Some random and ultimately pointless commentary
-
Marc Clifton wrote:
how encryption protects your data when the computer is off is beyond me
When the power goes off, the decryption key field that is generated by the processor fan stops, and the HDD then loses the ability to decrypt it's magnetically stored data. (With SSD drives, it's all down to little tiny Leprechauns who live in the SATA cable)
Sent from my Amstrad PC 1640 Bad command or file name. Bad, bad command! Sit! Stay! Staaaay... AntiTwitter: @DalekDave is now a follower!
OriginalGriff wrote:
the decryption key field that is generated by the processor fan stops
Ah, that explains why I can never move a hard drive to another computer. The decryption key is specific to the unique quantum fluctuations of every computer's fan! ;) As to Leprechauns, I always new there was magic in this world!!!
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
-
From the cybersecurity training: > Nonpublic information should only be saved to your network drive Why do we even have hard drives then on our computers? IMO, non-public information includes source code, proprietary in-house and third party documentation, and so forth. WTF? But this one: > The information on your computer is only fully protected by encryption when it is powered off or in hibernate mode. Simply locking your computer is not sufficient for encryption. :laugh: Yeah, information is definitely "protected" when the computer is off. But how encryption protects your data when the computer is off is beyond me. Maybe I'm not as smart as I thought. And unrelated, when I browsed over to norsecorp.com (live feed of cyberattacks, yeah, right) I got this (my bold): > This page is currently offline. However, because the site uses Cloudflare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Dude. You really don't want to use "currently offline" and "Always Online" in the same sentence. :laugh:
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
Hype!! I found the only true guarantee for security here: [OneSafe Software – Official Website – Utility software for PC & Mac](https://onesafesoftware.com/software/) It makes your PC safe! But! I can see in the photos that it also makes Mac's safe! (Even if the ⌘-key is black.) :mad: What really bugs me is that frauds like this appear on big sites, in this case Yahoo! They should really be able to maintain a minimum degree of advertising hygiene.
... such stuff as dreams are made on
-
Marc Clifton wrote:
But how encryption protects your data when the computer is off is beyond me.
[Cold boot attack - Wikipedia](https://en.wikipedia.org/wiki/Cold\_boot\_attack)
> The attack relies on the data remanence property of DRAM and SRAM to retrieve memory contents that remain readable in the seconds to minutes after power has been removed. I was working with a video capture card (B&W) in the 80's. I had turned the machine off, pulled the card out of the slot and moved it to another computer, then booted that computer. Crazily, even after a couple minutes of no power, a good 80% of the image that had been in memory was still there and recognizable. We're talking minutes, not seconds, and not SRAM either.
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
-
Hype!! I found the only true guarantee for security here: [OneSafe Software – Official Website – Utility software for PC & Mac](https://onesafesoftware.com/software/) It makes your PC safe! But! I can see in the photos that it also makes Mac's safe! (Even if the ⌘-key is black.) :mad: What really bugs me is that frauds like this appear on big sites, in this case Yahoo! They should really be able to maintain a minimum degree of advertising hygiene.
... such stuff as dreams are made on
megaadam wrote:
What really bugs me is that frauds like this appear on big sites, in this case Yahoo!
Anything that appears on Yahoo! is suspect, IMO. In fact, Yahoo! itself is a big fraud!
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
-
megaadam wrote:
What really bugs me is that frauds like this appear on big sites, in this case Yahoo!
Anything that appears on Yahoo! is suspect, IMO. In fact, Yahoo! itself is a big fraud!
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
I have lived with several Zen masters - all of them were cats. His last invention was an evil Lasagna. It didn't kill anyone, and it actually tasted pretty good.
-
From the cybersecurity training: > Nonpublic information should only be saved to your network drive Why do we even have hard drives then on our computers? IMO, non-public information includes source code, proprietary in-house and third party documentation, and so forth. WTF? But this one: > The information on your computer is only fully protected by encryption when it is powered off or in hibernate mode. Simply locking your computer is not sufficient for encryption. :laugh: Yeah, information is definitely "protected" when the computer is off. But how encryption protects your data when the computer is off is beyond me. Maybe I'm not as smart as I thought. And unrelated, when I browsed over to norsecorp.com (live feed of cyberattacks, yeah, right) I got this (my bold): > This page is currently offline. However, because the site uses Cloudflare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Dude. You really don't want to use "currently offline" and "Always Online" in the same sentence. :laugh:
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
security author wrote:
Simply locking your computer is not sufficient for encryption.
:confused: That's a terrible sentence leading to much confusion. Almost positive author meant:
Quote:
Locking your computer is not an effective security method (since files are not automatically encrypted).
Bad technical writing wastes so much time.
-
megaadam wrote:
What really bugs me is that frauds like this appear on big sites, in this case Yahoo!
Anything that appears on Yahoo! is suspect, IMO. In fact, Yahoo! itself is a big fraud!
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
-
Someone I know worked somewhere they were told to keep confidential files on their desktops rather than the C drive. Edit - file as in data file not physical file, and desktop as in Windows desktop, not their physical desk.
This is probably meant to be read "instead of anywhere else on the C drive". There is a Windows Policy to backup the desktop at power off, and restore it at power on, so this makes somehow sense. If my computer crashes at work, I will have my desktop back including all the content just by logging on a new computer.
-
This is probably meant to be read "instead of anywhere else on the C drive". There is a Windows Policy to backup the desktop at power off, and restore it at power on, so this makes somehow sense. If my computer crashes at work, I will have my desktop back including all the content just by logging on a new computer.
No, they thought the desktop was some kind of special entity of the operating system that only the person currently logged on could access. They had no idea it was just a folder on the drive and the desktop an application that renders those files as icons.
-
From the cybersecurity training: > Nonpublic information should only be saved to your network drive Why do we even have hard drives then on our computers? IMO, non-public information includes source code, proprietary in-house and third party documentation, and so forth. WTF? But this one: > The information on your computer is only fully protected by encryption when it is powered off or in hibernate mode. Simply locking your computer is not sufficient for encryption. :laugh: Yeah, information is definitely "protected" when the computer is off. But how encryption protects your data when the computer is off is beyond me. Maybe I'm not as smart as I thought. And unrelated, when I browsed over to norsecorp.com (live feed of cyberattacks, yeah, right) I got this (my bold): > This page is currently offline. However, because the site uses Cloudflare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Dude. You really don't want to use "currently offline" and "Always Online" in the same sentence. :laugh:
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
I don't know what it is specific to the topic of cyber-security, but all of the training that's been foisted upon me has contained similar nonsense. This in itself would be bad, but that same training usually contains at least one dangerous bit of technically inaccurate information. Anyhow, the "currently offline" site that is "Always Online" made me burst out laughing...seriously, spittle was involved :) As I'm in the midst of some drudge work right now, the laugh was much appreciated.
-
No, they thought the desktop was some kind of special entity of the operating system that only the person currently logged on could access. They had no idea it was just a folder on the drive and the desktop an application that renders those files as icons.
Not knowing the exact situation, I might still give them the benefit of doubt and assume they were using folder redirection. You can set up folders - and the desktop is a perfectly good candidate - to be rerouted to some server share. I'm not a domain policy expert, but I'd be surprised if it couldn't be done and that some organizations are doing exactly that today.
-
Hype!! I found the only true guarantee for security here: [OneSafe Software – Official Website – Utility software for PC & Mac](https://onesafesoftware.com/software/) It makes your PC safe! But! I can see in the photos that it also makes Mac's safe! (Even if the ⌘-key is black.) :mad: What really bugs me is that frauds like this appear on big sites, in this case Yahoo! They should really be able to maintain a minimum degree of advertising hygiene.
... such stuff as dreams are made on
-
While that may be true, I was spewing anger over the general phenomenon of malware ads on very big sites.
... such stuff as dreams are made on
-
> The attack relies on the data remanence property of DRAM and SRAM to retrieve memory contents that remain readable in the seconds to minutes after power has been removed. I was working with a video capture card (B&W) in the 80's. I had turned the machine off, pulled the card out of the slot and moved it to another computer, then booted that computer. Crazily, even after a couple minutes of no power, a good 80% of the image that had been in memory was still there and recognizable. We're talking minutes, not seconds, and not SRAM either.
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
-
Not knowing the exact situation, I might still give them the benefit of doubt and assume they were using folder redirection. You can set up folders - and the desktop is a perfectly good candidate - to be rerouted to some server share. I'm not a domain policy expert, but I'd be surprised if it couldn't be done and that some organizations are doing exactly that today.
dandy72 wrote:
Not knowing the exact situation
They're idiots. That's the exact situation.
-
That's one reason why memory was so much slower back then. They used actual capacitors to retain the charge in the memory bit and apparently they had rather low leakage current so they could hold it for a while.
Leakage current has always been minuscule but the surface of the CMOS, which is the source of the "parasite capacity" used to actually store data in DRAM dropped by a huge factor, so it became relevant.
GCS d-- s-/++ a- C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
-
From the cybersecurity training: > Nonpublic information should only be saved to your network drive Why do we even have hard drives then on our computers? IMO, non-public information includes source code, proprietary in-house and third party documentation, and so forth. WTF? But this one: > The information on your computer is only fully protected by encryption when it is powered off or in hibernate mode. Simply locking your computer is not sufficient for encryption. :laugh: Yeah, information is definitely "protected" when the computer is off. But how encryption protects your data when the computer is off is beyond me. Maybe I'm not as smart as I thought. And unrelated, when I browsed over to norsecorp.com (live feed of cyberattacks, yeah, right) I got this (my bold): > This page is currently offline. However, because the site uses Cloudflare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Dude. You really don't want to use "currently offline" and "Always Online" in the same sentence. :laugh:
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
Marc Clifton wrote:
The information on your computer is only fully protected by encryption when it is powered off or in hibernate mode. Simply locking your computer is not sufficient for encryption.
:laugh: Yeah, information is definitely "protected" when the computer is off. But how encryption protects your data when the computer is off is beyond me. Maybe I'm not as smart as I thought.
You don't necessarily need a password to get a locked running OS to do stuff for you as the current logged in user (e.g. via a USB attack), and since it can read the encrypted files... If they've enabled the full-drive encryption, and especially the encryption build into the hardware of 2.5" drives, then even if you have physical access, you're going to need the password before you can read the data on the drive if the computer is off when you get there.
I live in Oregon, and I'm an engineer.
-
From the cybersecurity training: > Nonpublic information should only be saved to your network drive Why do we even have hard drives then on our computers? IMO, non-public information includes source code, proprietary in-house and third party documentation, and so forth. WTF? But this one: > The information on your computer is only fully protected by encryption when it is powered off or in hibernate mode. Simply locking your computer is not sufficient for encryption. :laugh: Yeah, information is definitely "protected" when the computer is off. But how encryption protects your data when the computer is off is beyond me. Maybe I'm not as smart as I thought. And unrelated, when I browsed over to norsecorp.com (live feed of cyberattacks, yeah, right) I got this (my bold): > This page is currently offline. However, because the site uses Cloudflare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Dude. You really don't want to use "currently offline" and "Always Online" in the same sentence. :laugh:
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
Marc Clifton wrote:
Nonpublic information should only be saved to your network drive
So "private" information then? If it's private to me, I'm not sure it should be made "publicly" available.
Marc Clifton wrote:
Dude. You really don't want to use "currently offline" and "Always Online" in the same sentence. :laugh:
I understand what you are saying, but perhaps since the latter is a proper noun (i.e., capitalized), it's not really referring to a state, thus those terms can co-mingle. :confused:
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
-
Marc Clifton wrote:
how encryption protects your data when the computer is off is beyond me
When the power goes off, the decryption key field that is generated by the processor fan stops, and the HDD then loses the ability to decrypt it's magnetically stored data. (With SSD drives, it's all down to little tiny Leprechauns who live in the SATA cable)
Sent from my Amstrad PC 1640 Bad command or file name. Bad, bad command! Sit! Stay! Staaaay... AntiTwitter: @DalekDave is now a follower!
OriginalGriff wrote:
(With SSD drives, it's all down to little tiny Leprechauns who live in the SATA cable)
What did they do to the homunculus that used to have that job? You didn't cheap out and get the Leprechaun version, did you?
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
Marc Clifton wrote:
Nonpublic information should only be saved to your network drive
So "private" information then? If it's private to me, I'm not sure it should be made "publicly" available.
Marc Clifton wrote:
Dude. You really don't want to use "currently offline" and "Always Online" in the same sentence. :laugh:
I understand what you are saying, but perhaps since the latter is a proper noun (i.e., capitalized), it's not really referring to a state, thus those terms can co-mingle. :confused:
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
David Crow wrote:
but perhaps since the latter is a proper noun (i.e., capitalized), it's not really referring to a state, thus those terms can co-mingle.
Quite so, but the proper noun is a product that "guarantees" delivery of a cached static page when your server is down. Which (the cached static page) wasn't working. :rolleyes:
Latest Article - Building a Prototype Web-Based Diagramming Tool with SVG and Javascript Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
