That's not actually the case here. People seem to be assuming that you can recover Snapchat images because they're deleted but the data is still resident on disk. Sure, that's a common reason for being able to recover data from a computer. It's not the case, though.

The problem seems to have first been documented by Decipher Forensics. It's clear from their writeup that they didn't do data carving to recover deleted files. The images are simply stored an a directory that's not user-accessible and not deleted.

Unless you, you know, unplug it.

That seems weird. I think Ginsparg was at Cornell at the time, and the original host of arXiv was LANL, before it was arXiv, even.

Anyway, arXiv costs about half a million a year to run now and is mostly funded by voluntary (small) donations from other universities. On a per-paper and per-university basis, it's dirt cheap. But, to be fair, it's not a publication -- it doesn't have peer review. It's a preprint server. It's mostly useful for a) the absolute newest pre-review work and b) getting free copies of things once they're published.

Not true, actually. In the US, a renter has the right of possession of his apartment but not the right of ownership. Thus your apartment is "yours" in a legally meaningful sense. (It is also, in another sense, the owner's.) The owner has the right of ownership but not of possession (he's rented that right out to the renter). As such, in many states, it's illegal for the owner to enter the apartment without the renter's permission.

Not at all. You're thinking of technical workarounds to the law -- which geeks often do, and which is generally not correct.

See, the two videos posted to YouTube aren't gibberish. They aren't raw materials. By using one to decrypt the other, you're not transforming them in the same way you're performing a transformation when you Photoshop a picture or mix chemicals together to make a bomb. You started with a video, encrypted it, converted it into an odd visual encoding, and posted the result to YouTube. Even though the result can separately be interpreted as a "gibberish video", it's history makes it clear that it's not, and through that history it retains its essence as a copy of the original video. Likewise, you cannot claim that a copy of the video on your hard drive is just a bunch of bits on disk, and you can't claim that a copy of the video on a VHS cassette is just magnetized tape.

The properties of encryption actually make it easy to prove that if the two videos can be combined to produce the "illicit" video, then it must have been the illicit video in the first place. The probability of producing anything intelligible (or even with a valid format) from a ciphertext and a key that don't go together is impossibly small. If you combine a ciphertext and a key and get something intelligible out, it must be the case (statistically) that they in fact go together and that the ciphertext was produced using that plaintext and key.

Why not use the key that you said was posted as a separate YouTube video?

I actually count a lot of parameters. Let's say roughly eighteen. That's pretty serious parameter fitting.

I find this all very weird because as a physicist, I ended up having to learn machining. Loved it, very useful. But on the other hand, it's very clear (and often complained-about) that there are no young professional machinists out there -- every decent machinist is old and near retirement. While the demand for it is drying up, there's enough that there's some pretty serious risk of having a shortage of skilled machinists in the future.

Logic and philosophy, a.k.a. the educated man's common sense, had a good run of things. That was back when there were four elements, light traveled through the ether, and heat was a fluid.

See, figuring out whether or not that's true is what the research is for.

You realize that you've cast a very wide net with your examples -- about forty years and a wide variety of applications and you have four examples? I'm sure there are more, but consider the vast amount of chemical engineering in that time period that has turned out to be entirely safe -- to say nothing of beneficial.

It certainly seems like people have noticed.

In what sense do you mean "account for"? Do you mean, could the drive controller overcome the hysteresis to minimize it?

Possibly, but that's a lot more work, and it turns out not to be necessary. Note that the idea people have in their heads about drives -- that there is some little region of the drive that is magnetized one way for a one and one way for a zero and is "just one" bit -- is no longer accurate. The magnetic patterns on disk are rather complicated. (This is a major contributor to why recovering anything from the hysteresis effect just doesn't work any more.)

You cannot. Or rather:
* Nobody has ever demonstrated success of recovering data from a modern hard drive (anything more recent than MFM) that has been overwritten even one time.
* The person who wrote the paper on recovering data from drives after erasure, Gutmann, has said there is no reason to believe that it is possible with modern drives.
* Other people have a quite sound theoretical arguments that it is impossible. (That is, there is a hysteresis effect, but it is so small compared to noise that the statistical probability of getting correct data instead of random data is much, much too small to be of any practical use even in a best-case scenario.)

This is a myth in computer forensics and security that needs to die.

It's almost certainly AES, since that's what's used in almost every encryption product out there. AES is government-proof.

The algorithm's not the problem. It's every other aspect of security that someone (usually the vendor or the user) manages to screw up, rendering the encryption useless to an attacker.

Since they tried for "months" to decrypt it, either he had a very good password or it's something that uses a many-round PBKDF (combined with a good password).

Yes, that annoys the hell out of me too, but it's always "GDP in a year" vs debt when people make that comparison. Which really means that what they're fundamentally doing is measuring the debt in units of "years of GDP", which is an entirely legitimate unit. (It's like measuring your personal debt -- or, say, a potential mortgage loan -- in years of income.)