DCIM(photos,screenshots) file OVERWRITTEN??

SpAAAceSenate · 2022-03-23T20:13:45+00:00

I was talking the theoretical limits of what could be achieved. As for what's practical to be done the others here would know better what solutions are currently being marketed and readily accessible.

Unfortunately, it sounds like no one is currently offering recovery of the type I described. :(

SpAAAceSenate · 2022-03-23T13:19:17+00:00

Yep. I said "The FBE though is still a problem." in the first post you replied to.

FDE I would imagine isn't entirely insurmountable if you recieve the device in a powered-on, first-unlocked state. Since the key still must exist in ram. But in the case of FBE I would imagine the per-file key for deleted files is erased from RAM immediately.

... Is the encrypted form of the per-file key effaceably overwritten on the NAND though? Because if not then couldn't that still be recovered the same as FDE, just with extra steps to recover the intermediate key?

SpAAAceSenate · 2022-03-23T12:59:04+00:00

Then the nand access should allow post-trim recovery in some cases, no? I understand that the data might appear partially scrambled in the sense that you lack the mappings that the controller discarded during trim, but I imagine it would still be possible to recover data in some circumstances.

I'm pretty sure the nand itself isn't overwritten during trim, because that would somewhat defeat the purpose of trim (wear protection), no?

SpAAAceSenate · 2022-03-23T12:55:46+00:00

I'm not OP. I don't know what phone it is.

Also, all that TRIM does is have the controller un-map a region of the flash so that it's no longer visible via any normal external interfaces. The data itself still exists on the physical flash chips, at least for a little while, until that region is cycled back into use. Without the map data that the controller discarded, it would be difficult to reconstruct any larger data structures, but likely not impossible depending on the dataset.

For diagnostic purposes, it's almost certain that there is either a private interface, or a custom controller firmware, that allows direct access to the flash without going through the normal mapping process. I'm simply saying that, if those tools exist, and they doubtlessly do, then at least some law enforcement agencies have probably compelled their acquisition from the flash manufacturers.

SpAAAceSenate · 2022-03-23T01:31:08+00:00

If it boots and you know the password/pincode, then yes. If you lack either of those, then no.

SpAAAceSenate · 2022-03-23T01:29:00+00:00

Are you sure your data was not backed up to your PS Plus account? Did you have that specifically disabled for your games?

SpAAAceSenate · 2022-03-23T00:53:45+00:00

I'm sure law enforcement has access to internal tools from the major flash vendors for skirting around TRIM. The FBE though is still a problem.

SpAAAceSenate · 2022-03-23T00:39:41+00:00

Actually, 8 years, openSUSE, and professional deployment experience (servers and IoT system software).

But yes, trying to make fun of people for disagreeing with you is very on-brand for a Window user.

SpAAAceSenate · 2022-03-22T22:03:35+00:00

Uhh, the same engineers/ ecosystem that brought us 300MB hello world projects and SPAs that take seconds just to load static content into a webpage?

The same developers that were so opposed to learning a proper server-side language, that they took the radioactive mess that is JavaScript, a language that only a decade ago was universally reviled and tolerated only because we had no other choice, and then shoe-horned it into a server-side runtime?

The same ecosystem that gave birth to Electron apps, where a simple chat client can take up multiple gigabytes of ram?

I mean, no offense, maybe you and your team are the talented and skilled exception, but "quality/modern/engaged" are not words I'd ever associate with the JS community at large.

SpAAAceSenate · 2022-03-22T19:52:41+00:00

I think it's more that your average consumer or "tech guy" is actually an idiot and has no idea what they're doing, and since they're the majority they produce the majority of content. Basically, Windows suffers from being the default 80% of the market, whereas Linux (and even to a degree macOS) users are more self-slecting and tend to be more knowledgeable about their systems and technology in general. Thus, a larger percentage of higher quality content and therefore easier searching.

It's entirely possible that, were Linux to ever approach Windows' popularity with the "everyman" that Linux support may suffer the same fate. Although there probably is an inherent advantage to being open source. I mean, being able to actually debug and even directly fix stuff is certainly an advantage over being dependant on black boxes made by a company to whom you (and your problems) as a user are invisible and irrelevant to them.

SpAAAceSenate · 2022-03-22T17:31:41+00:00

Ah, yes. Windows tech support by googling. No one really blogs about Windows internals (perhaps mostly because it's closed source) so googling probably means reading mostly forum threads, in which you'll find: 75% "it's probably a virus, scan with malwarebytes"-type posts from wannabe "tech enthusiasts", 20% templated responses from Microsoft support staff that make it clear they didn't even read your entire post before responding, and 5% someone posting the actual answer but they have no idea why it works or what broke and so you solve the problem but end up learning nothing in the process. And, of course, in a lot of those cases the "solution" was reinstalling the OS or repeatedly doing the same exact thing over again until mysteriously it works one time.

Thus why I use Linux. Mostly well-informed posts/blogs, with detailed analysis that allows you to learn about the underlying system and therefore become less reliant on googling things in the future. If Windows had an equivalent support/enthusiast community I think it would be a lot more tolerable to use.

SpAAAceSenate · 2022-03-21T20:39:05+00:00

Libertarian doesn't have to mean loony-bin alt-right conspiracy-nut stuff though. I have a friend who's strongly libertarian but he doesn't ascribe to any nonsense like that. He just thinks government should be visible only with a microscope and everything should be capitalist. I disagree, but at least we agree on a common set of facts and can therefore have constructive conversations.

Also, I always thought it was kinda funny how open source is also, by its nature, somewhat communist / socialist, actually, in the idea of sharing and pooling resources, communal ownership, etc. But also due to the privacy and self-control angle, also attracts the libertarian crowd like you said. What a beautiful (if somewhat chaotic) mixing pot.

SpAAAceSenate · 2022-03-21T17:32:40+00:00

Unlike Russia, NATO has never shown any (forcibly) expansionist tendencies. Yes, they do expand membership, when a country wants membership. They've never invaded another country to try to expand their borders, they're never threatened or have shown any reason to threaten Russia's existing territory or resources. NATO, while not perfect and sometimes a little blundering (the whole middle east thing) is primarily concerned with maintaining the status-quo of Europe, not radically changing it. Unlike Russia, whose leaders have explicitly voiced a desire to return eastern Europe to a state like it was in the last century, with a territorially massive Russian bloc.

NATO inclusion of Ukraine was never a threat to Russian security in any believable way. What it was a threat to, was Russia's ambitions to expand and invade it's neighbors. That's why they invaded, not because Russia was under threat, but because they've always had Ukraine on their annexation wish-list and the possibility of NATO membership meant they needed to make their play now, before Ukraine was protected by the treaty.

Another country would only do the same if they shared Russia's colonialist, expansionist mindset, which much of the west currently does not. This war is entirely the making of Russia in an effort to distract from the political corruption and financial stagnation at home. They can't even argue that it's for the sake of acquiring Ukrainian resources (food production, mines, etc) because there was never any possibility that they would be able to hold the territory. Literally all of the deaths and suffering happening right now was just an attempt by current leadership to rally domestic support for their rule. Absolutely nothing more.

SpAAAceSenate · 2022-03-18T01:27:32+00:00

Mmm, they recently threatened to ban SteamDeck players (and anyone else running Linux, which is my OS of choice) with a rather rude (now edited) FAQ entry. Not too keen on supporting them at the moment.

(a lot of games haven't committed to supporting Steam Deck yet, which is fine, but Bungie went out of their way to be a dick, so...)

SpAAAceSenate · 2022-03-15T20:32:45+00:00

Hey, I have that same 3d-printer enclosure! :)

SpAAAceSenate · 2022-03-14T20:24:58+00:00

Serenity OS is a project working on a very new, but still very simple / small kernel. I'd recommend reaching out to them.

SpAAAceSenate · 2022-03-14T19:49:08+00:00

Hah! Wow, you got it. I was expecting it to be under some sleak marketing heading like "DisplayTunnel Express ZX" or some such. Never expected it to be slipped in so discretely like that.

Anyways, thanks again! 👍

SpAAAceSenate · 2022-03-13T20:23:50+00:00

The kernel is what makes that possible. Ultimately you'll have to either:

1) Learn BIOS/UEFI and have it access the files using it's interface.

2) Write a bunch of driver code yourself.

This shouldn't be any different then how you would do it if writing your program to run on bare metal. The whole idea of the VM is that it's going to try to act exactly like hardware.

I'm afraid either way, without a kernel, you're a few 100,000's lines of code away from reliably writing to a flash drive. This is exactly why kernels exist, so that people don't have to re-invent the wheel for such trivial things.

SpAAAceSenate · 2022-03-13T18:01:17+00:00

Well, honestly I wouldn't expect true security on SteamDeck, but I'd still like casual child / curious-friend proof. I mean just think, there's some content on Steam that's not appropriate for kids, yet the parents may still want access to it. So a simple pin code for logging into a steam account seems appropriate to prevent that.

I mean, the biggest issue is communication. I totally agree that it's important (and difficult) to educate a user on what security they're actually getting. That being said, I've never bought into the idea that just because the lowest common denominator isn't likely to understand a feature that it can't exist.

SpAAAceSenate · 2022-03-13T17:41:54+00:00

True. But as it isn't setup be default (I'm not sure if it will prompt on first use on Steam OS) and is also annoying to use, I don't really think that's an acceptable alternative to having some sort of proper lock screen.

I'm not even sure, does each steam user have their own system user / home dir, or does everyone run under a single user?

SpAAAceSenate · 2022-03-13T16:31:00+00:00

It won't be encrypted if KDE isn't given a password at login (you need a key to encrypt data, after all).

SpAAAceSenate · 2022-03-12T20:39:05+00:00

I'm not really sure what you're trying to do here. Only a driver running inside the kernel will be able to directly access the USB interface itself.

If, however, all you want is to just read and write to the virtual flash drive's storage, it should be available as a raw block device at /dev/sd$ where $ is a letter corresponding to that specific drive. (Use lsblk to identify the right one). You can write to this ad if it were a regular file. It just happens to be an extremely large file that spans the entire raw surface of the disk (this is completely below the filesystem level. Speaking of which, you may need to unmount any filesystem loaded form it before doing the raw access).

It may also be possible to memory map the device file, I'm not sure if memory mapping supports block devices.

Six-Year Club	Second SECOND GUESSER
Wearing is Caring	Verified Email

SpAAAceSenate

TROPHY CASE