flat assembler
Message board for the users of flat assembler.

flat assembler > Heap > Petabox and the death of NTFS

Goto page Previous  1, 2, 3 ... 9, 10, 11, 12  Next
Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
Borsuc wrote:
SSDs don't have a buffer? My HDD has 32MB buffer, I assume it's used exactly for this purpose. Right? (for HDDs it's probably to avoid too many head movements)
How long does the data stay in the buffer?

Too long and you risk losing things when power is lost.

Too short and you have more erasure/relocations happening.

Think about how a once-per-second write to a sector update happens:
  1. The drive receives the new sector and buffers it (hoping power is not lost) and starts a timer
  2. The timer expires (perhaps 0.1-0.5 seconds?)
  3. The drive relocates to a new 128kB block and erases the old block
  4. At the one second mark a new 512Byte sector update is ready
  5. start again at 1
Now do the sums: 100,000 seconds is how long? Multiply that by the number of spare sectors the drive keeps for relocations (maybe a few 100's?). Does that time period seem very long?

Perhaps the drive is very smart and can relocate older sectors to make space for new updates? Who knows? You can't find it stated in the specs. Are you willing to trust every drive out there to do really smart things to make sure the data isn't prematurely at risk? The cheap drives won't bother to do it. And the really cheap drives will use MLC, so that 100,000 writes now drops to 10,000.

Hmm, I'm still not convinced about current SSDs.
Post 17 Feb 2010, 11:49
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2468
Location: Bucharest, Romania
I wish they had included a firmware option or something to change the timer length, since I have an UPS and couldn't care less about short power loss or fluctuations. (of course, I would set it to ~5 secs or so, since the battery lasts about a minute and want to be on a really safe side Very Happy)

_________________
Previously known as The_Grey_Beast
Post 17 Feb 2010, 18:31
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
BTW: In case you didn't realise. If an SSD decides to relocate an older (used) sector to make space for a new free sector to use for changes that means two erasures to accommodate a single 512byte block change.
Post 19 Feb 2010, 09:39
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
Why go with SSD when you can have a 256GB pendrive instead:

http://www.physorg.com/news186046477.html

But I don't like the sound of this:
Quote:
Up to about 90% of the flash drive's capacity can be password protected without the need for administrator rights.
Sounds dangerous. It must come with some software installed or something. I wonder if it is secure and uses proper algos, or whether it is just some simple xor scheme. The first thing I would do with it is erase all the nonsense that came with it and use truecrypt to secure it properly.

The price is also quite scary USD1108!


Last edited by revolution on 22 Feb 2010, 14:55; edited 1 time in total
Post 22 Feb 2010, 13:23
View user's profile Send private message Visit poster's website Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
revolution wrote:
Why go with SSD when you can have a 256GB pendrive instead:
Because a 256GB pendrive is a SSD, just using cheaper & slower flash than what a decent SSD has, probably worse wear leveling algorithms, and a slower interface? Smile

revolution wrote:
It must come with some software installed or something. I wonder if it is secure and uses proper algos, or whether it is just some simple xor scheme. The first thing I would do with it is erase all the nonsense that came with it and use truecrypt to secure it properly.
*shrug*. So far, the encrypted USB drives have all sucked in one way or another. A bunch of them actually have hardware AES encryption, but all use the same encryption key Smile - apparently the IronKey is secure, though (that link also has a brief description of why the others suck - if that's not good enough for you, check up on slashdot a couple months back).

_________________
Image - carpe noctem
Post 22 Feb 2010, 14:48
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
So my suspicions were well founded. Doesn't surprise me though, what with all the bad crypto products out there. I never ever trust them blindly just because they say "uses crypto". Yuk, it would really kill me to if I realised too late that I had trusted the manufacturers claims with my data only to learn that it was never safe from day one.
Post 22 Feb 2010, 15:24
View user's profile Send private message Visit poster's website Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
revolution wrote:
So my suspicions were well founded. Doesn't surprise me though, what with all the bad crypto products out there. I never ever trust them blindly just because they say "uses crypto". Yuk, it would really kill me to if I realised too late that I had trusted the manufacturers claims with my data only to learn that it was never safe from day one.
Yup.

I find it scary that people have gone through enough effort to actually do hardware AES encryption and get the device FIPS certified... but it turns out they use hardcoded keys, and depend on an application doing handshake and sending a static unlock code. Makes you wonder if it's an intentional backdoor, or sheer stupidity.

_________________
Image - carpe noctem
Post 22 Feb 2010, 15:26
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
f0dder wrote:
I find it scary that people have gone through enough effort to actually do hardware AES encryption and get the device FIPS certified... but it turns out they use hardcoded keys, and depend on an application doing handshake and sending a static unlock code. Makes you wonder if it's an intentional backdoor, or sheer stupidity.
I've been thinking about this since your post. The only reasonable explanation I can think of is that it was an economic decision. It would cost a lot more to do it properly and securely. Higher prices mean less sales, less profit. Complying with FIPS140 (as if that is somehow a magic bullet) was enough to get the increased sales. So there was no incentive go the extra steps to make it genuinely secure. I expect all the techs and software workers at the company know exactly how (in)secure it is, but why tell anyone when your salary is at risk.
Post 23 Feb 2010, 00:34
View user's profile Send private message Visit poster's website Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
That doesn't really make sense to me, though. I doubt they've implemented AES but made it with an entirely hardcoded key - as in, the circuitry only being able to handle that specific key.

Instead of sending a "OK, user is nice, use your decryption key" they could've hashed the user-input passphrase and made the device use that as decryption key. Sure, not a perfect solution, but about a zillion times better than always sending the same "user-is-nice" :-s
Post 23 Feb 2010, 01:53
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
No, it doesn't really matter too much that it sends the same fixed key. The main problem is that it sends the key (no matter what it is, unique or common). It should never send the key in the clear. That is the real problem to solve. It should be using a proper crypto exchange (like SSL). That is where the expense comes, adding all those extra layers, and making it properly secure.
Post 23 Feb 2010, 02:02
View user's profile Send private message Visit poster's website Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
revolution wrote:
No, it doesn't really matter too much that it sends the same fixed key. The main problem is that it sends the key (no matter what it is, unique or common). It should never send the key in the clear. That is the real problem to solve. It should be using a proper crypto exchange (like SSL). That is where the expense comes, adding all those extra layers, and making it properly secure.
Sending the key in clear obviously isn't optimal, but per-user keys transferred across the USB bus wouldn't that bad, and would require pretty targeted attacks. Having a single user-is-good unlock command that applies to all pendrives... that is bad.

_________________
Image - carpe noctem
Post 23 Feb 2010, 02:42
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
f0dder wrote:
Sending the key in clear obviously isn't optimal, but per-user keys transferred across the USB bus wouldn't that bad, and would require pretty targeted attacks. Having a single user-is-good unlock command that applies to all pendrives... that is bad.
Well they are both bad, but the last is worse. However that brings us back to the same Q, why use a fixed key? Key management is the hardest thing to get right in crypto. Solving it properly is really difficult and costly. And since you can advertise FIPS140 anything extra is wasted effort. Most consumers will never understand why your product is so expensive compared to others when they have FIPS140 also. Shit, it is FIPS140, how could it possibly be bad? Razz No, I still think it is an economic reason.
Post 23 Feb 2010, 02:51
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
Post 24 May 2010, 09:28
View user's profile Send private message Visit poster's website Reply with quote
MHajduk



Joined: 30 Mar 2006
Posts: 5995
Location: Poland
Awesome news! Now one disc will be able to store hundreds of thousands of the books in the PDF or DjVu formats. Wink
Post 24 May 2010, 21:29
View user's profile Send private message Visit poster's website Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 2777
Location: dank orb
Post 26 May 2010, 03:38
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
1,000 terabytes on a DVD

http://phys.org/news/2013-06-storage-terabytes-dvd.html

Technical details here:
http://www.nature.com/ncomms/2013/130619/ncomms3061/full/ncomms3061.html

Of course this will give bodies like Facebook and NSA ever more ability to store all of our data ... forever. All our data belong to them.
Post 20 Jun 2013, 14:07
View user's profile Send private message Visit poster's website Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1389
Location: Toronto, Canada
On the other hand (more optimistic view) -- storage like that allows to create some huge programs, like AI.
We can build Commander Data now!
Post 20 Jun 2013, 15:14
View user's profile Send private message Send e-mail Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8227
Location: ˛                              ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣ Posts: 6699
1,000 TB, that is really lots of space in a tiny piece of DVD,
really amazing and scary too,
it makes sense to buy such physical DVD film instead of downloading them from net then.

global internet speed around 100 mbps (maybe this highest i guess)
10 years in future, maybe we get 1 gbps every home?
and total monitoring.
Post 20 Jun 2013, 20:41
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16628
Location: In your JS exploiting you and your system
sleepsleep wrote:
1,000 TB, that is really lots of space in a tiny piece of DVD,
really amazing and scary too,
it makes sense to buy such physical DVD film instead of downloading them from net then.
Make sure you buy them in the right place. I've bought DVDs from some countries and the movies were cut so badly they hardly made any sense. US, UK, OZ, NZ, EU are okay in my experience. Many Asian country versions are crap. Middle East - just completely forget about it unless you want to be bored to tears.

Also make sure your player is multi-region compatible.
sleepsleep wrote:
global internet speed around 100 mbps (maybe this highest i guess)
10 years in future, maybe we get 1 gbps every home?
and total monitoring.
Well total monitoring is already here. If you believe otherwise then go ahead and try to send an anonymous death threat to the POTUS. Twisted Evil
Post 21 Jun 2013, 06:26
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8227
Location: ˛                              ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣ Posts: 6699
the VCD here usually CAM version (you could get those pirated film at night market, but such stalls are getting less) people choose to torrent high quality film,

there got VCD or tape rental shop i think 8 years ago, now, none,

ah, middle east, i havent really been there, but i guess their censorship board must be very strict to show off its holy land culture,

yeah, well aware regarding the monitoring,
we might reach High Definition & Quality live cam at every house soon,
500GB still quite small to record those HD CCTV footage,
consumer market currently sells 2TB (i think maximum)

to get eg, 200TB, with some sort of raid capability, (maybe still early in 2013)
Post 21 Jun 2013, 10:59
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3 ... 9, 10, 11, 12  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2019, Tomasz Grysztar.

Powered by rwasa.