daine's comments

It is my feeling that some of the conspicuous behaviors of people in positions of influence and monetary wealth do, in fact, rob the practitioner of the small joys of life won through small sacrifice. I do not envy the man who gains hedonic leisure at the expense of the opportunity to elevate a mundane message into a medium for a modicum of joy, and potential human connection. I love tending my garden, and trimming the weeds in our sidewalk.

Looks like we brought down bash.org...

If smearing were adopted as standard, the "seconds," "minutes," and "hours" appearing in timestamps would no longer correspond to literal seconds minutes, and hours of duration, even in principle. That seems very misleading and bad.

TL;DR The authors egregiously diminish legitimate attack vectors that require only the recovery of a priori known data.

The authors dismiss the security value of wiping a hard disk, based on their thesis that weakly-deleted data cannot be recovered without a priori knowledge of that data's content.

They argue the requirement of a priori knowledge of the data to recover negates the security risk of said recovery; this--they argue--reduces the threat model to more of an academic exercise.

What the authors totally neglect, however, is the security risk of confirmation: the risk that an attacker might confirm that the target hard disk did, indeed, store certain data, where the content of that data is known a priori.

Example: Say I have obtained a trove of private incriminating documents associated with some anonymous person, X. I suspect, but don't know, that X is my target, Bob. I would like to prove that Bob is X, and X is Bob, so that I can definitively pin X's crimes on Bob. Say X uses some electronic signature to authenticate his original work as his own. If Bob is X, I should expect Bob's hard disks contain a statistically aberrant abundance of copies of X's signature.

Thus, to pin X's crimes on Bob, if Bob is indeed X, it is sufficient to recover data from Bob's hard disk--data of which I have complete knowledge a priori--namely, X's digital signature.

While I take no issue with the facts, I find the author's conclusions reckless. It seems in their haste to "bust the myth," they extend their result beyond its valid range of application. What could have been a useful clarification on the low risk of _unknown_ data recovery has become a wild and dangerous generalization, 'debunking' best practices.

Re-read the Agile Manifesto from time to time. It takes under thirty seconds.

http://agilemanifesto.org

I am a particle physicist, and this article is confused. The substitution of a glass box _fundamentally_ changes the experiment by allowing phenomena inside the box to correlate with phenomena outside (including your senses). This isn't magic, it's the natural result of light exchanging between stuff inside and out. In the biz, we call this smearing of correlations 'decoherence.'

As for whether the cat 'is' both "dead and alive" in the true black-box Schrodinger scenario, that's very much up for debate. Theorists and philosophers have yet to reach a consensus on how to interpret quantum mechanics, though progress is being made--our quantitative understanding of 'decoherence' being one example.

Don't be fooled: this is an open question.

For more on interpretations: https://en.m.wikipedia.org/wiki/Interpretations_of_quantum_m...