2.5 hard drive vs ssd

Discussion in 'SSDs & Data Storage' started by Kre8sioN, Sep 30, 2015.

  1. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

    WPS is broken and nearly everyone has that enabled and I do recall there being programs that can sniff WPA2 nut i had a hard time finding them ages ago. They are not commonly found like WEP crackers.

    It is like finding social security numbers online. You can actually find all that online but it is hard to find because people simply don't talk about it. It took me forever one time to find this site from a new article that listed an unholy amount of personal identities. I should have book marked it :/ I never did find mine so I was happy. The identities also had a coding system that potentially hinted at the source of the info and DMV was the biggest source of everyone info. If you google you can find that but i have digressed. Oh and your ID is sold for like 50 bucks -_- It is bad.

    https://veracrypt.codeplex.com/wikipage?title=Release Notes
    See 1.0e It references the project

    If someone remotely accesses your PC or has malicious code on your PC and it access a file your PC will decrypt it because it has no idea who is who and just assumes it is the authorized user when you are logged in. If I am mistaken please explain how the encryption knows hackers, malicious code from a user.
     
    Last edited: Nov 30, 2015
  2. _CiPHER_

    _CiPHER_ [H]Lite

    Messages:
    74
    Joined:
    Sep 30, 2015
    I guess the best advice is: stop using Windows. Stop using proprietary products. Start using Libre software, preferably developed outside of the USA to avoid legal problems such as the Patriot Act.
     
  3. Meeho

    Meeho [H]ardness Supreme

    Messages:
    4,470
    Joined:
    Aug 16, 2010
    Yeah, I'm aware of those vulnerabilities. I don't think 63 random WPA2-AES is in danger as of yet.

    How big were those security issues? I don't remember there being anything major from the audit.

    I haven't followed up on Veracrypt much, I'm still on 7.1a. How trustworthy is the project and its maintainers? Would you recommend using it instead of tried and tested TC 7.1a?
     
  4. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    as far as i know veracrypt is legit but that doesn't say much. Its the same as truecrypt. You use it and hope for the best. Everyone I know has switched to them and not another version. The updater is very activein their forums which true crypt never was.

    Basically key files are useless and several other things that were pretty major. Good the project that was referenced. You find some news site or blog that sums up the 3/4 major issues in an article but yea don't use 7.1a and update as soon as possible.

    IIRC WPA2 was broken ingeneral as in sure 63 password might be better and take them longer but they can still get through reasonably but again it has been years since i reviewed the wifi issues and just remember all of them bust and always setting wifi up in a DMZ that can only access internet and not my homenetwork. Thats the best thing to do.
     
  5. Aesma

    Aesma [H]ard|Gawd

    Messages:
    1,844
    Joined:
    Mar 24, 2010
    I agree, however if your computer is compromised, then it's game over, even if you have other layers of encryption, you can't be safe.

    That's why I suggest to dedicate a computer to sensitive matters, shut down most of the time.
     
  6. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    Its called covering all your basis hence why you use every tool at your disposal and wiping data completely off an SSD is impossible and an important issue to consider.
     
  7. drescherjm

    drescherjm [H]ardForum Junkie

    Messages:
    14,448
    Joined:
    Nov 19, 2008
    Other than using secure erase which wipes the mapping table effectively removing the ability to get any data off the drive unless someone hacks the firmware of the SSD to return back pages that are marked unused. Although drives with encryption reset the encryption key preventing any access to the old data.
     
  8. Ranulfo

    Ranulfo [H]ard|Gawd

    Messages:
    1,560
    Joined:
    Feb 9, 2006
    Indeed. For games that do a lot of level loading or loading on the fly, you want them on an SSD. Skyrim, WoW, GTA5 etc. I'd put on ssd. Lately the only games I don't put on SSD are older games or games I just don't play very often but want installed.
     
  9. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    Natural Selection 2 is terrible on loads without a fast SSD.
     
  10. AlienTech

    AlienTech Limp Gawd

    Messages:
    286
    Joined:
    Sep 30, 2004
    If security is so important, why are you connected to the internet? They should be stand alone workstations and you should be using a usb stick to save data. Since it is impossible to not connect to the net at all, for updates and such, a fire wall should be used when you do connect so only sites you know about will be allowed to be accessed.. eg only particular companies sites are allowed access to update software.. You wont use that system for normal use. You get into problems because you allowed access.. That is because you went somewhere you should not have.. I think in all cases you pretty much explicitly gave access unknowingly.. They cant break into your computer if there is no program running they can use to access your computer..
     
  11. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    still not getting the point. you should still never use an SSD even with FDE with important data (or unimportant see Case 3 and 4).

    Let me make a few cases.

    Case 1

    You have an offline PC with an SSD using FDE. It holds your taxes.

    You delete old taxes after you pass the statute of limitations.

    IRS audits you and a court compels you to open the FDE drive.

    You no longer have the records from 10 years ago....or so you thought.

    But IRS agents recover records from 11 years ago and find an error where they will hammer you for 30 million dollars due to back pay, fines, and interest.

    This would have never happened if you could secure delete files.

    See IRS case below showing IRS is nuts as fuck and going after taxes from 40 or whatever years ago! Also these are parents taxes that are already dead! It isn't even this persons debts! (several of these exist and good luck fighting the IRS)

    http://www.washingtonpost.com/polit...ac8eae-bf4d-11e3-bcec-b71ee10e9bc3_story.html

    BTW there are more cases of IRS going after old debt but granted my case is slightly different but well within the realm of possibility. Courts do have the power to compel you to decrypt computers...4th amendment??? rofl If you don't comply you go to jail for contempt. Google it.

    100s of these exist. It is well within the realm of possibility because of IRS law and RICO laws.

    Case 2
    You have a computer and your retard friend, family member, or anyone else used it once. Intentionally or unintentionally downloaded something illegal. They delete it and you never knew it existed.

    FBI comes and seizures your PC and get an order from a judge to compel you to open it.

    They scan and search and find that thing your idiot friend, family, or whatever downloaded from hidden free space.

    They are now charging you for that crime because it is on your PC.

    Again the above works for anyone that may hack your PC and use it as a remote desktop. Doesn't matter if some else did it and your innocent. You will be on the hook because you have control of the property when they found it. This is the same case if you drive a friends car and you get pulled over and a cop searches your friends car while you are driving it. He finds hidden weed. It isn't yours but your the person currently driving it so it is considered to be yours in the eyes of the law so you get arrested for drug possession and now face possession charges and intent to distribute chargers. Both of the above are real world cases....google it -_-

    Case 3

    You simply are googling. Images are cached on your PC. You google for some photo but it is innocent search (searching for "hanna montana"). Some where in the 1000 photos that load an illegal piece of content also loads. You never even notice it but now it is in your cache and government has a record of you downloading it (unwittingly). They now have evidence that your a pedophile or whatever and arrest you and seize your unencrypted or encrypted hard drive. Now you face 25 years of sex registration and 15 years of jail.

    Case 4
    You like anime and google "Haganai" and some random shit pops up...bam same case as above.

    FYI any type of kiddy porn being it real, drawn, CGI, or what have you is considered child porn according to Canada (IIRC), UK, US, and other countries laws. Again google it. There is an open case in Vermont and other places because of cartoon porn having a person portrayed under the age of 18.

    So again wiping cache and free space is important no matter what even if your an upstanding citizen. Any google search almost always gets some sort of heinous shit that is illegal and can end up sending you to jail! This is no fear mongering....it is simply the truth using actual law, case law, and past and current examples.


    BTW research prosecutors and judges absolute immunity. It is nuts. See just a could case below.
    http://www.huffingtonpost.com/2013/...sconduct-new-orleans-louisiana_n_3529891.html
    https://reason.com/archives/2009/08/17/innocent-man-freed-but-shabby
    http://nakedlaw.avvo.com/crime/8-people-who-were-executed-and-later-found-innocent.html

    You do not want to flag yourself for any reason.

    This also doesn't even cover the whole issue from before of the DEAs and NSAs Path of evidence restructuring.

    If you go to tails or TORs site you are instantly added to the terrorist watch list and are permanently being monitored online via NSA systems. Again the path of evidence restructuring exists and they have used it.


    So please don't be foolish and naive.


    Also see hearsay law
    https://en.wikipedia.org/wiki/Hearsay_in_United_States_law

    The government can not use anything to prove your innocent. It is hearsay.
    You make statement that proves your guilty. Evidence
    You make statement that proves your innocence. Hearsay and insubmisable

    CASE IN POINT
    I googled image "10 best anime" and there were some pictures that would be classified under US law as child porn. Now those are on my SSD in cache....awesome. Be my guest and check the search.

    https://www.google.com/search?q=han...bm=isch&q=10+best+anime&imgrc=CyWydtlnaswL-M:
     
    Last edited: Oct 7, 2015
  12. zaniix

    zaniix Gawd

    Messages:
    895
    Joined:
    Nov 4, 2011
    Wow security expert and legal advise, can you cook?

    Personally once I am done browsing the internet I just throw my PC away and build a new one for the next time I need to get online. I do not just toss it in the trash I melt it down with thermite and then I bury it in an undisclosed location.
     
  13. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    here I even google searched for one of my favorite childhood TV shows.

    "kid goku"

    There is 1 or 2 items that could clearly qualify as kiddy porn and get you thrown i jail. A completely harmless search gets illegal material and prosecutors don't care. Again look at the history of prosecutor abuse in the US. More charges and convictions means a better career.
     
  14. Nenu

    Nenu [H]ardened

    Messages:
    18,843
    Joined:
    Apr 28, 2007
    I just disable scripting for google, no dodgy images and it no doubt pisses google off for other reasons :p
     
  15. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    I can't cook but I can fry a mean burgers and bake some badass goodies. :D

    It isn't hard to know the basics. I also take criminal justice classes for self knowledge lol. I actually got to leave soon for a class in Report Writing -_- Cops seriously are stupid but that is another topic.

    BTW if you think this crap wont happen to you ask Chad Chadwick...google it. Again I have endless cases like these stored. It is bad...cops getting a warrant after raiding a house, claiming he had hostages, and more so they can cover tracks. The stuff is all over the place. You have a fairly high chance of getting screwed over at some point in your life. I ran into a cop that doesn't even know reasonable suspicion or any of the Supreme Court cases on it. He obviously didn't pay attention in his criminal justice classes. -_-
     
    Last edited: Oct 7, 2015
  16. AlienTech

    AlienTech Limp Gawd

    Messages:
    286
    Joined:
    Sep 30, 2004
    ah no thanks... I thought you were talking about hackers breaking in to steal your data but now you are talking about police trying to nail you for something. Although I agree with most things you said, I am not sure what you can do about it. They have gotten some pretty big fish who thought they had covered their tracks because they have hooks into everything. Hence why they dont want you to go to the shop and buy anything with cash.. because that would be costly to track.. But digital, they can mine zillions and it is cheap..

    Actually SSD's are safer than hard drives since deleted data is added to the free pool and that is erased during garbage collection, with hard drives you have to explictily clear the unused area of the drive. Trim will clear the unused area when ever the drive is free. Even without trim a regularely used system will over write the data in time, 256GB is not a lot of room for a normal user.. Yea someone might be able to get the data if they catch it in time but then again we go to just show much security can you handle..

    Those drives with 1 button erase makes sence now.. If they break in, press it and presto the drive is erased.. But fighting the US government is like well land of the free and liberty and what not.. People still believe in all that.. I think the chinese have it far better with with the comissars noting everything down..
     
  17. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    I am not just talking about government. Those were just real world cases that wiping free space is important in regards to government. It also applies to criminals, family, nosey people, and general privacy and security.

    I have files on my SSD that are at least 12 months old (I don't recall the files so I must have deleted them a long time ago...maybe when I reformatted?) and I do 150GB writes per day on a 480GB drive and i reinstalled windows and all programs only a few months ago yet I have files that are from last year and I don't even recall them so they are not recent deletions. So you still need to be able to wipe free space period.

    And that's just using recuva which is a really basic scanning too. The average user will have files much much much longer. Think about it. I write 150 GB per day and did a reinstall a few months ago and yet I have a file that old...seriously.
     
  18. AlienTech

    AlienTech Limp Gawd

    Messages:
    286
    Joined:
    Sep 30, 2004
    Well unlike the NSA and IRS, hackers and nosy people can be defeated by using some basic common sense. Both of those require you to give them access to the system. So drive encryption keeps nosy people out and not running things you dont know about or going to sites that install and drops stuff keeps hackers out. It is always a service that hackers exploits to gain access.. Not having services means they have nothing to hack.. Hence you need multiple devices depending on what you do. Taxes and such should never be done on a system that is used by the kids to play games and go to facebook. Some systems should not even be connected to the net.

    You really cant defeat the NSA.. Not without great cost.. last I heard they had bribed someone to put code inside hard drive firmware that executed when the system booted.. Like when the computer bios boots the system, the drive sends code to install a hook before delivering the original data.. The hook waits until it detects a signal before activating a download..Which makes me wonder is Kasperesky is not part of the KGB.. things like this are impossible to detect.. not without massive resources.. So it is games by the big boys.. See all that security you put up, turned worthless..
     
  19. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015

    it wasn't bribing. They actually made malware that could edit and inject code into HDD firmware IIRC correctly. That was another piece of code coming from the NSA or a group of coders/programs working for them.'

    Also you don't need to do anything stupid to even get an infection. I.E. the recent yahoo ad network is a great example. Those adds you didn't even need to click on. They would actually just automatically infect your PC...I assume that has to do with scripts but whatever. The point os you don't even need to be irresponsible to be infected. There are countless ways to get whammied and not because of anything to do with your in competence. The fact still exists that being able to clear free space is crucial and you can't with SSDs. No matter what system you use there are still private and important information on there and you need to be able to clear that space regularly. I don't care If I have a PC that is dedicated to games. There is plenty of info that I don't want people to touch even on just a gaming rig and that still is besides the point. An SSD is just a massive security risk no matter what.

    See below
    http://www.wired.com/2015/02/nsa-firmware-hacking/
     
    Last edited: Oct 8, 2015