General Musing

blaze your trail

Archive for the ‘law’ Category

Painful Facts For Developers #programming #foss

with one comment

I recently saw a note from the Tech Journalist Russell Holly who calls on the Scumbags of the Internet to stop making demands of developers from whom they get their free software:

You don’t demand ETA’s on shit you aren’t paying for. You don’t get angry when something doesn’t work quite right on an Alpha or Beta build of something you didn’t pay for. You don’t start shooting off at the mouth about how you are going to move to someone else’s free software if this developer doesn’t fix the software you didn’t pay for.

I was naturally in agreement with the spirit of what he said. And I think that he and these developers miss a number of simple facts: Read the rest of this entry »

Advertisements

Written by Daniël W. Crompton (webhat)

December 18, 2011 at 3:44 pm

Masterclass ‘Security’ – Hackner Security Intelligence #crime

leave a comment »

Last Saturday I was invited to go to a Physical Security Workshop organized by Independent Films to promote the movie Flypaper. The workshop was given by Thomas Hackner of Hackner Security Intelligence, an independent security auditing company.

The workshop started with a large amount of statistics on the current rates of crime in Austria, and a discussion of the methods by which property crimes are commited. Next there was some practical analysis of the security measures which are currently implemented in securing different classes of objects – houses, office, secure facilities, etc – and the various security measures that are implemented to ensure a certain level of security.

And as with any workshop there was a destructive and non-destructive practicum for most of the items discussed: windows, doors, locks, chains and social engineering. Besides from lockpicking and designing tools to circumvent security non-destructively, we also got to break into a door by destroying the lock and manually manipulating the locking mechanism.

It was great fun!

Image source: Daniël W. Crompton

Written by Daniël W. Crompton (webhat)

October 24, 2011 at 10:11 am

Posted in amsterdam, environment, event, law, security

Tagged with ,

Proof of Concept: RAM Disk for your own Protection #police #law #government

with one comment

Museum Boerhaave – 1930 Wiess electromagnet

In continuation of my article: Data Erasing for your own Protection I got into a discussion about other ways to protect you data from law enforcement.

I was told by a former law enforcement member that after the crime scene has been secured that the the computer tech checks the computer is functional and then has the equivalent of a mover ship the computer, like a box, to the computer lab. The issue with this being that a mercury switch and power source could be used to zap the computer with the needed Gauss to erase/destroy the hard disk.

Another method would be to use a RAM Disk, whether this is a physical[1] or virtual RAM Disk. The first has the advantage that in the case of a brownout the data is saved for X hours, although this could be a disadvantage too, another disadvantage is that you may have a memory limit which is imposed by the hardware. The advantage over the physical RAM disk is that a higher amount of memory can be allocated, although you don’t get the protection from brownouts.

Important to also remember is that there is also a data remanence with data in RAM[2], which also should to be mitigated. This may be possible by passing an electric charge over the memory to erase them, although I have yet to find relevant references.

A third method may be by raising the temperature of the hard disk to above the Curie Point[3], which with effect the magnetics of the disk. I will need to investigate this more too.

Embedding part of the computer in epoxy still applies to all the above.

  1. Gigabyte I-RAM DDR PCI Virtual RAM Disk Drive SATA W/ Backup Battery – backup power lasts ~16 hours and it supports 4Gb RAM.
  2. Data remanence: Data in RAM
  3. Curie Point

Image source: Michiel2005

Written by Daniël W. Crompton (webhat)

January 23, 2011 at 8:51 am

Proof of Concept: Data Erasing for your own Protection #police #law #government

with 6 comments

Museum Boerhaave – 1930 Wiess electromagnet

I’ll describe the problem I think that you have: You have data stored on computers which you don’t want the police or the governments to have, something that cryptography can not protect, as XKCD so eloquently puts in the cartoon below. You are not the only one: internet companies; financial institutions; churches; organizations working for freedom; lawyers; criminals and innocent individuals all need to protect themselves.

It’s possible to use something like Darik’s Boot and Nuke (DBAN) which is a self-contained boot disk that securely wipes the hard disks of most computers, however this takes time sometimes a number of hours and requires human interaction. Time that may not be available if the long arm of the law comes down on you like a ton of bricks. And it can even be the case that the power is shut off before the computer is secured, the police do this to keep the data on the computer secured for the investigation. So I thought about what would be needed to magnetically erase the hard disk.

Firstly I read that a hard disk should be degaussed, which is what decreasing or eliminating an unwanted magnetic field is called, with a electromagnet and not with a rare-earth magnet.

Secondly I read that degaussing can cause permanent irreversible damage to hard drives which means they are not reusable. Unlike tapes the mechanism to read the magnetic track is part of the device and is also magnetic. So don’t expect to be able to use the disk after you have tested the electromagnet.[1]

Security

Thirdly the magnetic induction (also referred to as magnetic flux density or saturation flux density) needed to correctly erase some hard disk can be from 6000 – 7000 gauss (0.6 – 0.7 tesla), an NSA approved degausser puts out 22000 gauss (2.2 telsa). From some sources[2] I learned that mostly the core of electromagnets is made from a magnetic material – power ferrite – which has a magnetic flux density of under 4000 gauss, this wouldn’t be enough. A different material would be needed for the core of the electromagnet. I discovered that MPP (molypermalloy powder) material has a magnetic flux density of 7000 gauss, which is what is needed for this PoC. Iron powder and high-flux can yield 10000 and 15000 gauss respectively.

Fourth you need thick copper wire wound round the core, this is called a solenoid. This creates the B-field which is the magnetic field which will erase the hard disk, using a gauss or EMF meter it is possible to measure the magnetic flux density in gauss or telsa produced by your electromagnet and experiment with getting the level to 6000-7000 gauss.

Fifthly you need an Uninterruptible Power Supply (UPS), this will ensure that when the power is switched off that the electromagnet is powered up to erase the hard disk.

Lastly you need to install your electromagnet round your hard disk, hook up the UPS and fill the computer with epoxy so it cannot be taken apart by the police. Let’s just hope you don’t have a brownout. 😉

Sadly this method will not work for solid state disks, although you can possibly attach squibs using a similar setup. That may be something for a future article.

  1. Degaussing : Irreversible damage to some media types
  2. I am creating an electromagnet for my school’s science fair project. Does the shape of the iron core make a difference? […]

Image source: Michiel2005

Written by Daniël W. Crompton (webhat)

January 19, 2011 at 12:43 pm

Words I Wondered About In Law Shows #television

leave a comment »

IANAL – I Am Not A Lawyer – but I like TV law drama, almost as much I like hospital series, as you might know if you read “Words I Wondered About In Medical Shows“, I have to admit I just like TV. (Which is why I currently work for a TV company.) I’ve always wondered what the meaning was of some basic law terms. I wanted to make a list and post it here, but as the law is slightly more complex than medicine the explanation will be slightly longer.

literally means “you have the body“. The translation doesn’t really help, “[h]abeas corpus is a protection against illegal confinement […]” A writ (court order) which is obtained from “[a] judge [who] sets a hearing on whether there is a legal basis for holding the prisoner.” Before I read this I assumes it meant “where is the body.” On TV you often hear the term spoken by the defence when a murder suspect is arrested with out a victim. The corpus in this case is the suspect who is in the care of law enforcement.

is an easy one, it “[…] shows intent to commit that crime.” It leads to the next

, “[…] a general evil and depraved state of mind in which the person is unconcerned for the lives of others.” That sound more like the description of a narcissist that a psych nurse once gave me, although he described somebody who was in a asylum for the criminally insane.

means at “‘at first look’ […] referring to a lawsuit or criminal prosecution in which the evidence before trial is sufficient to prove the case.” Which means a case would be a case that’s could be considered “open and shut.”

I’d never heard of, but according to the dictionary they are “remarks of a judge which are not necessary to reaching a decision, but are made as comments, illustrations or thoughts.” Do you know what it means, if so I’d appreciate an example.

, I didn’t know there was one. Seemingly you can eat to much sugar and go on a murderous rampage.

, a defence used successfully by Johnnie Cochran. “Ladies and gentlemen, this is Chewbacca. Chewbacca is a Wookiee from the planet Kashyyyk. But Chewbacca lives on the planet Endor. Now think about it; that does not make sense!

This post originally appeared here.

Technorati technorati tags: , , , , , ,

Written by Daniël W. Crompton (webhat)

May 26, 2010 at 10:07 am

%d bloggers like this: