Legal battles over unwarranted search and seizure at the borders are spinning up.

For a couple of years now the Customs and Border Patrol of the United States has had the legal authority to confiscate the laptops of people entering the country to perform forensic analysis on an indefinite basis. If you don't give them your laptop (or you refuse to give them the passphrases to decrypt your data) they can and will send you back or incarcerate you, even if you're an American citizen. They also have standing orders to seize any and all data storage media you're transporting (including USB keys, cameras, cellular phones, MP3 players, and disks) for duplication and …

Read more...

Leave nothing to chance.

Something that I keep meaning to write about is the topic of practical data backups - how to back your data up in such a way that you won't go bonkers trying to manage it, but if you blow a drive you'll be able to restore something at least. The thing about backups is that they're at once easy to overthink and confuse yourself horribly (which means that you'll never make or use them) and easy to do in such a fashion that they won't be usable when you need them the most. At the enterprise level, there are at least …

Read more...

What hath the fabulists wrought?

It’s long been said that science fiction predicts, or at least inspires some of the things which we take for granted every day. While the exact origins of the genre could be debated until the cows come home (and they most certainly are in some circles), it was some time during the 17th century c.e. during the Age of Reason in which people really began to write stories in which the advances of the time were their inspiration. Great voyages by sailing ship and fanciful aircraft were taken to regions of the globe which had only been seen …

Read more...

This isn't quite a William Gibson/Near Stephenson cyberpunk world, but you can see the lights of it from here.

There's a certain feeling a system admin gets when they find out that one of their boxen has been pwned. You can't really compare it to anything else but it seems to combine the worst symptoms of cardiac arrest, realizing that someone's just shot at you and not missed, being busted by military police while carrying, and discovering that you slept through your thesis defense. A personal website falling is bad enough, but when you're talking about an operation that's worth six or seven digits in American dollars you just know that heads were rolling.

Over the weekend a post …

Read more...

OCZ Neural Impulse Actuator notes and roll-up post.

While reading the files in /usr/src/linux/Documentation/usb/ I got it in my head to see if anyone else had spent any time reverse engineering the OCZ NIA, or at least had figured out how to get output from it. I spent some time a couple of days ago playing with it on Windbringer (running Gentoo Linux and all I was able to determine in the short time I worked on it was that it successfully registers itself with the Linux kernel's USB subsystem as an USB Human Interface Device (heh). After collecting some information I put the …

Read more...

Cutting the power doesn't necessarily mean that memory is cleared.

It has long been a piece of grassroots wisdom that when the power to your computer goes dead, you're up a certain creek without a means of propulsion: Whatever you were doing at the time had gone to the great bit bucket in the sky, and unless you'd just saved your work you could kiss your next couple of hours goodbye while reconstructing everything. However, from a technical standpoint this isn't actually true. Modern-day DRAM can actually hold usable data for a finite but non-zero period of time after the main power's been cut off. This has actually been known …

Read more...

Confiscation and examination of electronics at the border intensifies.

It would appear that the confiscation and analysis of personal electronics at the US border is intensifiying and that people are starting to get up in arms about it. It's more than just laptops that US ICE (Immigration and Customs Enforcement) are spiriting away (for up to two weeks at a time, which defeats the purpose of trying to fly anywhere): Cellular phones are being meddled with and sometimes data is erased (for one reason or another; I tend to lean toward Hanlon's Razor to explain this), corporate laptops are being taken away from travelers unless the log into the …

Read more...

Do engineers make good terrorists?

According to two sociologists at Oxford University, Diego Gambetta and Steffen Hertog, the mindset of a professional terrorist and the mindset of a professional engineer are so similar in makeup that there is a strong correlation between being an engineer and being a member of a terrorist group (paper downloadable from here). Their research states that members of the Islamist movement of Muslim culture show a disproportionately high number of doctors, engineers, and practitioners of other scientific fields. Their paper also makes the claim that engineers in particular tend to gravitate toward violent groups, but it isn't so much being …

Read more...

Let this be a lesson to everyone...

Always double-check what machine you're working on. And always, always make sure your backups are good!

In the state of Alaska, a sysadmin at the department of revenue accidentally reformatted a hard drive that contained information pertaining to a oil fund account worth roughly $38bus.

Yep - billions of US dollars.

For an encore, rather than restore the data for the account from a backup hard drive, he then reformatted the backup drive on top of that - he probably hit the up arrow, changed the device name, and touched it off again. By this time, any sysadmin worth the name would …

Read more...

Let this be a lesson to everyone...

Always double-check what machine you're working on. And always, always make sure your backups are good!

In the state of Alaska, a sysadmin at the department of revenue accidentally reformatted a hard drive that contained information pertaining to a oil fund account worth roughly $38bus.

Yep - billions of US dollars.

For an encore, rather than restore the data for the account from a backup hard drive, he then reformatted the backup drive on top of that - he probably hit the up arrow, changed the device name, and touched it off again. By this time, any sysadmin worth the name would …

Read more...