Blog‎ > ‎

Anti-virus, Python 3.4.0, NSA/FRA, Cardu, iZettle, Data Recovery / TestDisk

posted Mar 23, 2014, 10:16 AM by Sami Lehtinen   [ updated Mar 27, 2014, 10:05 AM ]
  • Actually running anti-virus on critical production systems is usually very bad idea. You don't ever know when the anti-virus product is going to take whole critical system down. As said, running updates and using anti-virus, is very dangerous and not recommended at all. Same applies to many operating system & other software updates. You'll never know, when your key systems simply blow up. - Been there and done that.
  • GCHQ used LinkedIn to target engineers. Well, of course. They use what ever means are available, just I have said earlier. Shouldn't surprise anyone.
  • Checked out: IPython (Nice shell for interactive computing), BLAKE2 hash which provides faster than MD5 but safer than SHA256 hashing.
  • Python 3.4.0 I especially liked pathlib, statistics, new hash algorithm was interesting and of course pickle v4. And finally there's standard asyncio, which rocks. It really helps developers to create asynchronous I/O code using standard library and without thread / process trickery.
  • I think it would be nice idea to have a Based in Finland website, which would clearly tell to small businesses why it's important to host data in Finland. I'm sure that the guys at big companies are perfectly capable to analyze security and laws and other factors in different countries. But for small businesses, it's much harder. So having just simple site, telling why, could be nice. Even as collaboration site for whole Finnish ICT hosting industry. Site 'Based In Sweden' very clearly tells why it's good for Swedish companies to host in Sweden. FRA spying is applicable only for traffic crossing national borders.
  • Visited major retail fair, and checked out loyalty systems like Cardu.com and tested the iZettle PIN-pad unit.
    I also met a few small business entrepreneurs which had interesting problems that could be solved by additional SaaS services. Now it's just important to check out what kind of project it could be to create this kind of SaaS software. I'm very familiar with cloud server technology, databases integration APIs a back-end design. What I lack, is marketing skills and (modern) web-site user interface & visual design skills and mobile application skills. Well, I've been planning to post about start-up ideas bit later. I'll try to do that before I'll start my summer relaxation break.
  • Data recovery from hard disk drive:
    Customer had serious problems with hard disk drive, and it seems that all data is lost. Business as usual, they don't have any backups. So it would be vital to get the data from the disk. Several engineers try to dig for the data from the disk for three days. After that they claim that it is impossible to restore anything.
    I did ask them a few questions, why you claim that it isn't possible to restore anything. What makes you think so? After long discussion it was clear that it's very likely that there isn't actually anything wrong with the drive. They're just unable to mount it because partition table is corrupted and says the disk contains several small FAT partitions. Prior knowledge from these systems tell me that there should be only one large NTFS partition. After browsing about 1k sectors from the disk using hex editor, I clearly see that all this mess is caused by very minor corruption of MBR & partition table.
    Then I downloaded TestDisk from net, told it to look for MFT and after just a few minutes I got the driver working as usual. Then I simply copied what's required to another drive and issue was solved.
    If the MFT wouldn't have been readable, then I would have ignored the drive. Current drives are so large, that it's not reasonably possible to restore large amounts of fragmented data from the drive, if the bookkeeping records are seriously corrupted or totally lost. Of course if there's very small amount of easily recognizable data, then it is possible. I've done that earlier, but with large databases that's not a reasonable option.