SAFEBOOT SOLO from CONTROL BREAK INTERNATIONAL: DO NOT USE hwefoech9hfcvkbvi

Discussion in 'Computer Security' started by Fritz Wuehler, Jun 30, 2004.

  1. NOTE: This message was sent thru a mail2news gateway.
    No effort was made to verify the identity of the sender.
    --------------------------------------------------------

    SAFEBOOT SOLO if full disk encryption software. It is
    incompatible with Norton Speed Disk; this fact is not brought to
    the attention of the potential customer in a conspicuous manner
    prior to installation, but is difficult to find on their
    website. Use of Speed Disk after installation WILL result in
    complete data lose. The recovery tools (boot disk images)
    provided with the software package WILL NOT restore data after
    Speed Disk usage; the drives must be sent into the company for
    recovery and they will threaten to charge you a fee to recover.

    After heated email exchanges, I sent my perfectly working
    working drives to their address in Naples, Florida. Upon
    receipt of the drives, they claimed that the drives arrived
    broken. Interestingly, there was only a seven (7) minute delay
    from the delivery time reported by the USPS, by computer
    tracking label, and their email to me stating that the drives
    were broken. Obviously, that would have been insufficient time
    to even transport the drives to the workbench, let alone to
    unpack and test. The reader may draw his own conclusion.

    The company still refuses to send the drives for data recovery,
    a necessary step to retrieve the data from the now broken
    drives, so that they may decrypt the data and return to me.

    Some data on one drive was recovered, no data on broken drive
    was recovered. The data that was recovered was recovered
    without the use of my password since I intentionally never gave
    them a password after they requested it. I was concerned about
    the software being backdoored; you may now draw your own
    conclusions regarding this issue.

    I have found the company and its personnel very difficult to
    deal with; I have dealt with these individuals mostly:

    Mr. SIMON HUNT, CHIEF TECHNOLOGIST
    Mr. MARCO VERSTEIJNE, COMPANY SECRETARY

    I DO NOT RECOMMEND THIS COMPANY OR ANY OF ITS PRODUCTS.

    HCUIEWHR9WANFHASDRT89RT4JSDBF8WERRTHOCFNVD9PSURT90OIWERHTOXCNFGJ
    TPNSAIFHGXCLNVIJFGORHOIER
    NCWEIOJHFA VJHHTIJWE4RIOVNOPXCFMSERIOU60OFIXGNOPIERAJFG09FMOF
    IJFDHVOIXCFMOSDFUPMFOBJS-SDMDSFUF0WE
    MNOSDVAFJ G JGVOXCZDRVGFMDJKOGVOXCMVFTJCP
    XCFIMZDFCERJGPVXCVmncosfioperaw

    mkxzcgmfopiseru0t34uymvxjhgksdno
    mxfgiojfoieruopcerg
    iofv fgiocer h9gjeriojh
     
    Fritz Wuehler, Jun 30, 2004
    #1
    1. Advertising

  2. Fritz Wuehler

    Frode Guest

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Fritz Wuehler wrote:
    > SAFEBOOT SOLO if full disk encryption software. It is
    >incompatible with Norton Speed Disk; this fact is not brought to
    >the attention of the potential customer in a conspicuous manner
    >prior to installation, but is difficult to find on their website.


    Difficult to find? The download page clearly states "Please be sure to read
    the FAQ (from the tab in the product page or the support page) to learn
    more about SafeBoot Solo, and any software compatibility issues."

    And what does the FAQ say? It specifically explains how to safely run
    speeddisk.

    If you want to complain to someone, complain to Symantec. Speeddisk ignores
    the flags on files. c:\safeboot.fs is attrib +r and +s. Speeddisk should
    not move it. Yet it does. (I use speeddisk myself btw)

    You also ignored another important piece of advice, again on the very page
    where you clicked the download link "As with any important data, please
    make regular personal backups of your data to a separate location, in case
    of hardware or software failure.".

    >Use of Speed Disk after installation WILL result in
    >complete data lose. The recovery tools (boot disk images)
    >provided with the software package WILL NOT restore data after
    >Speed Disk usage; the drives must be sent into the company for
    >recovery and they will threaten to charge you a fee to recover.


    That's what you get for ignoring instructions. Though I'm surprised as to
    why the floppy wouldn't be able to decrypt the drive, even if rendering it
    in an unbootable state.

    >The company still refuses to send the drives for data recovery,
    >a necessary step to retrieve the data from the now broken
    >drives, so that they may decrypt the data and return to me.


    If they were broken during shipping, your point of complaint would be the
    carrier, not the receiver. Recovery from a physically damaged medium is
    extremely expensive, obviously beyond the scope of what their support will
    do unless you pay the third party bill.

    >Some data on one drive was recovered, no data on broken drive
    >was recovered. The data that was recovered was recovered
    >without the use of my password since I intentionally never gave
    >them a password after they requested it.


    But you did try to run the recovery disk, I assume. Since you stated that
    didn't do you any good. Guess what the recovery disk does?

    I would still like for Simon (or someone else from CBI) to clarify this
    point though. Was the recovery disk included in the shipment? Did it
    succeed in resetting the password or otherwise facilitate the subsequent
    recovery attempt?

    >I have found the company and its personnel very difficult to
    >deal with; I have dealt with these individuals mostly:
    >Mr. SIMON HUNT, CHIEF TECHNOLOGIST


    I've gotten prompt replies from Simon to pretty much all my queries. Both
    before and after I became a customer.

    >I DO NOT RECOMMEND THIS COMPANY OR ANY OF ITS PRODUCTS.


    I do. Luckily, it's not necessary. Everybody can download the trial and
    make up their own mind. If you choose not to have backups of your data,
    don't blame anybody else if a harddrive breaks due to software or hardware
    failure and you lose everything on it.


    - --
    Frode


    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.1

    iQA/AwUBQOLjEeXlGBWTt1afEQLW9QCfSesShIpr9b7px4dlC1nlFLbSOnIAoKuE
    eEcApqbnPAsMgvcKHwL4egkL
    =SlH9
    -----END PGP SIGNATURE-----
     
    Frode, Jun 30, 2004
    #2
    1. Advertising

  3. Fritz Wuehler

    *Vanguard* Guest

    Frode said in news:eek::
    <snip>
    > If you want to complain to someone, complain to Symantec. Speeddisk
    > ignores the flags on files. c:\safeboot.fs is attrib +r and +s.
    > Speeddisk should not move it. Yet it does. (I use speeddisk myself
    > btw)


    When has just the read and system file attributes together (or really
    just the system file attribute alone) been sufficient to demarcate that
    a file should not be moved by defragmentation? Maybe you meant to
    mention the hidden file attribute. I haven't had Norton
    Utilities/SystemWorks installed for a long time so there is no help file
    for it that I can check. I thought only hidden-marked files were not
    moved by default and you had to add other files to a list to not move
    them (I had a educational training program that required its license
    file not be moved by a defragger).

    Speedisk has become a hazardous defragmenter. When NTFS5 first appeared
    (SP6 for NT4, I believe), it could corrupt your file system. Symantec
    is a software predator (have they ever been the original developer?).
    They are a software publisher that purchases other products to fold
    under their management. This predatory nature exhibits itself over time
    as support and robustness of their products wane over time. They are a
    software publisher first and a software developer second (or maybe
    third).

    I have yet to find information from Symantec regarding their Speedisk
    utility that says it supports alternate data streams for files under
    NTFS (see http://support.microsoft.com/?id=105763) which is an attribute
    (i.e., pointer) for the alternate data stream in the file system. Most
    users don't even known about alternate data streams (where you can have
    completely different content in each data stream) because Explorer, the
    'dir' command, and other common end-user tools never expose this NTFS
    feature.

    Even Microsoft's own SFC (system file checker) is deficient regarding
    alternate data streams. While Windows File Protection will prevent the
    replacement of protected system files, it does not prevent a user with
    sufficient permissions from adding an alternate data stream to a system
    file. SFC.exe will show the protected system files are okay but it
    won't check the alternate data streams (which I consider a significant
    security flaw). For non-protected system files, ANYONE can attach an
    alternate data stream to a file. Even the Guest account can do that.
    You can even add an ADS (alternate data stream) to a directory entry.

    Microsoft provides nothing for tools to manage and report alternate data
    streams of files. You have to go use 3rd party tools, like lads.exe by
    Frank Heyne. If you copy a file that has alternate data streams to a
    non-NTFS media, like a floppy, the alternate data stream simply gets
    truncated or maybe you get a message saying there isn't enough room for
    your 1-byte file (because there is 20MB in an alternate data stream
    attributed to the file). You could, for example, download a text file
    that looks inocuous because all you see it plain text but it has an
    executable file in an ADS that is harmful. You see goodfile.txt but a
    script might run "start goodfile.txt:wipedisk.exe". If the use of ADS
    was really to provide additional attributes then Microsoft should have
    made all content within an ADS to always be non-executable; i.e.,
    something like "start goodfile.txt:wipedisk.exe" should abort with an
    error like "Alternate data streams (ADSs) are not executable (file =
    "goodfile.txt", ADS: "wipedisk.exe")", or just refuse to run any
    executable that has a colon (":") in its filename (which may be what
    happens now in Windows XP since "start test.txt:calc.exe", where the
    Calculator program has been put into an ADS, results in an illegal
    syntax error message but the linked articles usually refer to Windows
    2000 although one mentioned XP, plus that doesn't stop the content in
    the ADS from being programmatically extracted and executed).

    I don't know if Symantec checks for ADSs even in their anti-virus
    products to search through any "hidden" content. ADSs aren't new.
    They've been around since NTFS showed up. However, I have yet to find a
    reference in Symantec's KB about ADS. In the the last reference link
    below, the statement "Virus scanners only check the default data streams
    of files" gets me very concerned that virus snots can use ADS to bypass
    anti-virus software (but there is no datestamp in this article to
    determine its timeliness, and the W2K.Stream virus it mentions that
    utilitizes ADS is dated by Symantec at http://snipurl.com/7g73 back in
    September 2000). It is also noted in this article, however, that the
    real-time scanner for an anti-virus product should detect the virus when
    it is attempted to get loaded into memory from the ADS of the infected
    file. So a manual scan won't see the infection but the real-time
    scanner will detect it getting loaded. That might be why users of
    online scanners won't sometimes see an infection that has been reported
    by your anti-virus' on-demand scanner. But on-demand virus scanners can
    pose a major hit on performance so it may not be running on a production
    server.

    Some references:
    http://www.ntfs.com/ntfs-multiple.htm
    http://support.microsoft.com/?id=105763
    http://www.windowsecurity.com/articles/Alternate_Data_Streams.html

    Utilities to detect ADS:
    http://www.heysoft.de/nt/ntfs-ads.htm
    http://www.crucialsecurity.com/downloads.html (crucialADS utility)
    http://www.sysinternals.com/ntw2k/source/misc.shtml#streams

    I quit using Norton's Speedisk, even their latest version, when it
    corrupted a few systems after repeated automated use. Hopefully
    Microsoft worked with Diskeeper who provided the crippled defrag utility
    that is included in an install of Windows XP. It may be that Speedisk
    does work with ADS. However, it has proven a bit too flaky and has
    gotten worse over time to trust it on a critical host. Also, "SpeedDisk
    does NOT honor the file placement being done by Windows XP every three
    days", per Greg Hayes from Raxco that makes the PerfectDisk defragmenter
    (see Google Groups at http://snipurl.com/7g7i but that is dated back in
    2002, which was about the last time I used Speedisk, yet I haven't found
    anything in Symantec's KB to refute it). Layout.ini is in your Prefetch
    folder.

    For now, I'll just use the defragger that comes included in Windows XP.
    And, yes, it can be scheduled by adding an event to run defrag.exe in
    Task Scheduler. Sometime later I'll check out using Diskeeper or
    PerfectDisk when I perchance have money to burn.

    <snip>

    --
    ____________________________________________________________
    *** Post replies to newsgroup. Share with others.
    *** Email domain = ".com" *AND* append "=NEWS=" to Subject.
    ____________________________________________________________
     
    *Vanguard*, Jul 1, 2004
    #3
  4. Fritz Wuehler

    Rik Guest

    After reading this, I draw a simple conclusion: You are only trying to
    blame someone else for mistakes you have made and then expect that the
    whole world is going to revolve around you. My advise, read the
    responses above and LEARN something from it in stead of pointing the
    finger at someone else. This kind of 'bitching' is not worthy to place
    in this discussion group.

    Rik
     
    Rik, Jul 1, 2004
    #4
  5. Fritz Wuehler

    Frode Guest

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    *Vanguard* wrote:
    >When has just the read and system file attributes together (or really
    >just the system file attribute alone) been sufficient to demarcate that
    >a file should not be moved by defragmentation? Maybe you meant to
    >mention the hidden file attribute.


    I was under the impression that +s was a marker to any program that the
    file's physical position was of importance. Granted, that's an assumption I
    made ages ago due to msdos.sys and io.sys being +s and placement sensitive
    iirc.

    I did a google to see if there was anything conclusive out there pertaining
    to moving files of certain attributes. Couldn't find anything real clear
    and official though. As far as I can tell there doesn't seem to be any
    combination of attributes interpreted as "do not move", but rather as "I'm
    hidden so if you mess with me I assume you know what you're doing".

    What I did notice is that hidden and system are listed as being treated the
    same in most places. "system and hidden files are not shown" "system and
    hidden files are not automatically copied" "system and hidden files are not
    replaced" etc.

    >for it that I can check. I thought only hidden-marked files were not
    >moved by default and you had to add other files to a list to not move
    >them


    In that case it still shouldn't have touched safeboot.fs. It's +rsh. The
    same as ntldr and ntdetect, other files I assume are rather sensitive to
    movement. My guess would be that speedisk ignores whatever flag or
    combination of flags supposedly ensuring a file's position, and instead
    relies on its own internal (outdated) list of files to skip.

    >For now, I'll just use the defragger that comes included in Windows XP.
    >And, yes, it can be scheduled by adding an event to run defrag.exe in
    >Task Scheduler. Sometime later I'll check out using Diskeeper or
    >PerfectDisk when I perchance have money to burn.


    My main beef with the built-in defragger is its performance. Both when it
    comes to speed and how well it defragments.

    - --
    Frode

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.1

    iQA/AwUBQOPmPeXlGBWTt1afEQJrhgCeIIKbdxh8lYjyuJZJE/trjRbYXHwAn2uh
    H5QddB0uadkE1bCFGrXqqoWJ
    =m6u6
    -----END PGP SIGNATURE-----
     
    Frode, Jul 1, 2004
    #5
  6. Fritz Wuehler

    Frode Guest

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    *Vanguard* wrote:
    >So, do YOU know if Speedisk supports ADS? I don't know if Speedisk
    >supports ADS and that's why I brought it up to find out if someone
    >REALLY knew for sure.


    You might have more luck with a separate thread. As is your query is
    "hidden" within a thread about SafeBoot. Albeit one briefly touching upon a
    speeddisk incompatability.


    - --
    Frode


    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.1

    iQA/AwUBQOUrseXlGBWTt1afEQInowCdEAO3IFGnGIxe0w8nk0Wpu82cnAwAn0Gb
    kGqtjvnfbNddW5lpRexwNcHi
    =PVeG
    -----END PGP SIGNATURE-----
     
    Frode, Jul 2, 2004
    #6
  7. Fritz Wuehler

    *Vanguard* Guest

    Frode said in news::
    >
    > You might have more luck with a separate thread. As is your query is
    > "hidden" within a thread about SafeBoot. Albeit one briefly touching
    > upon a speeddisk incompatability.


    I think I'll actually submit a tech request via Symantec's support site
    to see if they will address ADS in their anti-virus products (and see if
    it is a problem at all for Speed Disk along with how they handle files
    wholly contained with the MFT and if they move files *away* from around
    the MFT and pagefile to let them expand without fragmentation).

    So many of the tools included in Norton SystemWorks [Pro] have waned
    over time that they have been replaced with better tools of which many
    are free. GoBack won't chain whatever is in the MBR bootstrap code as
    does SafeBoot, I use a boot manager that uses the MBR, so GoBack cannot
    be used, plus backups (logical and physical) and System Restore pretty
    much obviates the need for GoBack. Symantec bought WinFax from Delrina,
    updated it twice, and then let it die. Speed Disk had the problems I've
    already mentioned. WipeDisk had to be run as an application with no
    context menu selection on a file or folder, and Eraser (free) does a
    better job. CleanSweep required you review what it would delete as some
    ..logs file were required for uninstalls plus it would scan first before
    you could even get to its settings (to not have it check within .zip
    files or check the zipping of old files), plus a crippled version of it
    is already included in Windows XP. Can't remember which tools, but they
    dropped some that I used to use (wasn't there a tool for touching a file
    to change its date that disappeared from Norton Utilities)? I don't
    need a Password Manager since I use an algorithm that is domain specific
    to let me remember my strong passwords; it takes me all of 2 attempts to
    get the right password depending on whether or not the domain permit
    non-alphanumeric characters in the password. I tested Ghost for 1-1/2
    months, had too many defects or deficiencies to list here (and with
    repeated and long discussions with Symantec), and stuck with DriveImage
    for personal use. WinDoctor would recommend the wrong action too often
    and was hazardous in the hands of other than a person well experienced
    in managing the registry and also required knowledge of how apps would
    use the registry, especially when under a different environment than
    under which WinDoctor was ran. Eventually everything usable in Norton
    SW got replaced with something better or safer so it got uninstalled. I
    drive a 12-year old car but the repairs are starting to occur too often
    so I'll have to move on. Same for Norton SW.

    If I was going to spend money again to get a defragger, I probably would
    lean towards Diskeeper or PerfectDisk (for which you can get demos of
    both for thorough testing) rather than Speed Disk. But by then the
    products might change enough and so might my needs or constraints.

    --
    ____________________________________________________________
    *** Post replies to newsgroup. Share with others.
    *** Email domain = ".com" *AND* append "=NEWS=" to Subject.
    ____________________________________________________________
     
    *Vanguard*, Jul 2, 2004
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. A.Melon
    Replies:
    8
    Views:
    585
  2. Guy Domville
    Replies:
    48
    Views:
    1,852
    Jim Watt
    Aug 3, 2004
  3. privacy.at Anonymous Remailer
    Replies:
    46
    Views:
    1,343
  4. Guest
    Replies:
    3
    Views:
    715
    Leythos
    Aug 4, 2004
  5. Anonymous Sender
    Replies:
    1
    Views:
    506
    PLONK
    Oct 6, 2004
Loading...

Share This Page