Cryptography-Digest Digest #800, Volume #13 Sun, 4 Mar 01 20:13:01 EST
Contents:
Re: OverWrite freeware completely removes unwanted files fromharddrive (Anthony
Stephen Szopa)
Re: OverWrite freeware completely removes unwanted files fromharddrive (Anthony
Stephen Szopa)
Re: OverWrite freeware completely removes unwanted files fromharddrive ("Tom St
Denis")
Re: OverWrite freeware completely removes unwanted files fromharddrive (Anthony
Stephen Szopa)
Re: Monty Hall problem (was Re: philosophical question?) ("Dik T. Winter")
sci.crypt? ("Tom St Denis")
Re: OverWrite freeware completely removes unwanted files fromharddrive (Anthony
Stephen Szopa)
Re: The Foolish Dozen or so in This News Group ("Tom St Denis")
Re: OverWrite freeware completely removes unwanted files fromharddrive ("Tom St
Denis")
Re: The Foolish Dozen or so in This News Group (David Hopwood)
----------------------------------------------------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sun, 04 Mar 2001 16:38:23 -0800
Dan Beale wrote:
>
> "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > If you even bothered to read the Help Files you would find that the
> > random numbers that are at the basis of the Original Absolute
> > Privacy - Level3 software are generated as a result of true random
> > user input.
>
> It is frightening that you cannot understand that this is a flaw.
>
> <major snip>
>
>, and one of those beans is going to be
> lightest. your 'random input' is weak. 'shuffling a deck of cards'?
> sheesh.
I've got thousands of years of gambling to support my side of the
case. And gambling is probably a trillion dollar industry worldwide.
And it is based on just the same probability theory that Ciphile
Software's Original Absolute Privacy Encryption software is based.
Yes, I did hear that there ws a roulette wheel in Las Vegas I think
it was that did have a decidedly favored side where a group of
numbers were coming out significantly more so than others. Some
guys made a killing on that wheel. They were almost killed too
when the casino found out.
Hey, good luck weighing those beans. Don't forget the surface areas
are going to differ as well. And the friction of each bean will
vary.
You could also use a snooker billiard bottle. Have you seen them?
They come with tiny numbered balls I think are numbered from 1 to
15. Shake them up and draw them out one at a time. This should
work nicely also.
How about using the numbers from the public lotteries? No, guess
not. That would be flawed as well. Some of those balls are not
perfect spheres. Some are heavier than others. Some have more
paint and the surface area that the paint covers on each ball
varies and the friction on each ball varies and and and...
Enigma employed nothing like the basic true random probability nature
that OAP-L3 and gambling does.
Enigma was for suckers.
I realize that shaking numbered beans in a bottle must be a very
uncertain proposition among your crowd.
Blimey! Just more wanton FUD!
Lord, take me away. This world is illogical. It cannot be. It
is not perfect therefore it cannot work. Existence must not be real.
Existence is a FLAW!
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sun, 04 Mar 2001 16:47:58 -0800
Darren New wrote:
>
> Anthony Stephen Szopa wrote:
> > "Closing a file does not mean that the cache has been written to
> > disk." Is this your profound penultimate position upon which your
> > world rests? FUD!
>
> Uh, from the UNIX manual pages...
>
> DESCRIPTION
> The close() function will deallocate the file descriptor
> indicated by fildes. To deallocate means to make the file
> descriptor available for return by subsequent calls to
> open(2) or other functions that allocate file descriptors.
> All outstanding record locks owned by the process on the
> file associated with the file descriptor will be removed
> (that is, unlocked).
>
> [Note the complete lack of any mention of actually writing data]
>
> ERRORS
> The close() function will fail if:
>
> EBADF The fildes argument is not a valid file descrip-
> tor.
>
> EINTR The close() function was interrupted by a signal.
>
> ENOLINK The fildes argument is on a remote machine and the
> link to that machine is no longer active.
>
> ENOSPC There was no free space remaining on the device
> containing the file.
>
> The close() function may fail if:
>
> EIO An I/O error occurred while reading from or writ-
> ing to the file system.
>
> [Note how it *MAY* fail if an I/O error occurred. That's because of the
> buffering]
>
> > As I said, your position ultimately leads you to NoWheresville.
>
> Ooo. That'll teach us. NoWheresville.
>
> > Here is what you are saying, just follow your own illogic:
> >
> > I code the fclose instruction. I place an if statement to see that
> > the close is carried out successfully. If it is then the program
> > continues; if not the program exits.
>
> Right.
>
> > You are saying that a conditional statement upon which the very
> > foundations of computer programming rests is randomly and
> > arbitrarily ignored. If this could be done with any reliability
> > then the algorithm that makes these decisions would be known as not
> > mere artificial intelligence but as man made machine clairvoyance.
>
> No. What we're saying is that you don't know what the fclose() statement
> does. It's possible for fclose() to succeed with no I/O to the disk at all.
>
> > But when a file is explicitly closed and a condition is placed on the
> > success or failure of the outcome of this operation then you are out
> > of your tree.
>
> No, you're just ignorant.
>
> --
> Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
> San Diego, CA, USA (PST). Cryptokeys on demand.
> Randomness: "To err is human"
> Pseudo-randomness: "That air is from beans."
I hate to say it but I just have got to call it like I and
everyone else sees it: You are a numbskull!
No one ever said that the fclose() function writes anything to disk.
So what's up with that?
Now let me get this straight. You just post the documentation from
UNIX of what the fclose() function does then you tell us that we
(meaning you) don't know what the fclose() function does.
Forget what I asked: "What's up with that."
I think we know what's up with you.
What a pity.
"They're swarmin' out of the woodwork, now, Mildred!"
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Mon, 05 Mar 2001 00:50:05 GMT
"Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I've got thousands of years of gambling to support my side of the
> case. And gambling is probably a trillion dollar industry worldwide.
> And it is based on just the same probability theory that Ciphile
> Software's Original Absolute Privacy Encryption software is based.
Really, so you have newbies running professional casinos? How can you
expect a new user to know what "good randomness is"? Heck most
cryptographers don't know either.
> Yes, I did hear that there ws a roulette wheel in Las Vegas I think
> it was that did have a decidedly favored side where a group of
> numbers were coming out significantly more so than others. Some
> guys made a killing on that wheel. They were almost killed too
> when the casino found out.
>
> Hey, good luck weighing those beans. Don't forget the surface areas
> are going to differ as well. And the friction of each bean will
> vary.
>
> You could also use a snooker billiard bottle. Have you seen them?
> They come with tiny numbered balls I think are numbered from 1 to
> 15. Shake them up and draw them out one at a time. This should
> work nicely also.
>
> How about using the numbers from the public lotteries? No, guess
> not. That would be flawed as well. Some of those balls are not
> perfect spheres. Some are heavier than others. Some have more
> paint and the surface area that the paint covers on each ball
> varies and the friction on each ball varies and and and...
Well I don't know what republic of three you come from but here lottery
balls **ARE** weighed and measured. There is alot of money at stake.
> Enigma employed nothing like the basic true random probability nature
> that OAP-L3 and gambling does.
>
> Enigma was for suckers.
Apparently the vermat of WWII were suckers? (oh wait... you're right on
this one :-o)
> I realize that shaking numbered beans in a bottle must be a very
> uncertain proposition among your crowd.
>
> Blimey! Just more wanton FUD!
>
> Lord, take me away. This world is illogical. It cannot be. It
> is not perfect therefore it cannot work. Existence must not be real.
> Existence is a FLAW!
Dude, if your software requires the user to enter specific data as random
data that's a flaw. First off the average user is a moron, only about 3/10
users can get PGP right the first time. So I would seriously bet that only
about 1/50 can use your software correctly the first time.
Tom
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sun, 04 Mar 2001 16:50:20 -0800
Mok-Kong Shen wrote:
>
> Darren New wrote:
> >
> > Anthony Stephen Szopa wrote:
> ........
> [snip]
>
> > No. What we're saying is that you don't know what the fclose() statement
> > does. It's possible for fclose() to succeed with no I/O to the disk at all.
>
> I have barely any knowledge about I/O in modern OS, but I
> suppose that there are disk maintenance software that
> directly cause read/write of the hardware. Presumably that
> could serve the purpose of reliably manipulating the contents
> of the disk at will. Does anyone happen to know publically
> available software of that sort?
>
> M. K. Shen
We probably already have it. Some just don't realize it yet. May
just require careful coding. That is what this thread is all about.
------------------------------
From: "Dik T. Winter" <[EMAIL PROTECTED]>
Crossposted-To: sci.crypt.random-numbers,de.sci.informatik.misc,sci.math
Subject: Re: Monty Hall problem (was Re: philosophical question?)
Date: Mon, 5 Mar 2001 00:48:47 GMT
In article <[EMAIL PROTECTED]> Fred
Galvin <[EMAIL PROTECTED]> writes:
> All right. Can you explain the fallacy in my reasoning?
>
> I pick door #1. Without opening any doors, Monty offers me the chance
> to switch to door #2. I don't know what's behind door #3, could be the
> car, could be a goat. However, if the car is behind door #3, then it
> doesn't matter what I do, I'm choosing between two goats. Therefore,
> in deciding what to do, I may as well assume that there's a goat
> behind door #3. Now, how does the decision I make, on the assumption
> that there's a goat behind door #3, differ from the decision I'd make
> if Monty opened door #3 and showed me a goat?
It is precisely your assumption that makes the difference. You eliminated
a possibility without evidence. When the door is opened you eliminate
a possibility with evidence.
--
dik t. winter, cwi, kruislaan 413, 1098 sj amsterdam, nederland, +31205924131
home: bovenover 215, 1025 jn amsterdam, nederland; http://www.cwi.nl/~dik/
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: sci.crypt?
Date: Mon, 05 Mar 2001 00:51:33 GMT
Does anyone know the exact date sci.crypt was last a discussion forum about
"scientific cryptography"?
I want to make a head stone for the group... hehehe
Can we come to a consensus of "on topic" traffic please? I see cross posts
from alt.kkk, alt.2600, alt.pedophile.looky.here, etc... seriously...
Tom
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sun, 04 Mar 2001 16:53:51 -0800
Tom St Denis wrote:
>
> "Steve Portly" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> >
> >
> > Darren New wrote:
> >
> > > Steve Portly wrote:
> > > > You presume that cache writing protocols are operating system
> specific.
> > > > The problem with cache clearing may be firmware related on some hard
> > > > drive configurations.
> > >
> > > That's true. However, I believe there are both SCSI and IDE specs for
> > > commands that flush even hardware buffers to the platters. These are
> used by
> > > (for example) Windows when it's shutting down.
> > >
> > > No, it's not a simple topic. :-)
> > >
> > > --
> > > Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
> > > San Diego, CA, USA (PST). Cryptokeys on demand.
> > > Randomness: "To err is human"
> > > Pseudo-randomness: "That air is from beans."
> >
> > If someone is in doubt about whether or not an overwrite command works on
> a
> > given platform it is relatively easy to verify. Just create a short C
> program
> > that overwrites a file using different characters. Put a printf just
> after the
> > cache flushing command in question. You can slow things down a little by
> adding
> > a 3 second delay between rounds. Now just run the program and listen for
> the
> > physical write between printf displays. Another test is to pull the power
> plug
> > as soon as you see the printf display that verified the physical write.
> When
> > you reboot look at the file contents to see if indeed the contents was
> > overwritten with the last character displayed.
> >
> >
> Brute force solution? Ya sure I will just pull the plug violently on my
> 2,500$ computer... shaw right!
>
> Tom
Hope it isn't a Pentium IV machine. If it is you got ripped off.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: The Foolish Dozen or so in This News Group
Date: Mon, 05 Mar 2001 00:54:43 GMT
"Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> You haven't said much here except to point out that in my time
> pressured response I made an understandable minor insignificant
> error in reference which you have anxiously exploited. Leave the
> innocence routine at home.
>
> Insignificant especially in light of the fact that I posted the
> very documentation of the fclose() function in the post cited below:
Hmm just to let you know. In the ANSI/ISO specs for C and the C lib as long
as the end result is the same it doesn't matter what the compiler does.
I could enter
int a = 4;
int b = 3;
int c = 4;
a = a + b;
c = a + b;
And the compiler could just as well do
int a = 7, b = 7;
Therefore just as likely as long as the last pass of your write is in the
file the other 26 **DO NOT** have to be written. The end result **IS** the
same from the standards point of view.
<snip rest>
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Mon, 05 Mar 2001 00:55:47 GMT
"Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> >
> > "Steve Portly" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > >
> > >
> > > Darren New wrote:
> > >
> > > > Steve Portly wrote:
> > > > > You presume that cache writing protocols are operating system
> > specific.
> > > > > The problem with cache clearing may be firmware related on some
hard
> > > > > drive configurations.
> > > >
> > > > That's true. However, I believe there are both SCSI and IDE specs
for
> > > > commands that flush even hardware buffers to the platters. These are
> > used by
> > > > (for example) Windows when it's shutting down.
> > > >
> > > > No, it's not a simple topic. :-)
> > > >
> > > > --
> > > > Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
> > > > San Diego, CA, USA (PST). Cryptokeys on demand.
> > > > Randomness: "To err is human"
> > > > Pseudo-randomness: "That air is from beans."
> > >
> > > If someone is in doubt about whether or not an overwrite command works
on
> > a
> > > given platform it is relatively easy to verify. Just create a short C
> > program
> > > that overwrites a file using different characters. Put a printf just
> > after the
> > > cache flushing command in question. You can slow things down a little
by
> > adding
> > > a 3 second delay between rounds. Now just run the program and listen
for
> > the
> > > physical write between printf displays. Another test is to pull the
power
> > plug
> > > as soon as you see the printf display that verified the physical
write.
> > When
> > > you reboot look at the file contents to see if indeed the contents was
> > > overwritten with the last character displayed.
> > >
> > >
> > Brute force solution? Ya sure I will just pull the plug violently on my
> > 2,500$ computer... shaw right!
> >
> > Tom
>
> Hope it isn't a Pentium IV machine. If it is you got ripped off.
I ain't that stoopid. hehehe I have an Athlon 800 t-bird.
Tom
------------------------------
Date: Mon, 05 Mar 2001 01:02:42 +0000
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: alt.hacker
Subject: Re: The Foolish Dozen or so in This News Group
=====BEGIN PGP SIGNED MESSAGE=====
Anthony Stephen Szopa wrote:
> I understand your optimization explanations and those given in the
> few documents I have read. I was also familiar with the fact that a
> block of data is read and stored into the cache and the reasons for
> this. I believe that the assumption in the documentation and in your
> casts of doubt was that the opened file that is repeatedly written to
> is never instructed to be closed.
No, that was not the assumption. fclose (with a return value of 0,
indicating success) does not guarantee to write changes to disk. You
may not like that, but what you would like the OS to do is irrelevant:
the behaviour of Windows 3.1x, Windows 9x, Windows NT, and almost all
variants of Unix is that the changes may not be written to the disk
controller, if those blocks are written to again or if the file is
deleted before the cache is flushed. In all modern disk drives, the
disk controller will also do its own caching.
(IIRC Win3.1x and Win9x have options to disable write-behind caching,
but an application program should not rely on it being disabled.)
And yes, this does mean that if power is lost suddenly or the OS crashes,
some changes may not be written, even though fclose succeeded.
> As I have clearly stated above, the source code not only makes the
> fclose() command but it checks for the return value from this
> operation. If the return value is NULL then the fclose() has failed.
> And if the fclose() succeeds then the return value is zero.
You're not only incompetent to write secure overwriting software,
you're incompetent to write any C program, if you think fclose
returns NULL on failure. RTFM.
> You do have one last hope. His initials are Bill Gates.
No, this time it's not Bill's fault. Write-behind caching is the
expected default behaviour on any reasonable operating system (and
besides, the disk controller still caches even if the operating system
does not).
- --
David Hopwood <[EMAIL PROTECTED]>
Home page & PGP public key: http://www.users.zetnet.co.uk/hopwood/
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
Nothing in this message is intended to be legally binding. If I revoke a
public key but refuse to specify why, it is because the private key has been
seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOqHn0jkCAxeYt5gVAQERwAf+N72QfOUdOvYEruaa51BRKYSmwezV/8mS
86GjegCrC4eO2D5dYxqszInyHq4ETYUM9VPd97e2KApceBCozxWd38h55w7NXBrp
TEJO+6vmRnI4JI89xdZu/qyTRJCrBJ6xhdHjen2xV4sf7IDkdfAvZbOtQGO1PuGs
gxxCUjnkfvyXwJyktMyx4vJAeUtLmfECK75Xw8t2ogBOD1g4jpBWLcIce9Zcy3qS
Y0MvwjuBVpWX0Jwclnw2OsLhOmq9UfvsiW+j+k+e8lUUGFt9NtBp5Buorb4ds9ck
9R3ThxhX7K+l8JVjj9h7h90hY5774N2UoKFrpqkmGQj3CAdxVWODIw==
=5xxT
=====END PGP SIGNATURE=====
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
