Slashback: Compromise, Bugs, Slag

Slashback with more on Bill Gates' comments on bugs in Microsoft's code, the recent compromising of millions of credit card numbers, more .uk domain waffling, and more, including a foolproof way to stop anyone from reading data off of your discarded hard drive's platters.

Let me just slide your card a few dozen more times ... Any Web Loco writes "Following on from this piece on /., this story in the Sydney Morning Herald tells us that the company that got hacked (exposing up to 8 million credit card numbers) was Data Processors International. Not much to the story, but we now know who it was."

Another reason to be cautious about domains with "uk" in them. An anonymous reader writes "The Register reports that Nominet has looked at opening .net.uk up or killing it off and then decided it can't decide. The chair of sub-committee responsible, Clive Feather, is currently standing for re-election to Nominets Policy Advisory Board. The sub-committee he chaired had suggested shutting down net.uk entirely, which the main board rejected. His position must surely be under scrutiny by the internet community."

Interesting bugs are in the teeth of the beholder. dvdweyer writes "I myself do remember having read the whole interview with Bill Gates in Focus, a German weekly news magazine (their online service now seems to be part of MSN *yuck*). There are however resources online which provide full sources, in English, most notably RISKS in issue 17.43 (not 17.42) with a follow-up in issue 17.44."

When fan-subs just aren't what you want. May Kasahara writes "Studio Ghibli fansite Nausicaa.net now has official release dates for Region 1 DVDs of Kiki's Delivery Service , Laputa: Castle in the Sky , and Spirited Away , as well as official preview artwork of the disks and packaging. As a side note, the site now has a page up for Miyazaki's upcoming Howl's Magic Castle . See you at the video store on April 15!"

Fonts make your terminal much more useful. Russ Nelson writes "The Bitstream Vera fonts are available for trial use. Bitstream is still tweaking them, so they're under the provisional "no redistribution" license. You can download them yourself, though, and in about a month, put them in your software distribution. Kudos to X co-creator Jim Gettys for finally getting X some professional-quality fonts."

Dear Mr. Ashcroft: I hope you find this slag useful. eecue writes "Due to the recent MIT study concerning data recovery from old hard drives, we decided that the only foolproof means of data removal was complete destruction."

.net.uk

[blowdart]

Clive Feather: His position must surely be under scrutiny by the internet community.

The UK "internet community" cannot vote, assuming you mean UK internet users as the community. You can only vote in nominet elections if you are nominet member, which costs £1000+ per annum.

Standard US DoD SOP

[George Walker Bush]

for destruction of magnetic data is to use thermite in situations where time is of the essence and less important than safety (eg, your base is being overrun), and acid in other cases. Both are quite effective, needless to say.

Re:.uk

[rgmoore]

Why should it be .gb instead of .uk? The full and proper name of the country is The United Kingdom of Great Britain and North Ireland. People are more likely to call it The United Kingdom (which fully includes the whole country) rather than Great Britain (which excludes the people in North Ireland, many of whom most certainly want to assert that they are part of the UK rather than their neighbor to the south). I've certainly heard lots of people talk about "The UK", but I've never heard them talk about "GB". There's certainly no reason not to use .uk rather than .gb.

Re:Hard Drive Destroyed

[Nine Mirrors Turning]

Thermite. Might be classed as explosive, I dunno.

Re:Hard Drive Destroyed

[The Bungi]

I've heard (someone please verify) that the military uses explosives to take care of old hard drives and storage media.

Last I heard, this [easydatarecovery.co.uk] is how they do it.

Re:.net.uk

[ajvtoo]

Nominet membership is a 400ukp one-off joining fee, and 100ukp annual subscription.

http://www.nic.uk/Members/HowToJoin/ [www.nic.uk]

Hard Drive Data

[IvyMike]

Crikey, from the posts here, people aren't very creative on how to get data off of a drive. You don't use any high-level programs like norton, or even something like "dd"; in fact, you use vendor-specific programming modes on the drive. (An example of programs that use such commands would be things like "MaxPower" from Maxtor, where they are clearly getting non-standard data from the drive.)

Then, you use these commands to tweak the calibration registers to move the head a fraction of a track at a time, reading the data at each step. Hopefully, at one extreme or the other, you get a residual of the data. More sophisticated techniques would involve correlating data read at each subtrack step. This is left as an excercise for the reader.

Re:.uk

[$$$$$exyGal]

It looks to me like .gb and .uk are both TLD's for the United Kingdom. A website in Norway [norid.no] tells me so.

--sex [slashdot.org]

Re:Vera, what do you look like?

[Hal Roberts]

http://www.bitstream.com/categories/products/fonts /vera/index.html [bitstream.com]

Re:Uhm...

[Nexus Seven]

slag (WOMAN)
noun [C]
BRITISH TABOO
a woman whose appearance and behaviour, esp. sexual, are considered unacceptable

Re:See me where?

[BakaMark]

"Nausicaa" has not been release in Japan on Region 2 DVDs yet.

"Porco Rosso" has been released. The Japanese Region 2 DVD has the English Subtitles and English Soundtracks on it. If you want "Porco Rosso", and cannot wait for the US release, then you will be paying a lot more for the Japanese release.

Anime DVDs for the Japanese market cost a lot more than those sold in the US. To the point that it is a problem for the Japanese Anime distributors when the US Releases flow into Japan at a lower cost. "Porco Rosso" only came out recently, so it is likely that Studio Ghibli is waiting untill they have made enough out of their local market before allowing the US releases to appear. Also the US releases are for the movies that Disney licenced, and it is possible that Disney don't hold the licence for "Porco Rosso" at the moment.

Securely deleting encrypted data

[phr2]

First of all you should never write sufficiently sensitive data to a hard drive in cleartext form. But if you have 10,000 encrypted files and you want to delete one securely, the question then becomes, how do you get rid of the decryption key for that file?

It turns out you can do that if you have some securely deletable way to store just one key (e.g. 16 bytes for an AES key). See here [google.com] for further description and a link to sample code.

Absolutely Beautiful!

[nathanh]

The Vera Sans Mono Roman is gorgeous. I'm making it my default terminal window font. Thank you, Jim and Jim!

Slashdot IQ test for users/ editors

[MyTwoCentsWorth]

It seems to me that since the article is a recycled translation from GERMAN (which probably means that Bill Gates migh have said that Linux is the next great thing and it would have been lost in the translation), this was just an IQ test that either the editors (for publishing it) or the readers (for failing to spot that forever) failed miserable. Smart money is on both - after all, how hard can it be to READ an article that is being submitted and see it's junk before you start ranting on and on? Have fun, Daniel

Re:Dodgy word "slag"

[23orgFlea]

m-w.com: Main Entry: slag Pronunciation: 'slag Function: noun Etymology: Middle Low German slagge Date: 1552 : the dross or scoria of a metal My guess is the slang tends to come from the slag being the 'left-overs' Ever hear of a slag heap? It's a giant pile of junk basiclly. Pretty sure wank means pretty much the same to everybody ;) Nobody does anything refering to wank without trying to hide in the bathroom while doing it. Fag is a good example tho, offer a fag to somebody over here and you'll get punched, kissed or just looked at strangely depending on the part of town you're in.

Re:Thats the best way...

[harlows_monkeys]

Why not use /dev/random or another pseudo-random number generator instead of /dev/zero, or at least do one round of zero's, one round of random data, and repeat say... 5-10 times? :)

Well, one problem with that method is that the data can still be recovered. Read this paper [auckland.ac.nz] for more information.

Writing ones is not enough

[pr0ntab]

Writing one value over and over doesn't flip the field. This is a problem because the magic recovery methods look for the magnetic residue of field flips (and can guess how old they are due to some physical criteria that I can't recall). Writing ones lots and lots of times will make the 0's stick out harder "underneath". Unless you write it like more than a few hundred times.

Random bit patterns with equal mixes of 1's and 0's is ideal. I think the rule is 7 passes. You should always follow with a pass of 0 at the end, and then format it to make it look empty to a casual observer.

Re:Dodgy word "slag"

[Pembers]

Well, here in Britain, "slag" means the waste from smelting the ore of a metal - much the same as in the US, I suppose. Strictly speaking, therefore, a melted hard drive platter isn't slag, but there's an analogy with something that's left over after intense heat.

The other meaning of "slag" in Britain is as a derogatory term for a debauched or promiscuous woman. Using it to someone's face is a good way to become acquainted with new forms of pain. ;-)