Computing desk
< May 18	<< Apr | May | Jun >>	May 20 >

Welcome to the Wikipedia Computing Reference Desk Archives
The page you are currently viewing is an archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages.

May 19[edit]

The installation process can format the C drive, but does that securely erase all data on the drive, so it cannot be recovered by an undelete utility? — Preceding unsigned comment added by 220.255.1.123 (talk) 00:02, 19 May 2012 (UTC)[reply]

No, formatting a drive does not get rid of all the data. For that you need a special tool such as DBAN or something similar. The article at Data remanence explains it more. RudolfRed (talk) 00:15, 19 May 2012 (UTC)[reply]

It seems Windows does not overwrite data (even with a "full format", which is absent from recent Windows installers anyways), though many other filesystem utilities / OS installers do. Using DBAN is fine, but don't waste your time with anything other than the "quick" option (single pass). ¦ Reisio (talk) 01:08, 19 May 2012 (UTC)[reply]

If you want to securely erase I would suggest using a sledge hammer or angle grinder. Dmcq (talk) 09:51, 20 May 2012 (UTC)[reply]

You know people on the internet, they'll believe anything Wikipedia tells them. XD RMoD (talk) 23:11, 23 May 2012 (UTC)[reply]

Imagine a list of 3 items. You are to scroll to the desired item, then hit Enter to select it.

If two of the items are blue, and one is red, then apparently the red item is the highlighted one.

If two of the items are red, and one is blue, then apparently the blue item is the highlighted one.

Now imagine the list has only two items, one red and one blue. It's now unclear as to which item is highlighted.

I've seen this issue come up on web pages, DVD menus, and cell phones, but I've never had a name for it. Is there one ? StuRat (talk) 01:30, 19 May 2012 (UTC)[reply]

I hope not, why name something when you can just categorize it as "bad UI". ¦ Reisio (talk) 02:06, 19 May 2012 (UTC)[reply]

There are many advantages to naming particular problems. The most obvious is that you can have a checklist where they look specifically for this problem. StuRat (talk) 02:09, 19 May 2012 (UTC)[reply]

I agree there's an advantage, but you can have a checklist for it with or without a name (or even with just icons and no text), and if it's an exhaustive list the chances everything will have its own name will be low anyways. ¦ Reisio (talk) 02:26, 19 May 2012 (UTC)[reply]

This one seems to be a common problem, though, as I've seen it in so many places. I just got my mom a cell phone for Mother's Day, and she keeps calling the wrong number because of it (only 2 names appear on the screen at once from the phone book, and she can't remember which color is the highlight color). StuRat (talk) 05:33, 19 May 2012 (UTC)[reply]

I call that ambiguity. Try to set another color scheme, maybe things look clearer then. OsmanRF34 (talk) 14:44, 19 May 2012 (UTC)[reply]

figure/ground ambiguity? —Tamfang (talk) 16:29, 19 May 2012 (UTC)[reply]

Yes, I call it bad design, and it confuses me, too, but a general rule is that the brighter colour is the one highlighted. Dbfirs 08:32, 20 May 2012 (UTC)[reply]

Not on my Mom's new cell phone, where yellow is the highlight color and the brighter white is the background color. StuRat (talk) 14:31, 20 May 2012 (UTC)[reply]

I propose Murphy's choice, specifically "If there's more than one way to do a job, and one of those ways will result in disaster, then somebody will do it that way.". Vespine (talk) 00:09, 21 May 2012 (UTC)[reply]

Is there a way to use CSS or the php page on my personal MediaWiki project to make all indented text using the colon look like a blockquote? I'm trying to find the easiest way to let my users make multi-paragraph blockquotes because I suspect that the HTML tags <blockquote> and <p>, or a template like Template:Cquote might scare away my less computer-literate editors. Thanks. —Arctic Gnome (talk • contribs) 04:58, 19 May 2012 (UTC)[reply]

Assuming the indent works the same as it does on Wikipedia, it just means it encloses the text in <dt><dd></dd></dt> tags. You can style these like any other block level element — just copy the blockquote style and move it to dd. It should work. You may have to zero out the default settings for dd/dt in the CSS. --Mr.98 (talk) 21:39, 19 May 2012 (UTC)[reply]

If you index your encrypted files (for example, you put them into a Truecrypt container), but let the indexed DB unencrypted, is that security risk? Can the encrypted files be, at least partially, reconstructed by this index? OsmanRF34 (talk) 14:41, 19 May 2012 (UTC)[reply]

Almost certainly yes. -- BenRG (talk) 18:58, 19 May 2012 (UTC)[reply]

I thought that too. You could construct queries like "is 'foo' NEAR 'foo2'?" and such. And is it possible that Windows or Linux index your files without you asking explicitly to? Just by performing a search for a keyword within a group of files? OsmanRF34 (talk) 19:27, 19 May 2012 (UTC)[reply]

Most linux distros don't. You would have to explicitly install a deskop search engine like MetaTracker_(software) or strigi. Staticd (talk) 08:50, 20 May 2012 (UTC)[reply]

Oh? I was under the impression that most Linux distributions contained located and updatedb. On Gnu tool based systems like most Linuxes, findutils is included and runs updatedb periodically, indexing your system. In fact, this has been the norm on commercial and free Linux and Unix systems since 1983; and Gnu findutils has been part of Red Hat, Ubuntu, and other Linux distributions for as long as I can remember. Nimur (talk) 01:51, 22 May 2012 (UTC)[reply]

I'm not understanding the actual risk here, unless the names of the files themselves are sensitive (which they could be, of course). MD5 is not considered particularly secure anymore, but I think that means that you might be able to create two files with the same MD5 and convince your victim to sign one of them, or at worst, create a file with a desired MD5. I don't think it means that you can recover any useful info from the MD5 hash of a large file; there are just too many possibilities for the large file and too little information in the hash. --Trovatore (talk) 02:16, 22 May 2012 (UTC)[reply]

I don't believe that there's an inherent security risk to updatedb; especially if file-permissions are correctly set and enforced. I was simply responding to the earlier claim that "linux distros don't [index your files without you explicilty asking]". Nimur (talk) 04:06, 22 May 2012 (UTC)[reply]

Well, the "file permissions" thing suggests that you're thinking of a different sort of security than I am. I generally assume that TrueCrypt is for guarding against the case where you lose physical control of the machine (for example, someone steals your laptop). I don't know what good file permissions do you in that case.

So supposing you have such a volume mounted by default (which already seems bad to me, because it implies that the system can decrypt it using just your user password, which means an attacker who has that password can read the volume), then updatedb would index it if so configured, and the original question seems to be whether an attacker who had access to the database could thereby get useful information about the encrypted files. Personally I don't see how, unless the filename itself is information you don't want to get out. But BenRG seemed to think differently, and I'm curious to know why. --Trovatore (talk) 06:25, 22 May 2012 (UTC)[reply]

I think we have to draw a line between two forms of indexing: just the file names or the content of files, to perform searches for a specific keyword. My question refers to the second case., and I suppose BenRG answered with that in mind. OsmanRF34 (talk) 13:14, 23 May 2012 (UTC)[reply]

I did, but the point is just that whatever information is indexed can be recovered from the index. If only file names and MD5 hashes are indexed then only that is leaked, but that can still be sensitive (it shows you were in possession of a file that might exist elsewhere). If all n-word sequences are indexed then you can probably recover a good approximation of the contents of all files. I suppose it might be possible with some kind of cryptographic trick to create an index that could not be read directly, but only investigated via queries like "which files contain this sequence of words?", but even then a search using common word sequences would probably recover a lot of information. -- BenRG (talk) 23:34, 23 May 2012 (UTC)[reply]

I had problems with IE9 on a Windows 7 systen, but I got it back. But Windows Update still will not work. It makes a restore point and says it is installing updates, but then it says that it failed. If says:

Error(s) found: code 64C -- unknown error

The help says to download and run Microsoft FixIt. I did that but it doesn't fix it. Any ideas on how to get Update working again? Bubba73 ^{You talkin' to me?} 16:28, 19 May 2012 (UTC)[reply]

Today I put images on a CD and the computer made a loud, grinding noise. What could be causing it? Thank you.--Jeanne Boleyn (talk) 21:47, 19 May 2012 (UTC)[reply]

The CD might have not been seated correctly in the tray. RudolfRed (talk) 22:38, 19 May 2012 (UTC)[reply]

If that's not it, and any CD you put in it makes the same sound, then it sounds like you need to replace to CD drive. StuRat (talk) 23:24, 19 May 2012 (UTC)[reply]

The CD masterised the images. Is it possible the tray is dusty?--Jeanne Boleyn (talk) 08:16, 20 May 2012 (UTC)[reply]

Perhaps, but I'm thinking the particles would need to be larger than just dust, like a grain of sand, perhaps. StuRat (talk) 14:30, 20 May 2012 (UTC)[reply]

Use a flashlight to see if there was already a CD in the drive. Penyulap ☏ 17:26, 20 May 2012 (UTC)[reply]

A laser pointer might work better, or at least a single LED key-chain flashlight. The idea is to only illuminate the inside, and not have so much light reflected from the outside that it blinds you to the dimly lit inner bits. StuRat (talk) 04:00, 21 May 2012 (UTC)[reply]

I tried another CD and there were no unusual noises this time. It was most likely the CD not being inserted properly. Thank you for all your helpful answers!--Jeanne Boleyn (talk) 18:43, 22 May 2012 (UTC)[reply]

Glad to hear it. I'll mark this Q resolved. StuRat (talk) 01:42, 23 May 2012 (UTC)[reply]

What means "masterised the images" please? —Tamfang (talk) 05:22, 23 May 2012 (UTC)[reply]

It's a strange way to say it, but I think she meant she stores her primary copy (master) of those images on CD, from which she would then make copies, as needed. Creating such a master CD is usually called "mastering", but I imagine you could also call it "masterizing", or, if you speak British English, "masterising". StuRat (talk) 05:39, 23 May 2012 (UTC)[reply]

How do you know that your Linux installation is secure? I mean, no malware, viruses, and such. Is there,for example, a tool that tells you which programs are trying to connect to the Internet or that manages authorizations for connecting to the Internet? — Preceding unsigned comment added by OsmanRF34 (talk • contribs) 22:39, 19 May 2012 (UTC)[reply]

The subject is very complicated, and you're going to need a lot of background before you'll fully be able to assess your own security. Use a trusted distribution, downloaded from a trusted source, and don't run untrusted programs on your machine, especially as root.

You can use the "netstat" command to see what open connections you have going at any one time. However any skilled hack could easily hide from that. Broba (talk) 02:38, 20 May 2012 (UTC)[reply]

Software such as AIDE, OSSEC, and other things you might find in category:intrusion detection systems, which basically let you know if files have been altered, and optionally when/how/why/etc.. This is also how you know that any OS is "secure" (by creating a manifest and monitoring it for changes). ¦ Reisio (talk) 05:42, 20 May 2012 (UTC)[reply]

I expect this is not a military-grade question like 'how do I stop people destroying my country and imposing corporate rule?' but more of a 'I just upgraded from the world of windows and am I still dreaming ?' kind of question.

Short answer is you can pinch yourself all you want to, you're not dreaming, there are no viruses or malware on Linux based machines, they are as rare as you being there when it is raining fish from the sky. Simple way is the system monitor to see what network resources are in use when you perform actions or run programs, you can narrow things down like that. There is a lot of automatic updating sort of functionality with linux. Broken things often don't stay broken long, and new easier ways of doing things arrive unannounced. That all uses some traffic usually at switch on or a set time of day. Penyulap ☏ 17:22, 20 May 2012 (UTC)[reply]

Penyulap: are you nuts, or just uninformed? The first well-known computer-security "outbreak" in history - the Morris worm - exploited a programming-error that was widespread across many Unix systems. Running the Linux kernel does not protect users from user-error; and it does not protect users from incompetent-programmer-error. It absolutely does not protect users from malicious and intentional security-breaches. As evidenced in the above discussion about indexing, most casual users of Linux have absolutely no idea what should normally be running on their system, let alone the technical proficiency to see through an intentionally-self-obfuscating security incursion. Here's an essay from a famous computer-programmer: Reflections on Trusting Trust. The ugly but true moral of his story: you just cannot know if your system is "secure." Even if you are running Linux. Even if you compiled Linux from source. Even if you read every single line of the source code, and then compiled it. "Of course, the login command will remain bugged with no trace in source anywhere." (A direct quote from Ken Thompson, the man who wrote the original login command. Do you know who wrote the login command on your Linux?) Nimur (talk) 02:04, 22 May 2012 (UTC)[reply]