Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Science Has a Sexual Assault Problem

LordLimecat Re:Is there a single field that doesn't? (440 comments)

The issue is that 71% of RESPONDANTS said it was an issue.

You cant form any conclusion from that without knowing more information-- the size of the poll, whether people responded to other questions but not this one, etc.

2 days ago
top

Micron Releases 16nm-Process SSDs With Dynamic Flash Programming

LordLimecat Re:I said it was BS (66 comments)

I guess you now realize that's wrong. The main purpose of trim is to avoid reading and writing pages that are unused anyway. The SSD doesn't need to reallocate trimmed blocks, because the OS isn't using that data anyway. Less physical reading and writing == more endurance.

Its not wrong.
  1) TRIM simply alerts the drive when a block is ready for erasure; its right there in the article I linked. Its primary purpose is not reallocation or anything else; its just garbage collection for performance reasons.
  2) The endurance thing is ONLY if the firmware being used is using a hack to implement their own garbage collection which could induce write amplification. It does not, in itself, reduce endurance if the SSD isnt doing anything fancy / out-of-spec.
  3) Reads have no impact whatsoever on endurance. Only write / erase cycles do-- hence why they quote 1000 P/E cycles (where P= program and E= erase)

Now that you've agreed with what I said (trim affects endurance, but in an application dependent way), are you ready to admit YOU had forgotten exactly what the tech does?

From the wikipedia article's opening paragraph:
A Trim command (commonly typeset as TRIM) allows an operating system to inform a solid-state drive (SSD) which blocks of data are no longer considered in use and can be wiped internally.

From Anandtech ....We run into these problems primarily because the drive doesn’t know when a file is deleted, only when one is overwritten. Thus we lose performance when we go to write a new file at the expense of maintaining lightning quick deletion speeds. .....There’s a command you may have heard of called TRIM. The command would require proper OS and drive support, but with it you could effectively let the OS tell the SSD to wipe invalid pages before they are overwritten.

The purpose of TRIM is performance-- NOT ENDURANCE. It has NOTHING TO DO WITH ENDURANCE except insofar as it replaces a manufacturer's proprietary and amplification-causing garbage collection. Older drives dont HAVE garbage collection, and TRIM does NOTHING for their endurance; all it does is eliminate the eventual performance crash.

You REALLY need to read up on TRIM, as you seem to not understand what it is that it does. To repeat: It does not have any effect on reallocations. It does scheduled erasures. If an erasure would cause a reallocation, that would happen regardless of whether it was during a scheduled TRIM, or during a "on-the-fly erase/write".

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

In disk encryption schemes, there is generally a header at the start of the disk, containing the disk's encryption key. This header is itself encrypted, with your passphrase.

This works because the actual encryption key never needs to change; if you ever need to change your encryption passphrase, the system will use your current passphrase to decrypt the existing AES key, will use your new passphrase to re-encrypt the AES key, and will write it back into the header. If you did not use this scheme and instead used the passphrase, you would have to reencrypt the entire disk whenever it changed.

Cracking the AES key would thus involve
  1) Take an image of the entire disk
  2) Pick a new passphrase to check.
        a) Hash the passphrase
  3) attempt to decrypt the header with the hashed passphrase from 2a
  4) attempt to get valid data from the disk using the results of step 3
  5) Do you have valid data?
        --> Yes: You now have the correct passphrase and Key.
        --> No: You have the wrong key, go to step 2 and continue.

A single iteration of steps 2-5 will depend on the exact algorithms and hashing schemes used. If for example no salt is used to generate the hash in step 2, and you use a single round of hashing / encryption, you could perform thousands or millions of attempts per second. I believe on the iPhone they shoot for ~0.2sec per attempt on iPhone hardware, which could mean several thousand attempts on a high-end workstation, and several million attempts on a large cluster.

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

A double post because I wanted to follow up on something.

I know you guys hate Apple,

I dont hate Apple. I think they are really good at many things, including user interface, and they make some fine products.

What I absolutely hate is the culture around their products that assumes that theyre always doing something new and different, and that anyone who doesnt think their products are magical is a naysayer. Full disk encryption is a problem that has been solved for 15-20 years now and everyone does it the same way, because that way works. The claim that Im getting it wrong when you apparently have NO IDEA what the threat model for attacking FDE is, is mind boggling.

Do you honestly think that Apple understands crypto better than the folks at Truecrypt, or dmcrypt / LUKS? That somehow their magical system makes them immune to attacks on the passphrase? Has it occurred to you that there can be threat models that are entirely dependent on the user, and no magical engineering on the part of Apple can possibly fix?

No, of course not; I point out a real world, well known way of attacking FDE, and clearly Im an Apple hater. Heres a news flash: Its a company that makes devices. I really do not care day to day what devices they make-- just dont try to tell me that theyve solved problems that noone else has managed to solve yet (like weak passphrases in encryption schemes) because they havent.

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

But do try to use your brain a little bit. Do you honestly believe that the flash storage is encrypted with a 4-digit numeric key? Of course it isn't, it's encrypted with a 256-bit AES key that's generated using a per-device hardware key and the passcode

Which is irrelevant, because that 256-bit AES key is stored ondisk in a header which is encrypted................ WITH THE 4 DIGIT PIN.

This is how EVERY SINGLE FDE WORKS. Apple isnt doing anything new, and if they are, you should be worried because getting security right is very hard. Whatever your PIN or passphrase is, it is fundamentally the thing that unlocks access to the device, no matter how much obfuscation you throw inbetween the input of that PIN and the process of decrypting the data. Any attack on your device will be focused on the PIN, as it will always be the weakest link in the chain.

Having worked with FDE solutions for years, I am well aware of how the "Passphrase-->AES key-->Data" process works, and its not foolproof if you use a weak passphrase. And the fun bit is, if your passphrase is shorter than ~10 characters mixed, you arent keeping law enforcement out.

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

You would uncouple the storage from the device physically. This could mean unsoldering the chips, or going in through a JTAG interface, or soldering a connection in, or any of a number of other ways.

There is an old axiom that has always been true. If you physically have possession of the hardware, you control the hardware. We learn this every console generation when people try to implement more and more Rube Goldbergesque methods of separating ownership of hardware from control, and fail each time.

Consider the possibility that the passcode protection could actually be enforced right down to the individual chip level,

Theres the controller (which you would remove, or disable said protection on), and theres the actual flash chips (which you would take an image of prior to doing anything whatsoever).

There are forensics tools for all of this, Im a little baffled that this is apparently news to people. If the cops get your hardware, there will be an image of the device and all of their bruteforcing will be done offline against said image-- not on your specially locked down hardware.

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

Then its a ton of handwaving that accomplishes nothing.

At the end of the day, no matter how many layers of obfuscation you add, there is a single passphrase at the backend that unlocks a primary master key that can get the rest of the directory keys. You accomplish nothing by using additional encryption keys for every directory; any bruteforce attack would focus on attacking the header which contains the master key.

Theres a reason that basically every FDE solution works this way.

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

Irrelevant in any case because if served with a warrant they would just capture your password and use it to decrypt your key.

The only way they cant do that is if the data were delivered to you, and the password were entered locally to decrypt the data.

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

If youre attempting to break into it, you wont do it using their input mechanism, you'll do an offline brute force which completely ignores failure wipe limits.

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

Step 1: Pull the storage
Step 2: Image the storage
Step 3: Attempt to bruteforce it offline
Step 4: Wait 30 seconds
Step 5: You now have the 4 digit PIN

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

and you forget the answer to your security question,

The presence of a security question on any service indicates immediately that they almost certainly have access if served with a warrant.

2 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

LordLimecat Re:So everything is protected by a 4 digit passcod (501 comments)

There are not different keys for every file, or if there are they are tied to a master key. The only way you can view an encrypted device with a single passphrase is because that single passphrase is tied to a single master key somewhere.

2 days ago
top

Wave Power Fails To Live Up To Promise

LordLimecat Re:When doing anything involving the ocean (195 comments)

And I visualize this thread as being filled with more fact and less opinion, but somehow its not changing reality :(

3 days ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

LordLimecat Re:Nope they are clever (324 comments)

Sadly the Google NFC implementation will eventually be seen as the irrelevant version,

Im not clear how that would work. NFC is NFC. Apple pay / Google wallet should interoperate.

3 days ago
top

Why Is It Taking So Long To Secure Internet Routing?

LordLimecat Re: Because of capitalism. (85 comments)

They open offices overseas because theyre global companies, not because the US sucks. If the US sucked they wouldnt be headquartered here.

3 days ago
top

Micron Releases 16nm-Process SSDs With Dynamic Flash Programming

LordLimecat Re:bc trim is application- dependant. Their assump (66 comments)

To clarify, 100PB is a number I pulled out of thin air. On reflection, you would not expect your SSD to do 100PB of data; II simply meant that a number IS usually provided, and that those numbers have been validated by multiple parties as generally being ballpark accurate.

3 days ago
top

Micron Releases 16nm-Process SSDs With Dynamic Flash Programming

LordLimecat Re:Did you TFA? (66 comments)

Honesty time: Didnt read the article, but to say that TRIM fixes write endurance problems is highly misleading.

TRIM does impact endurance in that it CAN reduce write amplification (I believe) which can reduce the lifetime of your SSD, but it does not really change the fact that erase cycles are REQUIRED in order to reuse a cell. Again, all TRIM really does is schedule when that erase occurs-- directly prior to when it is needed, or at some idle time. Apparently (according to Wikipedia) SSDs using their own internal garbage collection instead of TRIM could cause write amplification, which may be what the article is alluding to-- Micron is no longer doing that, thus increasing endurance.

Read up on TRIM here:
http://en.wikipedia.org/wiki/T...

3 days ago
top

Micron Releases 16nm-Process SSDs With Dynamic Flash Programming

LordLimecat Re:Lifetime at 16nm? (66 comments)

Anandtech disagrees. Techreport. So, in fact, do huge numbers of user reports which suggest that SSDs really do last a long time.

Further, multiplying this problem manyfold, is that when an SSD fails, it tends to fail totally.

I have seen this happen, but its not due to endurance of the flash cells but on the quality of the firmware / controller. The actual cell failures apparently cause reallocations (according to techreport's tests, and to common sense). And you create an interesting dichotomy; what does it look like for an SSD or HDD or CPU or RAM to fail "not totally"? You get most of your bits back? All tech generally tends to fail catastrophically.

4 days ago
top

Micron Releases 16nm-Process SSDs With Dynamic Flash Programming

LordLimecat Re:bc trim is application- dependant. Their assump (66 comments)

Theres a lot of misconception here, so I'll try to address them.

Making assumptions about how often trim might be used for any given workload only obscures the actual write endurance.

TRIM has nothing to do with endurance. TRIM erases cells that are scheduled for erasure anyways; all TRIM does is try to time that erasure such that it occurs at a time that will not effect performance. What affects endurance is wear leveling, which is an entirely separate technique that does actually work. As capacity increases, wear-leveling ensures that the endurance of the drive as a total increases.

Much like a 100GB capacity tape that's marked as 200GB because dome data that the manufacturer chose compressed 2:1 before being sent to the tape drive. Your mpeg movies aren't going to compress, so you'll be able to put 100GB of movies on that 100GB tape. The 200GB number is pure marketing BS.

When tape manufacturers (or organizations, like the one behind LTO) cite a compression factor like 2:1, it is based on a standard body of data like the calgary corpus which includes both compressible and uncompressible data. This allows you to compare different technologies with different compression standards.

In the real world on LTO (which I assume you are referring to) I have seen compression factors ranging from ~1.5 to 2.5, so its not really accurate to call it marketing BS. They also always (as far as I have seen) mark the tapes something like "800GB/1600GB" with the subtext explaining that the smaller number is native, and that the entire thing is 2:1. Its not dishonest because the compression is part of the (well-defined) standard, and the native capacity is right next to the compressed capacity. Its also not the manufacturer doing this; those numbers are explicitly defined in the spec.

all if the companies use the same 2:1 bs factor,

Which begins to make sense when you realize that thats because LTO itself defines the compression factor of 2:1 based on calgary corpus.

There's no telling what assumptions Micron made about the use of trim

But, as we've established, TRIM has literally no effect on endurance, so its irrelevant what they might assume about it.

so there's no way to compare this drive's endurance to any other, or to estimate it's actual endurance for any real workload.

Not to be harsh, but there is if you actually took the time to understand the tech. They usually do provide endurance stats (ie, "100PB data endurance") and tests by Anandtech and others have often validated that as being realistic.

4 days ago

Submissions

LordLimecat hasn't submitted any stories.

Journals

LordLimecat has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>