September 29, 2010

Why Xmarks should go open source

Image representing Xmarks as depicted in Crunc...Image via CrunchBaseBy Joe Brockmeier

After four years of syncing bookmarks and other browser settings, Xmarks will be shutting its virtual doors at the end of the year. Before the lights are out and the servers go silent, the company should think about releasing its code under an open source license to preserve the Xmarks legacy.

Despite popularity, the Xmarks service is shutting its doors because the company couldn't find a way to make revenue from the service. It's a sad, but predictable, end to an innovative business. Xmarks' failure was predictable for a couple of reasons. First, if the feature was popular enough, it was quite likely that the browser vendors would implement a similar feature. Second, Xmarks was very popular — but mostly with "power" users that needed to back up and sync bookmarks.

That's a small market, and hard to monetize as Todd Agulnick, CTO of Xmarks, points out in the end of the road post. Advertisers didn't see value in the Xmarks offerings, and while it's useful it's hard to charge users for a service like Xmarks. Only a small percentage would be interested enough to spend money on it, and even fewer after Mozilla, Google, and others implemented a sync service of their own.

You have to give the Xmarks team some credit — they don't seem to have explored any options for revenue that would have gone against the interest of their user base. They haven't tried to implement any intrusive adware or anything to make a quick buck, even if that would have kept the wolf from the door a bit longer.

The Xmarks folks have put up a page with alternatives, but they're mostly only useful for those users who are tied into one browser. Before the company closes the door, it'd be great if they could release the source so that the cross-browser synchronization could be picked up by interested developers.

Generally, I'm not a fan of the "we tried everything else, we'll open source it as a last resort" strategy. But the code could be useful, and it seems to me that the team at Xmarks have the users' best interests at heart. If the Xmarks service is going to go dark, at least the code could be reused and maybe continue the legacy of the service past the end of life of the business.

That's good for users, but what about the company? Releasing the Xmarks code as open source allows the development team, if they want, to continue their work in public. For many companies, open source code is much better than a resume. What the developers have learned about synchronizing bookmarks, passwords, and keeping user data private, and searching the collected data would be valuable to a lot of companies and projects.

As a user of Firefox and Chrome, I've used Xmarks off and on for a few years and found it really valuable. The sync features in Chrome and Firefox fall down pretty quickly without the ability to sync between the two browsers. It's disappointing, but not surprising, to see Xmarks going away and I feel bad for the team at Xmarks. However, the company might be able to reap a little benefit by releasing the code rather than letting it collect dust where it does no one any good.
Enhanced by Zemanta

September 27, 2010

Stuxnet, Is Israel To Blame?

Editorial By The Computer Doctor

In this Bloomberg video showcasing the Stuxnet Malware I find a few statements to be very hilarious even though the gravity of the situation calls for less levity than I am able to muster.

In this video, the security expert (male talking hair doo) tries to portray a picture that some government, probably Israel and probably not the U.S., has released the Stuxnet Malware program to target a Nuclear target in Iran.

Please see my editorial after the video...


1:10 "... using stolen certificates..."
Certificates was supposed to be one of the few ways of stopping hackers from gaining access to networks.

1:43 "what are the chances that the U.S. created it?"
Nice softball toss to a former government security adviser.

2:00 "in my judgment it's a very remote possibility"
In The Computer Doctors judgment this is a very real possibility. On July 8th the U.S. announced the “Perfect Citizen” program to help defend industrial networks. Anna Chapman deported to Russia for a spy-swap, from which we got a bunch of ugly fat guys back. With this "Perfect Citizen" program enabled to be some super secret program that will protect important industrial targets from programs just like Stuxnet. How convenient. On the other hand... any program that claims to protect Microsoft Windows is speculative at best.

2:31 "Is Iran really running it's nuclear power, it's nuclear plant on Windows software?"
It's blatantly obvious to female talking hair doo that this is an incredulously bad idea. I agree news chick. Most U.S. military installations only use Windows in a sandbox inside Linux.

2:53 "... it also seems an increasing concern because I don't know... I've used Windows and I know other people have and it's not stable even without a virus sometimes."
You're exactly correct sweetie. Why would you leave the operation of any important industrial process to the fragile stability of Microsoft Windows? Where is the cry for a better solution?

3:07 "Well... (insert crickets chirping) that is the nature of the modern economy and our technology. We rely heavily on these IT systems"
That's F'N Wonderful You Microsoft Fan-Boy, Talking Head, Moronic, Idiot. "well I guess Microsoft is the only thing that separates us from modern man from the cave man" "I guess we'll just bend over and kiss our technological butts goodbye now" This reminds me of the end of the Wizard of Oz where the Giant Head tells Dorthy not to pay any attention to the little man behind the curtain.

3:24 "that's why it's so important to stay up to date with your software patches that come along"
Hooray for Microsoft. Their patches always fix the problems... unless they totally miss the problem and the zero day, and could cause more problems than they fix. Although I agree that installing patches is vitally important, if Microsoft patches fixed their software we wouldn't need antivirus software, antispyware, Intrusion Prevention Systems, Firewalls, Proxies, VPN's, Certificates, et al ad infinitum.


People, do not rely on our government or any other government to have it's citizens best interest at heart. If you don't think that the U.S. in conjunction with Israel is not taking a gigantic gamble with the technological backbone of the world you are mistaken. On the other hand it is too late for Joe Six-Pack to do anything. We have voted in these out of control governments for over four generations now. How else do we expect them to act?
Enhanced by Zemanta

September 23, 2010

Microsoft Missed 2009 Published Article on Stuxnet-Type Attack

by Paul Roberts

A security flaw affecting Microsoft's Windows operating system that was exploited by the Stuxnet worm was publicly disclosed more than a year before the worm appeared, according to a researcher at Symantec Corp.

On September 17, Symantec researcher Liam O Murchu noted on that company's Connect blog that a security publication in April, 2009 had described the same flaw in the Windows Print Spooler Service function that Stuxnet used. Microsoft disclosed and patched the hole in its September security update on September 14, saying it learned of the vulnerability from researchers at Kaspersky Lab.

O Murchu was one of a handful of security researchers who discovered the Print Spooler Service hole as part of a forensic analysis of Stuxnet. The vulnerability, which was believed at the time to be previously undisclosed, affects most versions of Windows, could allow remote code to be run on vulnerable systems. Microsoft issued a security update, MS10-061, closing the hole and commending researchers at Kaspersky Lab and Symantec for relaying information about the vulnerability.

However, it now appears that information about the flaw was in the public domain for more than a year before Stuxnet first appeared, buried in the pages of Hakin9, a respected bimonthly magazine published out of Warsaw, Poland. An article by security researcher Carsten Köhler describes how shared network printer functionality on Windows can be used to elevate the local user's privileges or to gain command line access to network print servers. The article details both privilege escalation attacks and attack code for carrying out remote code excecution on a vulnerable Windows system.

O Morchu said that Microsoft has confirmed that the vulnerability described by Carsten Köhler is the same as the hole that was patched by MS10-061. Microsoft did not immediately respond to requests for comment, but a company spokesman also acknowledged, in a published report, that details of the hole were discussed in a security publication in April, 2009, but said that the company was not made aware of the issue at the time.

The Print Spooler Service hole was just one of four Windows security flaws that were believed to be unknown at the time Stuxnet was identified in the wild. Three other flaws have yet to be patched by Microsoft, which promises fixes in the coming months.

The sophistication of the worm and its ability to compromise industrial control systems by Siemens Inc. has led to speculation that Stuxnet was the work of state-sponsored hackers and may have had a specific target in mind. In recent days, attention has turned to Iran and the country's controversial Bushehr nuclear reactor. Iran had the highest rate of Stuxnet infections in the world, and some speculate that the worm started as a targeted attack against Bushehr or related facilities, but then jumped the fence to India and other countries.

Attention now shifts to the researcher in question, Carsten Köhler, who is described as a former Ernst & Young employee who now "works as an information systems security expert for a European institution." Researchers typically relay their findings to Microsoft's Security Response Center in advance of, or at the time they decide to go public. After a dust up with Google, the company recently revised its policy of "responsible disclosure" to advocate "coordinated vulnerability disclosure," encouraging researchers to give the company an opportunity to patch security holes before details of them are made public.
Enhanced by Zemanta

September 22, 2010

Is Stuxnet the 'best' malware ever?

'Groundbreaking' worm points to a state-backed effort, say experts

By Gregg Keizer

Computerworld - The Stuxnet worm is a "groundbreaking" piece of malware so devious in its use of unpatched vulnerabilities, so sophisticated in its multipronged approach, that the security researchers who tore it apart believe it may be the work of state-backed professionals.

"It's amazing, really, the resources that went into this worm," said Liam O Murchu, manager of operations with Symantec's security response team.

"I'd call it groundbreaking," said Roel Schouwenberg, a senior antivirus researcher at Kaspersky Lab. In comparison, other notable attacks, like the one dubbed Aurora that hacked Google's network and those of dozens of other major companies, were child's play.

O Murchu and Schouwenberg should know: They work for the two security companies that discovered that Stuxnet exploited not just one zero-day Windows bug but four -- an unprecedented number for a single piece of malware.

Stuxnet, which was first reported in mid-June by VirusBlokAda, a little-known security firm based in Belarus, gained notoriety a month later when Microsoft confirmed that the worm was actively targeting Windows PCs that managed large-scale industrial-control systems in manufacturing and utility firms.

Those control systems are often referred to using the acronym SCADA, for "supervisory control and data acquisition." They run everything from power plants and factory machinery to oil pipelines and military installations.

At the time it was first publicly identified in June, researchers believed that Stuxnet -- whose roots were later traced as far back as June 2009 -- exploited just one unpatched, or "zero-day," vulnerability in Windows and spread through infected USB flash drives.

Iran was hardest hit by Stuxnet, according to Symantec researchers, who said in July that nearly 60% of all infected PCs were located in that country.

On Aug. 2, Microsoft issued an emergency update to patch the bug that Stuxnet was then known to exploit in Windows shortcuts.

But unbeknownst to Microsoft, Stuxnet could actually use four zero-day vulnerabilities to gain access to corporate networks. Once it had access to a network, it would seek out and infect the specific machines that managed SCADA systems controlled by software from German electronics giant Siemens.

With a sample of Stuxnet in hand, researchers at both Kaspersky and Symantec went to work, digging deep into its code to learn how it ticked.

The two companies independently found attack code that targeted three more unpatched Windows bugs.

"Within a week or week and a half [of news of Stuxnet], we discovered the print spooler bug," said Schouwenberg. "Then we found one of the EoP [elevation of privilege] bugs." Microsoft researchers discovered a second EoP flaw, Schouwenberg said.

Working independently, Symantec researchers found the print spooler bug and two EoP vulnerabilities in August.

Both firms reported their findings to Microsoft, which patched the print spooler vulnerability on Tuesday and said it would address the less-dangerous EoP bugs in a future security update.

"Using four zero-days, that's really, really crazy," said Symantec's O Murchu. "We've never seen that before."

Neither has Kaspersky, said Schouwenberg.

But the Stuxnet wonders didn't stop there. The worm also exploited a Windows bug patched in 2008 with Microsoft's MS08-067 update. That bug was the same vulnerability used to devastating effect by the notorious Conficker worm in late 2008 and early 2009 to infect millions of machines.

Once within a network -- initially delivered via an infected USB device -- Stuxnet used the EoP vulnerabilities to gain administrative access to other PCs, sought out systems running the WinCC and PCS 7 SCADA management programs, hijacked them by exploiting either the print spooler or MS08-067 bugs, then tried the default Siemens passwords to commandeer the SCADA software.

They could then reprogram the so-called PLC (programmable logic control) software to give machinery new instructions.

On top of all that, the attack code seemed legitimate because the people behind Stuxnet had stolen at least two signed digital certificates.

"The organization and sophistication to execute the entire package is extremely impressive," said Schouwenberg. "Whoever is behind this was on a mission to get into whatever company or companies they were targeting."

O Murchu seconded that. "There are so many different types of execution needs that it's clear this is a team of people with varied backgrounds, from the rootkit side to the database side to writing exploits," he said.

The malware, which weighed in a nearly half a megabyte -- an astounding size, said Schouwenberg -- was written in multiple languages, including C, C++ and other object-oriented languages, O Murchu added.

"And from the SCADA side of things, which is a very specialized area, they would have needed the actual physical hardware for testing, and [they would have had to] know how the specific factory floor works," said O Murchu.

"Someone had to sit down and say, 'I want to be able to control something on the factory floor, I want it to spread quietly, I need to have several zero-days,'" O Murchu continued. "And then pull together all these resources. It was a big, big project."

One way that the attackers minimized the risk of discovery was to put a counter in the infected USB that allowed it to spread to no more than three PCs. "They wanted to try to limit the spread of this threat so that it would stay within the targeted facility." O Murchu said.

And they were clever, said Schouwenberg.

Once inside a company, Stuxnet used the MS08-067 exploit only if it knew that the target was part of a SCADA network. "There's no logging in most SCADA networks, and they have limited security and very, very slow patch cycles," Schouwenberg explained, making the long-patched MS08-067 exploit perfect for the job.

Put all that together, and the picture is "scary," said O Murchu.

So scary, so thorough was the reconnaissance, so complex the job, so sneaky the attack, that both O Murchu or Schouwenberg believe it couldn't be the work of even an advanced cybercrime gang.

"I don't think it was a private group," said O Murchu. "They weren't just after information, so a competitor is out. They wanted to reprogram the PLCs and operate the machinery in a way unintended by the real operators. That points to something more than industrial espionage."

The necessary resources, and the money to finance the attack, puts it out the realm of a private hacking team, O Murchu said.

"This threat was specifically targeting Iran," he continued. "It's unique in that it was able to control machinery in the real world."

"All the different circumstances, from the multiple zero-days to stolen certificates to its distribution, the most plausible scenario is a nation-state-backed group," said Schouwenberg, who acknowledged that some people might think he was wearing a tin foil hat when he says such things. But the fact that Iran was the No. 1 target is telling.

"This sounds like something out of a movie," Schouwenberg said. "But I would argue it's plausible, suddenly plausible, that it was nation-state-backed."

"This was a very important project to whoever was behind it," said O Murchu. "But when an oil pipeline or a power plant is involved, the stakes are very high."

And although Siemens maintains that the 14 plants it found with infected SCADA systems were not affected or damaged by Stuxnet, O Murchu and Schouwenberg weren't so sure.

Experts have disagreed about when the Stuxnet attacks began -- Kaspersky believes it was as early as July 2009, while Symantec traced attacks back to January 2010 -- but they agree that the worm went undetected for months.

"We don't know if they succeeded or not, but I imagine that they got to the targets that they wanted," said O Murchu, citing the stealthy nature and sophistication of the worm.

"The command-and-control infrastructure of Stuxnet is very, very primitive, very basic," said Schouwenberg. "I think they were convinced that they would be able to do what they wanted before they were detected."

O Murchu will present a paper on Symantec's Stuxnet work at the Virus Bulletin security conference, which is slated to kick off Sept. 29 in Vancouver, British Columbia. Researchers from Microsoft and Kaspersky will present a separate paper at the same conference.
Enhanced by Zemanta

September 20, 2010

Finishing Studio

paint roller beside paint brush at paint reservoirImage via Wikipediaby The Computer Doctor

So this weekend we finished the trim and peeled off the painters tape. The room looks awesome except for a few spots that the paint flaked away from the wall. Two of the walls are cement and I noticed in high humidity that the paint bubbles away from the wall. We have a dehumidifier that runs down in the basement now, but we'll have to see how it is down there next summer.

The next step is to start cleaning out the basement and setting up one half of the room as the family room and the other half being divided between my computer repair shop and recording studio and my wife's sewing and craft area.

I'm still looking for the right camera to tape my video segments. I'm considering the Flip Mino HD because it's one of the products in the merchandise shop that I sell, but I haven't made up my mind yet. I'm also experimenting with studio lighting. Hope to have pictures soon.
Enhanced by Zemanta

September 17, 2010

Why doesn't Linux need defragmenting?

Edited By The Computer Doctor

Hard disk dissectionImage by Roberto F. via Flickr. . . That is a question that crops up with regularity on Linux forums when new users are unable to find the defrag tool on their shiny new desktop. Here's my attempt at giving a simple, non-technical answer as to why some filesystems, suffer more from fragmenting than others. For this example we are using a FAT16/FAT32/NTFS filesystem and contrast against a EXT2/EXT3 filesystem.

Rather than simply stumble through lots of dry technical explanations, I'm opting to consider that an ASCII picture is worth a thousand words. Here, therefore, is the picture I shall be using to explain the whole thing:

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
b 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
g 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
h 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
j 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
k 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
l 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
m 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
n 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
o 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
p 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
q 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
r 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
s 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
t 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
u 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
v 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
w 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
y 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
z 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

This is a representation of a (very small) hard drive, as yet completely empty - Hence all the zeros. The a-z's at the top and the left side of the grid are used to locate each individual byte of data: The top left is aa, top right is za, and bottom left is az. You get the idea, I'm sure. . .

We shall begin with a simple filesystem of a sort that most users are familiar with: One that will need defragmenting occasionally. Such filesystems, which include FAT, remain important to both Windows and Linux users: if only for USB flash drives, FAT is still widely used - unfortunately, it suffers badly from fragmentation.

We add a file to our filesystem, and our hard drive now looks like this:

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a T O C h e l l o . t x t a e l e 0 0 0 0 0 0 0 0 0 0
b 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 T O C
e H e l l o , _ w o r l d 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

(Empty rows g-z ommitted for clarity)

To explain what you see: The first four rows of the disk are given over for a "Table of contents", or TOC. This TOC stores the location of every file on the filesystem. In the above example, the TOC contains one file, named "hello.txt", and says that the contents of this file are to be found between ae and le. We look at these locations, and see that the file contents are "Hello, world"

So far so good? Now let's add another file:

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a T O C h e l l o . t x t a e l e b y e . t x t m e z
b e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 T O C
e H e l l o , _ w o r l d G o o d b y e , _ w o r l d
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

As you can see, the second file has been added immediately after the first one. The idea here is that if all your files are kept together, then accessing them will be quicker and easier: The slowest part of the hard drive is the stylus, the less it has to move, the quicker your read/write times will be.

The problem this causes can be seen when we decide to edit our first file. Let's say we want to add some exclamation marks so our "Hello" seems more enthusiastic. We now have a problem: There's no room for these exclamation marks on our filesystem: The "bye.txt" file is in the way. We now have only two options, neither is ideal:

  1. We delete the file from its original position, and tack the new, bigger file on to the end of the second file - lots of reading and writing involved
  2. We fragment the file, so that it exists in two places but there are no empty spaces - quick to do, but will slow down all subsequent file accesses.

To illustrate: Here is approach one

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a T O C h e l l o . t x t a f n f b y e . t x t m e z
b e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 T O C
e 0 0 0 0 0 0 0 0 0 0 0 0 G o o d b y e , _ w o r l d
f H e l l o , _ w o r l d ! ! 0 0 0 0 0 0 0 0 0 0 0 0

And here is approach two:

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a T O C h e l l o . t x t a e l e a f b f b y e . t x
b t m e z e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 T O C
e H e l l o , _ w o r l d G o o d b y e , _ w o r l d
f ! ! 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Approach two is why such filesystems need defragging regularly. All files are placed right next to each other, so any time a file is enlarged, it fragments. And if a file is reduced, it leaves a gap. Soon the hard drive becomes a mass of fragments and gaps, and performance starts to suffer.

Let's see what happens when we use a different philosophy. The first type of filesystem is ideal if you have a single user, accessing files in more-or-less the order they were created in, one after the other, with very few edits. Linux, however, was always intended as a multi-user system: It was gauranteed that you would have more than one user trying to access more than one file at the same time. So a different approach to storing files is needed. When we create "hello.txt" on a more Linux-focussed filesystem, it looks like this:

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a T O C h e l l o . t x t h n s n 0 0 0 0 0 0 0 0 0 0
b 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 T O C
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
g 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
h 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
j 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
k 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
l 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
m 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
n 0 0 0 0 0 0 0 H e l l o , _ w o r l d 0 0 0 0 0 0 0
o 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
p 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
q 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
r 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
s 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
t 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
u 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
v 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
w 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
y 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
z 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

And then when another file is added:

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a T O C h e l l o . t x t h n s n b y e . t x t d u q
b u 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 T O C
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
g 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
h 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
j 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
k 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
l 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
m 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
n 0 0 0 0 0 0 0 H e l l o , _ w o r l d 0 0 0 0 0 0 0
o 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
p 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
q 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
r 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
s 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
t 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
u 0 0 0 G o o d b y e , _ w o r l d 0 0 0 0 0 0 0 0 0
v 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
w 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
y 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
z 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

The cleverness of this approach is that the disk's stylus can sit in the middle, and most files, on average, will be fairly nearby: That's how averages work, after all.

Plus when we add our exclamation marks to this filesystem, observe how much trouble it causes:

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a T O C h e l l o . t x t h n u n b y e . t x t d u q
b u 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 T O C
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
g 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
h 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
j 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
k 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
l 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
m 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
n 0 0 0 0 0 0 0 H e l l o , _ w o r l d ! ! 0 0 0 0 0
o 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
p 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
q 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
r 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
s 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
t 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
u 0 0 0 G o o d b y e , _ w o r l d 0 0 0 0 0 0 0 0 0
v 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
w 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
y 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
z 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

That's right: Absolutely none.

The first filesystem tries to put all files as close to the start of the hard drive as it can, thus it constantly fragments files when they grow larger and there's no free space available.

The second scatters files all over the disk so there's plenty of free space if the file's size changes. It can also re-arrange files on-the-fly, since it has plenty of empty space to shuffle around. Defragging the first type of filesystem is a more intensive process and not really practical to run during normal use.

Fragmentation thus only becomes an issue on ths latter type of system when a disk is so full that there just aren't any gaps a large file can be put into without splitting it up. So long as the disk is less than about 80% full, this is unlikely to happen.

It is also worth knowing that even when an OS says a drive is completely defragmented, due to the nature of hard drive geometry, fragmentation may still be present: A typical hard drive actually has multiple disks, AKA platters, inside it.

Let's say that our example hard drive is actually on two platters, with aa to zm being the first and an to zz the second:

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
b 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
g 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
h 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
j 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
k 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
l 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
m 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

a b c d e f g h i j k l m n o p q r s t u v w x y z

n 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
o 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
p 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
q 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
r 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
s 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
t 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
u 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
v 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
w 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
y 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
z 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

The following file would be considered non-fragmented, because it goes from row m to row n, but this ignores the fact that the stylus will have to move from the very end of the platter to the very beginning in order to read this file.

   a b c d e f g h i j k l m n o p q r s t u v w x y z

a T O C h e l l o . t x t r m e n 0 0 0 0 0 0 0 0 0 0
b 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 T O C
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
g 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
h 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
j 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
k 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
l 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
m 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 H e l l o , _ w o

a b c d e f g h i j k l m n o p q r s t u v w x y z

n r l d ! ! 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
o 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
p 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
q 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
r 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
s 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
t 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
u 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
v 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
w 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
y 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
z 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
I hope this has helped you to understand why some filesystems can suffer badly from fragmentation, whilst others barely suffer at all; and why no defragging software came with your Linux installation.
Enhanced by Zemanta

September 15, 2010

The Gullible, The Ignorant, The Proof That Survival Of The Fittest Is A Myth

By The Computer Doctor

A Big Red buttonImage via WikipediaSo we had a malicious e-mail at work the other day. So sad, but totally predictable. Given enough time with enough freedom someone will bring malware, virus, trojan, root-kit, ect. to work through their e-mail or playing a game on a web-site or something equally stupid.

So the deployment in this case was a false PDF file. You know... random person you never talk to sends you an e-mail saying "here is the PDF we talked about" and when you hover over the supposed PDF it is actually a file with a different extension.

So despite the warning from our IT guys, two of my co-workers felt compelled to open the file anyway.

SWEET MOTHER OF MARY!!!!

I Swear to God Almighty that if there was a box with a button that read "DANGER Do Not Press The Red Button" and it was hooked up to a bomb, they would probably press it just to see what would happen.

What more proof do we need that survival of the fittest is a myth and that the human race would never have survived if it were true?

So we had an idea... bad news, I know. What if we made a box with a red button that read "Do Not Press" with a counter inside. I wonder how many clicks we would get each day?
In the spirit of the red button project, please enjoy the virtual red button below.



Enhanced by Zemanta

September 14, 2010

AMD says goodbye to the ATI brand

By Agam Shah

Image representing AMD as depicted in CrunchBaseImage via CrunchBaseAdvanced Micro Devices on Monday said it will remove the ATI name from its products by the end of the year, killing a brand name synonymous with graphics enthusiasts for 25 years.

AMD offers a range of graphics products under the ATI brand, including the Radeon, FirePro and Eyefinity offerings. The chip designer will instead attach the name AMD to those products by the end of the year, said Drew Erskine, an AMD spokesman.
ATI LogoImage via Wikipedia
The change in brand name won't affect the company's graphics product offerings or plans, Erskine said.

ATI was originally established in 1985 as a graphics company and was acquired by AMD in 2007 for US$5.4 billion. At the time of the acquisition, ATI was the one of the largest graphics chip providers for consumer electronics, set-top boxes and gaming consoles. AMD said at the time it would continue to offer ATI products, and it also announced a next-generation processor design called Fusion, which would combine high-performance graphics and CPU processing on a single piece of silicon.

AMD had trouble incorporating ATI into operations, taking billions of dollars in charges that affected the company's profitability. Observers initially declared the AMD-ATI merger a bust, but benefits are now being reaped. AMD in the second quarter of this year recorded faster year-over-year growth in the graphics market than leader Intel and rival Nvidia. After delays, chips based on the Fusion architecture are also being readied, with a chip code-named Ontario shipping in the fourth quarter.

The company always had the option to transition brand names since the merger, but Erskine said now was the right time as AMD wanted to take advantage of its growing momentum in the graphics market, Erskine said.

The change could also help give AMD more exposure. For example, Apple uses the ATI graphics in the iMac, with the ATI logo prominently displayed on Apple's website. The logo would instead reflect AMD, which could help expand the company's visibility.
Enhanced by Zemanta

September 03, 2010

New Quarterly Digest

By The Computer Doctor
Photobucket
Some of my new readers have inquired about issues of my blog from the past.

Now in addition to scrolling back through old posts I have a new printable digest for each quarter with additional editorial. Hope you enjoy.

September 01, 2010

Network Cabling

UTP Patch CableImage via Wikipediaby The Computer Doctor

So I'm getting ready for the day that painting the basement family room, spare bedroom, and underground lair will be completed.
One of the things that I will be doing next is running network cable and creating patch cables to connect my servers, work bench, wireless network and network printer together.

Keystone Outlets:
On my main floor I want to have an outlet with two RJ45 jacks for my wireless access point and for my network printer (which is actually a normal printer that I'm using a usb to cat5 converter on both ends and will have it plugged into my print server)
This video shows how to punch down a keystone jack and install it in your wall plate.



Patch Panels:
This next video shows how to punch down to a patch panel. Why use a patch panel? To keep everything organized and easily rewired for a multiple LAN environment. In my case... why not, it was in the pile of junk.



Patch Cabels:
This final video shows how to create patch cabels. Some people use patch cabels for end to end instalation. For most U.S. home and business installations you will use the 568B wiring standard. I have seen that 568A is a European standard and on other sites I've read that 568A is a U.S. government standard. The fact of the matter is that as long as you use the same wiring pattern on both ends of your cable it doesn't matter, but as a general practice I always use the 568B wiring standard.




Enhanced by Zemanta

Hex Converter

Hex To ASCII Converter

Hex:
Ascii:

 

Integer to Byte converter


This is a tool to practice converting between decimal and binary representations. After you have practiced for a while and feel that you know how to do the conversions, take the quiz.
Decimal number to convert:
Binary representation:


Binary number to convert:
Decimal representation: