Forgot your password?
typodupeerror

Comment: Re:Unsafe Advice (Score 1) 66

Any marginal blocks mapped out before you encrypt will remain unencrypted and may be available to a determined attacker. Same goes for hard drives, and SATA secure erase is not provably trustworthy. Always encrypt your storage before you put any data on it. If you do not trust your hardware AES to not be backdoored then use software crypto.

Yes, the safest approach is to enable encryption just after you get the device (after using it for a few minutes to accumulate some randomness in the Linux randomness pool, so you get a good key). If you don't, totally wiping it is more or less impossible, though the odds of anything significant surviving either the normal wipe or the encrypt & wipe (which probably won't actually do any more than the wipe) are pretty small.

Comment: Re:usually will not do the sdcard partition (Score 1) 66

Last time I checked the standard Android encryption will not do the sdcard partition (I mean not the physical card, but the partition on the internal flash, usually the biggest chunk of it, like let's say 11 out of 16GB).

I'm pretty sure that's not true, because it would make device encryption pretty much useless. A glance at the code certainly appears to show that it encrypts all volumes, but maybe /sdcard somehow gets excluded from the list? I'll ask my colleague, who "owns" disk encryption for Android at Google, tomorrow and post a followup.

I'll also note that none of the devices I have handy (Galaxy Nexus, Nexus 4, Nexus 5, Nexus 7 1st & 2nd gen, Nexus 10, Moto X, Moto RAZR M, Samsung Note 2) even have an /sdcard partition, exactly. They all mount their data partition on /data, and /data is definitely included in device encryption. In fact, it and /cache are the primary targets of device encryption (/system doesn't matter).

Comment: Re:Snowden's Patriotism is Gaining Acceptance (Score 1) 136

by swillden (#47445025) Attached to: NSA Says Snowden Emails Exempt From Public Disclosure

It has been my observation that the people who have blistering hatred for Snowden, are the kinds of people who totally embrace jingoism.

But there are also those who don't have a blistering hatred, yet still feel that he broke the law and should be accountable. I find these people to be especially common among those who themselves are or have been under legal and moral obligations to preserve US government secrets and are appalled that Snowden essentially dumped a huge pile of unsifted sensitive data on the Guardian and trusted them to keep it secure and behave responsibly.

These people largely agree with the need to publish some of the data, but find dumping all of it to be criminally irresponsible.

I think there are a lot more people like that than those who have the blistering hatred you mention. FWIW, my own take (as someone who once held a Top Secret clearance) is that Snowden's action was necessary, that it was infeasible for him to properly vet and carefully release the data, that the news agencies have done a good job and been responsible, and that whatever damage it may have done is far more than offset by the good that it has done. So on balance I consider him a hero. But I do know a lot of people whose concern about what he did tips the balance the other way, even though they don't "have blistering hatred".

Comment: Re:Snowden / Binney 2016 (Score 1) 136

by swillden (#47444983) Attached to: NSA Says Snowden Emails Exempt From Public Disclosure

Except Snowden is 31 and you must be 35 to meet the candidacy requirement for POTUS.

It also helps to be able to set foot on US soil without being arrested. Not a constitutional requirement, per se, but a fairly important practical one. Otherwise even if you win you have to figure out how to sneak into the country and your own inauguration so you can get sworn in -- and acquire the ability to pardon yourself -- before being body slammed to the ground, thrown into the back of a black Suburban and transported to Gitmo for waterboarding.

Comment: Re:Full-disk wipe or only current data? (Score 2) 66

Who gives a shit what the documentation says. Actual implementation is what matters.

Absolutely. So, look at the source: https://android.googlesource.c...

That file contains the code that generates the master key, derives the key encryption key used to protect it (using scrypt), stores the protected master key, and configures dm_crypt with the master key.

Some functions to look at:

- create_encrypted_random_key(), which creates the master key (reading from /dev/urandom).
- encrypt_master_key(), which derives a KEK from your password and uses it to encrypt the master key.
- decrypt_master_key(), which does the reverse.
- create_crypto_blk_dev(), which creates dm_crypt block device.
- cryptfs_setup_volume(), which mounts an encrypted block device.
- cryptfs_enable_inplace(), which encrypts an existing file system.

Do you really trust a mobile platform to be faithful to the documentation when you're trying to wipe a partition (which could easily be implemented directly but isn't) by first encrypting all data and then throwing away the key?

The device doesn't know you're trying to wipe. It knows that you (a) requested full disk encryption and then later (b) requested a wipe. So it can't optimize (a) away. I suppose it's possible it could just lie and tell you "Yep, I'm encrypting" even though it isn't, but that's the sort of thing that would definitely get noticed by security analysts and gleefully published.

Comment: Re:That said... (Score 3, Interesting) 59

by swillden (#47437985) Attached to: Sand-Based Anode Triples Lithium-Ion Battery Performance

Some EVs also let you limit the max that your pack charges up to to further extend lifespan (it's usually destructive both to use the very top end and the bottom end of the discharge range).

That is the theory, but real-world experience with the world's most successful EV (Nissan LEAF) isn't bearing it out. There doesn't appear to be any significant benefit to limiting charging to the 80% level. What is proving to matter, a lot, is temperature. The risks of very cold temperatures are so extreme that the cars have built-in battery heaters (powered by the batteries, obviously) to protect against them, so in practice cold just reduces range, but hot temperatures seriously impact battery longevity.

Another theoretically-predicted battery-killer that is not showing real-world degradation is quick charging. I believe Nissan has even stopped telling people they should limit the amount of level 3 charging they do.

Excellent points about larger capacity batteries needing to survive fewer cycles, though.

Comment: Re:Manager (Score 3, Insightful) 191

by swillden (#47437931) Attached to: New Microsoft CEO Vows To Shake Up Corporate Culture

Their goal has unswervingly been lock-in from top to bottom, while trying to nickel and dime you the whole way.

This is exactly the corporate culture shake-up that's required.

Microsoft has a lot of really smart people, and the financial and other assets needed to put them to work doing great things that can compete and win on their own, actually serving customers rather than trying to lock them in and then exploit them.

MS could be great. But they need a radically different internal dynamic to get there. Will this guy be able to do that? I'm skeptical, but I really hope he can.

Comment: Re:why new balls (Score 1) 143

It looks like every world cup but perhaps a couple has had a different stitch pattern on the ball.

No, it doesn't. They were all somewhat different up until the Telstar introduced the 32-panel, pentagon-and-hexagon stitching pattern, but it appears to me that remained unchanged for almost 40 years, from 1970 to 2006. The balls in between appear to have the same stitching pattern, just different printed designs.

Comment: Re:Void warranty (Score 1) 77

by swillden (#47428297) Attached to: Hacking a Tesla Model S Could Net $10,000 Prize

I dunno.. my LEAF's maintenance schedule for the first 150K miles is pretty much "rotate tires, every 7500 miles, check brakes every 15,000". Checking the brakes, of course, involves checking the brake fluid levels, so there is a fluid. At 150K miles you do have to replace the oil used to cool the battery charger.

But, in general, EVs are very close to maintenance-free.

Don't hit the keys so hard, it hurts.

Working...