Quick and dirty data wiping

How to wipe a disk with pre-determined bit patterns

Many of you who know me may have heard of my ‘mythical’ data wiping script, which I have maintained can be done in just a few lines shell script on pretty much *any* UNIX box. Well, here it is:-

for pattern in 85 170 ; do

awk -v p=$pattern ‘END {while (1) printf(“%c”,p);};’ \

< /dev/null > /path/to/device/or/file

done

The patterns 85 and 170 represent 01010101 and 10101010 in 8-bit binary. These patterns can be replaced with any sequence which can be generated or pre-defined prior to the wiping run.

This command converts the decimal value of $pattern into a binary pattern using awk. The output is then generated until the target device reaches the end of the media or fills the containing filesystem.

Please use with caution, my overly simplified version does not check what it is writing to – I accept no responsibility for damages arising as a result of using this script or any derivative works.

ICT in schools

I was reading about ICT in schools today, and pondered my past experience, i had a privileged experience but in many ways also a pretty crap experience of IT while at schools, so I thought to give my tuppence on the subject…..

My days of school ICT was spent on a BBC Master or an Acorn Archimedes. During this time I ‘learned’ about word processors, spreadsheets, and databases.  The Internet had not yet gained universal awareness and I was lucky enough to have a 386sx25 in 1991. By 1993, I was dialling-up HENSA at Lancaster University and BT Gold using my 2400 baud modem (gained when everyone else had 14.4k modems).

While I learned the basics of computer based ‘office-work’, they never taught me about computing. I got into a lot of trouble for my ‘shift-break’ naughtiness using my knowledge of basic to post infinite loops of questionable messages. The funniest being at 6th form and setting all the machines to say “Haroooooooooooon!” in honour of my mate was into computers and who’s name become the startup sound for all the machines! lol. I wouldn’t do that now, it’s too childish, but my it was funny at the time.

When I finally graduated from University, with a degree in software engineering, I realised what schools were missing. What I come to realise was that it was the maths which caused me to gain a greater understanding of the ‘universe’, not the ephemeral languages, and techonogies which all pass in fads over time, but what is universal behind all that is the math.

What is missing from school ICT isn’t so much the ‘raspberry-pi’, but it is an introduction to logic and formal proof. It is a given that we have general purpose machines which will allow us to model reality in a virtual sense in order to enact a real-world function. Simply teaching Microsoft Office isn’t enough.

I  recall thanking my uni maths teacher, Robert Lowe (Coventry University), as his teachings while ‘boring’ at the time, turned out to be the most useful knowledge I have ever possessed, simply knowing truth from non truth.

Children need to learn at an earlier age, base 2 math, binary. This is an important introduction into mathematical truth, the ‘proof’ being 1 or 0, true or false. While I don’t expect children to proof literary statements, it would be advantageous if they at least knew de-morgan’s law.

Once the student knows about logic and what a computer can do in terms of logic cases, then it becomes possible for the student to grasp the capabilities of the hardware and realise the software possibilities within realistic terms.

The other greater benefit is the introduction of what is truth, what is false, and most importantly the differentiation of  one-way truths. This enables the student with a soft-skill knowledge which allows them to differentiate the truth better, and that enables better decision making in all future cases as a sense of truth is universal.

It turns out that the truth can indeed be calculated mathematically. It is primarily for this reason that I believe that 15+ year olds should be exposed to binary and logic. A curriculum which includes addition, multiplication, division, and subtraction for the advanced. It should conclude in de-morgan’s law and a light introduction to finite-state automata for the advanced (e.g. a ‘traffic-light’ system). I don’t believe that these concepts are beyond the average teen-age person.

This would nurture an enlightened society by addressing the basic sense of logic and truth and this can only be good. While it may not seem creative for some, it is the foundation of creativity in an ever-evolving world.

I urge all science and maths teachers to embrace binary as a fundamental concept for teenagers wordwide.

If you know someone involved with school maths, science, or ICT – show them this post! – there’s more to computing than office apps!

Real Security: A GravityLight in the darkness

Guys and Gals,

Today I present to you something far more important than dealing with a technology disaster. The need for light and energy.

Everyone should get behind this project:-

GravityLight

http://www.indiegogo.com/projects/282006

These guys have developed an amazing product! a light which works on gravity alone!, while not a completely novel concept, these guys have packaged it into something portable, simple and hopefully reliable.

Intended for developing countries to reduce dependence on relatively expensive and unhealthy kerosene lamps, it represents an essential survival tool for all because when the candles have all burned out and the batteries are all flat, having some light source can be essential.

Give them some ca$h and help them on their way.

AV Comparatives

Today, let me introduce you to AV Comparatives, a trusty AV testing lab which will open your eyes to how good your anti-virus is. I have used these guys for many years to consider my options on AV.

Disclaimer: Don’t be fooled by the sell of McAfee and Symantec – they are *NOT* the best AV products by a country mile.

The reports from AV Comparatives shows the difference between “out-of-the-box” and “configured-for-security” effectiveness. This provides an interesting and sometimes scary revelation.

Please pay special attention to the historical reviews for proactive tests. The teams that score best consistently on this test do better overall because if they are on-top for 0day threats then the historical virus detection is, as they say, “history”. You can see developer drain happen when a product slips from it’s ranking where a developer leaves or the company generally lags.

For Windows, I normally use Avira Free with secure-start and detection of all categories including jokes and games. Just taking another look, I guess I might reconsider…..maybe Avast?

I’d like to try QiHoo but I can’t read Chinese and I’m not sure i trust a ‘free’ product which is difficult to find on Google and intended for a single-country only market (you can’t even find it easily on Baidu!). Chinese users – please leave comment on this point and let me know what your experience with QiHoo AV is like!

Meanwhile, I’m on Linux, so ClamAV will do for now.

sendmail relaying nightmare!

While I’m hot on the topic – I’ve just spent a whole afternoon/evening trying to figure out why my sendmail installation keeps on becoming an open-relay every time i configure my desired domains! – which I have now figured out!

While listing my desired domains in the access file, or in the relay-domains file, it seemed to turn my sendmail host into an open-relay.

It turns out that access and relay-domains supports relay for all valid hosts and sub-domains within the DNS domains permitted for relay, hence all hosts with a valid DNS A record within the defined domains becomes a valid source of mail! As my testing point had a valid DNS record within the permitted domain (and I did check to see whether it was an open-relay), the host allowed relay based on membership to the permitted domains.
This effectively made my sendmail box an open-relay to all internal hosts with a DNS name.

This was fixed with a FEATURE:-

FEATURE(`relay_hosts_only')dnl

This sanitised my security from internal abuse! and made my access file work as intended, supporting explicitly listed hosts and domains only.

 

Update: I later realised that the domain names I was configuring also had ‘A’ records in DNS for the top-level domain. As these hosts were not valid mail sources for this relay, I had to explicitly configure a REJECT action within the access file for all of the IPs named in an ‘A’ record lookups on the given domain names within the access or relay-hosts file in order to deny an implicit behavior which is the consequence of permitting a given domain.

 

So….some things to remember for Sendmail:-

 

Any domain listed in the access file or relay-domains file will allow ‘open’ relay for all hosts :-

 

1) Within the visible DNS structure beneath the defined domain (unless you use “FEATURE(`relay_hosts_only’)dnl”)

2) Defined as an ‘A’ Record for the given domain name as returned by DNS.
Does your Sendmail MTA relay to the hosts you intend?

 

Hidden H4x0r theme in Microsoft Windows!

Probably my most pointless and most worthless post of mine in a while but…

While messing around with themes in Windows 7 today, I found “High Contrast #2”, which is by any statement a ready made h4x0r theme with more akin to green-screen uber-dark geekdom them any plausible readability concept.

Bizarre but true! Try it!

Update: I have found that the theme is present right back to 3.1 lol!

Hurricane Sandy causes visible disruption to Internet traffic

hurricane sandy internet stats 24 hours

hurricane sandy internet stats 24 hours

Courtesy of internettrafficreport.com, the effects of the hurricane Sandy can visibly be seen on global internet statistics, but interesting things happen after!

The interesting things here are that you can visibly see the impact on the ‘net. It starts with the rapidly decreasing netflow starting at about 10PM on the graph (it’s a shame it doesn’t show what timezone it applies to!), with packet loss growing at an equally alarming rate. It then plateus out until things are re-routed, and connectivity for everyone else unaffected is eventually restored by about 1:30AM. The Internet was largely ‘healed’ in about 3.5 hours, not bad for a sev1 response!.

The final interesting thing is the subsequent relative stability of the Internet after reconfiguration. The performance is generally slightly degraded given the loss of New York’s traffic and data in transit, but is afterwards looks strangely too uniform and consistent, it’s like the event in itself has caused the Internet to stablise. Let’s see how long it lasts….

My thoughts go to those lost and those who have lost in the disaster.

Update:-

hurricane sandy internet traffic stats 7 day stats

hurricane sandy internet traffic stats 7 day stats

7-day stats show drop start from about 2PM as infrastructure starts to fail from the bad weather that preceeded the flooding. This shows that there was a loss from the affected sites which, by internettrafficreport.com’s measure accounted for approximately 3% of the global internet traffic.