, its shredded physcially. end of story. Not even the NSA can get that data.
[00:05] <tonyyarusso> Maybe it's all a scam by the hard drive makers :P
[00:05] <Obsidian1723> doubtful
[00:06] <Obsidian1723> There's many court cases which involve forensics (computer) in some way.
[00:06] <kermit> cite one that recovered overwritten data on a drive made in the last decade
[00:06] <tonyyarusso> What kermit said.
[00:06] <Takyoji> of just simple temporary files or things that could be recovered with even PhotoRec
[00:07] <tonyyarusso> I know the stuff in the court cases - that's what I study.  But it's nothing like what you're saying.
[00:07] <Takyoji> for the criminals that don't know crap about technology.
[00:07] <kermit> heh to recover NON overwritten data, i've uset 'strings' and 'grep' on the dev
[00:07] <tonyyarusso> Hell, I've used photorec just to recover from a misplaced rm command.
[00:07] <Obsidian1723> most dont know, true.
[00:07] <kermit> uset/used
[00:07] <Obsidian1723> yerah
[00:07] <Obsidian1723> Do a 35-pass of 1 and 0, that will keep most people out.
[00:07] <Obsidian1723> *most*
[00:08] <Obsidian1723> Just like a WEP key would keep most people out.
[00:08] <Obsidian1723> for wifi
[00:08] <Obsidian1723> most people are technologically idiotic
[00:08] <Obsidian1723> They know nothing.
[00:08] <kermit> Takyoji: about your original question regarding the shred command, in theory some filesystems might write to different physical locations than the original data, for either wear leveling or speed, and i suspect shred doesnt take that into account.
[00:08] <Obsidian1723> but that doesnt tive carte blache for not beding secure on your part
[00:09] <kermit> Takyoji: the xfs devs tell me theirs does not.
[00:09] <Takyoji> ahh; it's on EXT4 by the way
[00:09] <Obsidian1723> just stay out of the gunsights of the feds and youll all be ok.
[00:09] <Obsidian1723> peace
[00:10] <tonyyarusso> The shred man page says quite explicitly that it's intended for use on entire devices.
[00:10] <kermit> i bet all this time he's been handing a drive off to some department for "shredding" not realizing what they meant by the word
[00:10] <Takyoji> Most likely
[00:10] <tonyyarusso> aww, big bad scary guvvmint man ran away.  Guess we'll have to go find some other conspiracy theory to talk about for a while.
[00:11] <tonyyarusso> nah, a lot of government agencies actually do shred them - what better way to waste taxpayer money and make it sound legit?  If people knew it was unnecessary they'd get mad, so clearly that can't happen.
[01:38] <Takyoji> I just had a simpler idea for the basic cryptology.
[01:38] <Takyoji> Or tunnelling for that matter
[01:38] <Takyoji> I'll just install an HTTPS/HTTP proxy on my web server.
[01:39] <Takyoji> of which would force HTTPS
[01:39] <Takyoji> and would gzip the content
[01:39] <Takyoji> Just a simple PHP script is all it would need to be, even
[01:42] <Takyoji> Gah, the US Pirate Party has an IRC server with the worst availability
[01:44] <kermit> worse than undernet?
[01:45] <kermit> php script for what?
[01:47] <Takyoji> It would be like a typical anonymizer, but would force you to connect via HTTPS, would require you to authenticate in order to use it, and would compress any of the proxied content.
[01:48] <Takyoji> It would be exactly all I need
[01:49] <Takyoji> I could probably even write it myself, or modify a pre-existing one to do what I want.
[01:50] <Takyoji> because I don't need to tunnel some instant messaging or anything like that; all I need is HTTP
[01:51] <kermit> i dont see what all that has to do with php though
[01:51] <kermit> that sounds like just some config options in a proxy server
[01:51] <Takyoji> I'd just plop a PHP file on my webserver
[01:52] <Takyoji> rather than having to install some daemon or anything extensive
[01:52] <kermit> i dont know php but it sounds harder than just running a proxy server
[05:59] <Takyoji> How do you select a character in a specific range using regular expressions? Such as from 0x0590 to 0x05FF
[07:14] <Takyoji> Oh fun, grub-setup segfaulted! :D
[08:01] <Takyoji> When you dual-boot with a Windows OS, and use GRUB, does the installer mark all partitions except the Ubuntu partition as bootable?
[08:23] <tonyyarusso> Someone tell Takyoji later that it's [\x0590-\x05FF]