I have a RPC running RO 4.39 Adjust which is soon to go to a new home, and I'd like to reformat the HD before it goes to its new owner. Only problem is, I can't!
I've copied !HForm to floppy and booted off it (shift-boot). Then run it as *!hform. Although it runs, it fails to format the disc. I've tried v2.56 and v2.58 but both fail:
In 2.56, I take the default answers, choose F for format, S for short soak, Y for bootable and Y for long files. It tells me there's formatting in progress and a number increments to 19846 (= cylinders) but there's no disc activity. It then says "verifying ..." and, again, nothing. It just hangs.
In 2.58 I again take the default and choose similar to 2.56 (Format, Short soak, Bootable). In this case I'm reported with an error and the format fails: A disc error has occurred when attempting to format this disc (error code 2) process aborting ... 4 0 0 0 0 0 81
And that's it! Otherwise, the disc seems fine, in as much as I can boot off it and run applications, etc.
Any advice or suggestions (short of putting a hammer through it) are welcomed.
On 2-Nov-2009, posaune <posa...@rocketmail.com> wrote:
> I have a RPC running RO 4.39 Adjust which is soon to go to a new home, > and I'd like to reformat the HD before it goes to its new owner. Only > problem is, I can't!
> I've copied !HForm to floppy and booted off it (shift-boot). Then run > it as *!hform. Although it runs, it fails to format the disc. I've > tried v2.56 and v2.58 but both fail:
> In 2.56, I take the default answers, choose F for format, S for short > soak, Y for bootable and Y for long files. It tells me there's > formatting in progress and a number increments to 19846 (= cylinders) > but there's no disc activity. It then says "verifying ..." and, again, > nothing. It just hangs.
What exactly do you mean by 'just hangs'? If it's a large drive it could take a long time to verify, perhaps as much as an hour. I would recommend not using the verify in !HForm, just verify the drive from the desktop.
Also never choose 'Format'. It (effectively) does nothing and can take hours to do it. You just need to Initialise the drive.
> On 2-Nov-2009, posaune <posa...@rocketmail.com> wrote:
> > I have a RPC running RO 4.39 Adjust which is soon to go to a new home, > > and I'd like to reformat the HD before it goes to its new owner. Only > > problem is, I can't!
> > I've copied !HForm to floppy and booted off it (shift-boot). Then run > > it as *!hform. Although it runs, it fails to format the disc. I've > > tried v2.56 and v2.58 but both fail:
> > In 2.56, I take the default answers, choose F for format, S for short > > soak, Y for bootable and Y for long files. It tells me there's > > formatting in progress and a number increments to 19846 (= cylinders) > > but there's no disc activity. It then says "verifying ..." and, again, > > nothing. It just hangs.
> What exactly do you mean by 'just hangs'? If it's a large drive it could > take a long time to verify, perhaps as much as an hour. I would recommend > not using the verify in !HForm, just verify the drive from the desktop.
Hi,
The disc is a 10 Gb model on the internal IDE interface. It came ready- formatted from APDL, as I recall, so I've never had to format this particular drive before.
By "just hangs" I mean "does nothing I can detect". There is no activity from the disc light, nor any audible sound of activity from the drive. The "Verify ..." message stays on-screen without changing (I would assume, perhaps incorrectly, that there would be some indication of the progress of the verify).
The "format" stage actually does nothing at all to the disc; even though the numbers increment on-screen, after I reboot; the hard disc is still bootable and filled with my files.
> Also never choose 'Format'. It (effectively) does nothing and can take hours > to do it. You just need to Initialise the drive.
In message <6e5ebd5f-07c7-46ac-8eca-4a0729772...@m7g2000prd.googlegroups.com> posaune <posa...@rocketmail.com> wrote:
> On 2 Nov, 12:12, "David Holden" <Spam...@apdl.co.uk> wrote: [snip] > > Also never choose 'Format'. It (effectively) does nothing and can > > take hours to do it. You just need to Initialise the drive.
> Thanks, I'll try that instead.
> Thanks, > James
I think following the above advice should depend upon how sensitive your personal data is? Initialising a drive merely modifies the root directory entries without changing most of the data stored on the drive. Thus anyone who has access to the drive using a disk sector editor or equivalent can extract your old data.
For very sensitive data I would consider removing the drive completely and smashing it to pieces with a hammer. Alternatively for moderately sensitive data you might consider a low level format sufficient, or you could use an application like !Nuke to overwrite the disk.
Mike -- o/ \\ // |\ ,_ o Mike Clark <\__,\\ // __o | \ / /\, "A mountain climbing, cycling, skiing, "> || _`\<,_ |__\ \> | reader in immunology, antibody engineer and ` || (_)/ (_) | \corn computer user"
On 2-Nov-2009, posaune <posa...@rocketmail.com> wrote:
> The disc is a 10 Gb model on the internal IDE interface. It came ready- > formatted from APDL, as I recall, so I've never had to format this > particular drive before.
Then it must be pretty ancient. Probably made in the last century.
> By "just hangs" I mean "does nothing I can detect". There is no > activity from the disc light, nor any audible sound of activity from > the drive. The "Verify ..." message stays on-screen without changing > (I would assume, perhaps incorrectly, that there would be some > indication of the progress of the verify).
> The "format" stage actually does nothing at all to the disc; even > though the numbers increment on-screen, after I reboot; the hard disc > is still bootable and filled with my files.
That's what I said. You need to re-initialise it. Format does nothing, it'a a hangover from the days of stepper motors. The commands are ignored by all modern drives.
In article <af53f1b350.mrc7offl...@mrc7acorn1.path.cam.ac.uk>, Mike Clark
<m...@cam.ac.uk> wrote: > In message <6e5ebd5f-07c7-46ac-8eca-4a0729772...@m7g2000prd.googlegroups.com> > posaune <posa...@rocketmail.com> wrote: > > On 2 Nov, 12:12, "David Holden" <Spam...@apdl.co.uk> wrote: > [snip] > > > Also never choose 'Format'. It (effectively) does nothing and can > > > take hours to do it. You just need to Initialise the drive.
> > Thanks, I'll try that instead. > I think following the above advice should depend upon how sensitive your > personal data is?
[Snip]
I had rather wondered that myself. Just what sort of data is being held on a RPC that would need its total erasure by a reformat? Do purchasers of RPCs really go to all the considerable faff of trying to read deleted data? Somehow sledgehammers and walnuts come to mind.
I'd just delete your personal files - why make things hard for the new owner, unles you are going to replace !Boot and all the necessary proprietary software that may beneeded for any non-standard items you may have fitted?
Alan Calder <alan_cal...@o2.co.uk> wrote: > I had rather wondered that myself. Just what sort of data is being held on > a RPC that would need its total erasure by a reformat? Do purchasers of > RPCs really go to all the considerable faff of trying to read deleted data? > Somehow sledgehammers and walnuts come to mind.
Pop drive in USB caddy. Plug into Linux box.
dd if=/dev/sdX of=- | strings | less
Will show you all the text strings on the disc. Not a lot of faff involved, doesn't care what machine it came from. No doubt there's a nice Windows program to do this for you if you don't use Linux, and to poke around for useful words like 'bank' and 'password'.
In article <Miv*Vh...@news.chiark.greenend.org.uk>, Theo Markettos
<theom+n...@chiark.greenend.org.uk> wrote: > Alan Calder <alan_cal...@o2.co.uk> wrote: > > I had rather wondered that myself. Just what sort of data is being > > held on a RPC that would need its total erasure by a reformat? Do > > purchasers of RPCs really go to all the considerable faff of trying to > > read deleted data? Somehow sledgehammers and walnuts come to mind. > Pop drive in USB caddy. Plug into Linux box. > dd if=/dev/sdX of=- | strings | less > Will show you all the text strings on the disc. Not a lot of faff > involved, doesn't care what machine it came from. No doubt there's a > nice Windows program to do this for you if you don't use Linux, and to > poke around for useful words like 'bank' and 'password'.
All very true, Theo.
Still not convinced that purchasers of RPCs are actively seeking them out so that they can have an excuse for getting:
A Linux box A USB caddy Learn Linux to the level of putting in the string you quote
Or do the necessary on the Windows box.
I'd hope that people who buy RPCs actually have real lives!
Oh, and users of RPCs are sensible enough not to go putting their bank passwords in totally undisguised form on their computers! Perhaps an unfounded hope.
> Alan Calder <alan_cal...@o2.co.uk> wrote: > > I had rather wondered that myself. Just what sort of data is being > > held on a RPC that would need its total erasure by a reformat? Do > > purchasers of RPCs really go to all the considerable faff of trying > > to read deleted data? > > Somehow sledgehammers and walnuts come to mind.
> Pop drive in USB caddy. Plug into Linux box.
> dd if=/dev/sdX of=- | strings | less
> Will show you all the text strings on the disc. Not a lot of faff > involved, doesn't care what machine it came from. No doubt there's a nice > Windows program to do this for you if you don't use Linux, and to poke > around for useful words like 'bank' and 'password'.
> Theo
Yes judging by the number of discussions of which browsers work with which online banking facilities I would guess that a number of RISC OS users may have sensitive account details on their drives.
In addition over the years I and my colleagues have used Risc PCs to write reports for companies, to prepare patent applications, to keep business finance records, and to analyse and prepare data for publication which may include some patient or volunteer data.
RISC OS has and can be used for serious applications and such applications can often involve processing of sensitive data.
Mike -- o/ \\ // |\ ,_ o Mike Clark <\__,\\ // __o | \ / /\, "A mountain climbing, cycling, skiing, "> || _`\<,_ |__\ \> | reader in immunology, antibody engineer and ` || (_)/ (_) | \corn computer user"
On 2 Nov, 16:24, Theo Markettos <theom+n...@chiark.greenend.org.uk> wrote:
> Alan Calder <alan_cal...@o2.co.uk> wrote: > > I had rather wondered that myself. Just what sort of data is being held on > > a RPC that would need its total erasure by a reformat? Do purchasers of > > RPCs really go to all the considerable faff of trying to read deleted data? > > Somehow sledgehammers and walnuts come to mind.
> Pop drive in USB caddy. Plug into Linux box.
> dd if=/dev/sdX of=- | strings | less
> Will show you all the text strings on the disc. Not a lot of faff > involved, doesn't care what machine it came from. No doubt there's a nice > Windows program to do this for you if you don't use Linux, and to poke > around for useful words like 'bank' and 'password'.
I'm not sure that would show up anything exciting on my RPC; such passwords being held (or, more increasingly, forgotten) in my brain.
I'm going to have a play with Nuke (and friends) but am frustrated that HForm isn't working.
Perhaps it's trying to tell me it doesn't want to go to a new home.
On 2 Nov, 15:06, Mike Clark <m...@cam.ac.uk> wrote:
> Alternatively for moderately > sensitive data you might consider a low level format sufficient, or you > could use an application like !Nuke to overwrite the disk.
That's what I was trying ... and failing ... to do.
I had hoped / assumed that's with HForm's "F" option should (but doesn't) do.
In article <8373fab350.mrc7offl...@mrc7acorn1.path.cam.ac.uk>, Mike Clark
> > Alan Calder <alan_cal...@o2.co.uk> wrote: > > > I had rather wondered that myself. Just what sort of data is being > > > held on a RPC that would need its total erasure by a reformat? Do > > > purchasers of RPCs really go to all the considerable faff of trying > > > to read deleted data? Somehow sledgehammers and walnuts come to mind.
[Snip]
> Yes judging by the number of discussions of which browsers work with > which online banking facilities I would guess that a number of RISC OS > users may have sensitive account details on their drives.
I also hold such details on my hardisk but not in such a manner as to make them easily useable - you'd need to know a lot about my past life to make a guess that would work! Of course, it would be possible for someone to set a program running to try all possible permutations possible with the clues given but I'm not seriously worried by that. Anyway, if i was to give this machine away I'd alter and save the appropriate files a few times before deleting them to make it that much harder.
> RISC OS has and can be used for serious applications and such > applications can often involve processing of sensitive data.
Quite agree. In such cases serious attempts at wiping the disk would be a very good idea.
Alan Calder <alan_cal...@o2.co.uk> wrote: > All very true, Theo.
> Still not convinced that purchasers of RPCs are actively seeking them out > so that they can have an excuse for getting:
I agree, it's unlikely that people are specifically buying RPCs them for the purposes of poking around on the drives. But the problem is that once you've lost control of your data you have no idea what will happen to it.
For example: Someone buys RPC They decide to upgrade the hard drive They take out the old drive, and leave it at the tip/give it to a charity shop/sell it on eBay Someone malicious picks it up with the intent to poke around on it
The first you hear about it is when something goes wrong - your bank statement comes, someone publishes that embarassing picture, your competitor launches a product that looks quite similar to yours, the press print a story, you receive a blackmail threat. At that stage it's too late.
What's even more of a problem in data security is that it's easy to steal data without the owner being aware of it. For example, you leave your bag on the train containing a 50 pound note. When you recover your bag, the 50 pound note is still there so you know it hasn't been stolen. If you leave a USB stick on the train, you may recover the stick but you have no way to know if someone didn't steal a copy of the data while the bag was out of your sight. You've taken a risk but have no way of discovering the outcome.
> Oh, and users of RPCs are sensible enough not to go putting their bank > passwords in totally undisguised form on their computers! Perhaps an > unfounded hope.
Bank passwords are the most obvious example, but have you thought about any letters you might have sent containing your bank details (a credit card mail order purchase, for example)? Or emails where you signed up for some service and they mailed you a password reminder? Or personal correspondence which could be used to gather information to impersonate (or blackmail) you?
And the bad guy doesn't have to devise some way of extracting money (or some other benefit) from you directly - they can simply sell on the information to someone who can. There's a ready blackmarket for such details.
In message <50b3fe53f7alan_cal...@o2.co.uk> Alan Calder <alan_cal...@o2.co.uk> wrote:
> In article <8373fab350.mrc7offl...@mrc7acorn1.path.cam.ac.uk>, Mike Clark [snip] > > RISC OS has and can be used for serious applications and such > > applications can often involve processing of sensitive data.
> Quite agree. In such cases serious attempts at wiping the disk would be a > very good idea.
> I just felt that this wasn't such an instance.
> Cheers
> Alan
Even lists of 3rd party names and email addresses could be considered sensitive data that the average user might have on their computer. If you run a club or social group you might have even more information on 3rd parties on your disk.
Just as there are people who are prepared to sift through rubbish bins in order to find information about individuals to exploit. There are people who do similar things with computer hard drives. Many computers are dumped or sold on and eventually the hard drives might fall into the wrong hands. This could be overseas in the third world. The probability might be low, but it's probably non-zero.
You might be handing on the computer to someone you trust, but what if they in turn dispose of it, or hand it on to someone else, or it gets stolen?
Mike -- o/ \\ // |\ ,_ o Mike Clark <\__,\\ // __o | \ / /\, "A mountain climbing, cycling, skiing, "> || _`\<,_ |__\ \> | reader in immunology, antibody engineer and ` || (_)/ (_) | \corn computer user"
Alan Calder wrote: > I also hold such details on my hardisk but not in such a manner as to make > them easily useable - you'd need to know a lot about my past life to make a > guess that would work!
In article <Liv*OA...@news.chiark.greenend.org.uk>, Theo Markettos
<theom+n...@chiark.greenend.org.uk> wrote: > Alan Calder <alan_cal...@o2.co.uk> wrote: > > All very true, Theo.
> > Still not convinced that purchasers of RPCs are actively seeking them > > out so that they can have an excuse for getting:
[Snip]
> For example: Someone buys RPC They decide to upgrade the hard drive They > take out the old drive, and leave it at the tip/give it to a charity > shop/sell it on eBay Someone malicious picks it up with the intent to > poke around on it
I'm sure you're correct in theory. In practice I wonder if such a thing has ever happened - an old RISC OS drive picked up by somebody malicious and searched for data. I'd bet that even if it was attempted the first attempt to read that old small drive would be the last. The format wouldn't be recognised and they'd just abandon it and move on to something more profitable.
[Snip]
> > Oh, and users of RPCs are sensible enough not to go putting their bank > > passwords in totally undisguised form on their computers! Perhaps an > > unfounded hope. > Bank passwords are the most obvious example, but have you thought about > any letters you might have sent containing your bank details (a credit > card mail order purchase, for example)? Or emails where you signed up > for some service and they mailed you a password reminder? Or personal > correspondence which could be used to gather information to impersonate > (or blackmail) you?
Good luck to them if they can sort through old Impression files looking for bank card details! When did anybody last send such details through the post?
Yes, I've had password reminder details but these are always temporary ones and the first thing to do when you login again is to change the temporary password. The chance of there being anything they could use to blackmail me is vanishingly small - you must lead a more interesting life than me!
We'll have to agree to disagree. Certainly I recognise the possibilities but for private users who take the obvious precautions I don't really think there is anything to worry about.
> In message <6e5ebd5f-07c7-46ac-8eca-4a0729772...@m7g2000prd.googlegroups.com> > posaune <posa...@rocketmail.com> wrote:
> > On 2 Nov, 12:12, "David Holden" <Spam...@apdl.co.uk> wrote: > [snip] > > > Also never choose 'Format'. It (effectively) does nothing and can > > > take hours to do it. You just need to Initialise the drive.
> > Thanks, I'll try that instead.
> > Thanks, > > James
> I think following the above advice should depend upon how sensitive your > personal data is? Initialising a drive merely modifies the root > directory entries without changing most of the data stored on the drive. > Thus anyone who has access to the drive using a disk sector editor or > equivalent can extract your old data.
> For very sensitive data I would consider removing the drive completely > and smashing it to pieces with a hammer. Alternatively for moderately > sensitive data you might consider a low level format sufficient, or you > could use an application like !Nuke to overwrite the disk.
> Mike > -- > o/ \\ // |\ ,_ o Mike Clark > <\__,\\ // __o | \ / /\, "A mountain climbing, cycling, skiing, > "> || _`\<,_ |__\ \> | reader in immunology, antibody engineer and > ` || (_)/ (_) | \corn computer user"
Well... Smashing it to bits is a bit strong... If you have a PC with a floppy drive to hand, just download Darik's Boot & Nuke and write it to a handy HD (1.44MB) floppy, remove the PCs existing HDD and put the RISC PCs one in it's place. Then boot off this floppy drive. IT WILL PERFORM A DoD APPROVED WIPE OF DATA ON ALL DISKS IT FINDS SO MAKE SURE YOUR ACORN DRIVE IS THE ONLY DRIVE CONNECTED TO THE MACHINE BEFORE YOU BOOT OTHERWISE YOU'LL NUKE DATA ON THE PCs DRIVE TOO!!!!!
You can find the latest DBAN here. http://www.dban.org/download Alternatively, I can provide a freeware floppy image writer for Windoze and a disk image by e-mail if you get back to me.
Alan Calder <alan_cal...@o2.co.uk> wrote: > I'm sure you're correct in theory. In practice I wonder if such a > thing has ever happened - an old RISC OS drive picked up by somebody > malicious and searched for data. I'd bet that even if it was > attempted the first attempt to read that old small drive would be the > last. The format wouldn't be recognised and they'd just abandon it > and move on to something more profitable.
If I were into this business, I'd buy hard drives off eBay, and just plug them into a PC doing precisely what Theo suggested, a dozen drives at a time, with some data mining and guess work on the strings that came out of it. It's not only simpler, but it has the advantages that it can handle deleted files and esoteric file system formats.
If I've thought of it, somebody else is already doing it.
> Good luck to them if they can sort through old Impression files > looking for bank card details! When did anybody last send such > details through the post?
It's easy. They'll almost certainly appear in plain text in the file, as a string of the right number of digits, with a month/date combination near by. Easy to pragmatically search for, with no understanding of the file format.
Gazza <use...@garethlock.com> wrote: > Well... Smashing it to bits is a bit strong...
It's what I do. Wouldn't do it any other way.
> If you have a PC with a > floppy drive to hand, just download Darik's Boot & Nuke and write it > to a handy HD (1.44MB) floppy, remove the PCs existing HDD and put the > RISC PCs one in it's place. Then boot off this floppy drive. IT WILL > PERFORM A DoD APPROVED WIPE OF DATA ON ALL DISKS IT FINDS SO MAKE SURE > YOUR ACORN DRIVE IS THE ONLY DRIVE CONNECTED TO THE MACHINE BEFORE YOU > BOOT OTHERWISE YOU'LL NUKE DATA ON THE PCs DRIVE TOO!!!!!
One exclamation mark is usually sufficient. Note that it is not a DoD-approved wipe, it is a DoD-suggested one. Additionally, this also isn't 100% safe, due to modern drives having spare sectors to move things to when things don't go to plan. The number of spares varies from 10% to as much as 50%, and your DoD-suggested wipe won't touch them. Modern DBANs have a feature to get the drive to wipe these, but the reliability of the ATA command to do this is vague at best.
Smash it with a hammer, put it in a microwave you don't care about, put it in an industrial shredder, etc.
On 2 Nov, 10:50, posaune <posa...@rocketmail.com> wrote:
> I've copied !HForm to floppy and booted off it (shift-boot). Then run > it as *!hform. Although it runs, it fails to format the disc. I've > tried v2.56 and v2.58 but both fail:
I've gone for plan B.
Delete all the files through the filer and then use Nuke to scrub all free space.
Alan Calder <alan_cal...@o2.co.uk> wrote: > In article <Liv*OA...@news.chiark.greenend.org.uk>, Theo Markettos > <theom+n...@chiark.greenend.org.uk> wrote:
[...]
> > For example: Someone buys RPC They decide to upgrade the hard drive They > > take out the old drive, and leave it at the tip/give it to a charity > > shop/sell it on eBay Someone malicious picks it up with the intent to > > poke around on it > I'm sure you're correct in theory.
Theo's not correct in theory, he's just correct.
> In practice I wonder if such a thing has ever happened - an old RISC OS > drive picked up by somebody malicious and searched for data. I'd bet that > even if it was attempted the first attempt to read that old small drive > would be the last. The format wouldn't be recognised and they'd just > abandon it and move on to something more profitable.
A string of binary digits is a string of binary digits, no matter what the format of the drive, or the specific file format of the data those binary digits combine to form - and that's all "they" are likely to be looking at and analysing.
> Alan Calder <alan_cal...@o2.co.uk> wrote: > > In article <Liv*OA...@news.chiark.greenend.org.uk>, Theo Markettos > > <theom+n...@chiark.greenend.org.uk> wrote:
> [...]
> > > For example: Someone buys RPC They decide to upgrade the hard drive They > > > take out the old drive, and leave it at the tip/give it to a charity > > > shop/sell it on eBay Someone malicious picks it up with the intent to > > > poke around on it > > I'm sure you're correct in theory.
> Theo's not correct in theory, he's just correct.
> > In practice I wonder if such a thing has ever happened - an old RISC OS > > drive picked up by somebody malicious and searched for data. I'd bet that > > even if it was attempted the first attempt to read that old small drive > > would be the last. The format wouldn't be recognised and they'd just > > abandon it and move on to something more profitable.
> A string of binary digits is a string of binary digits, no matter what the > format of the drive, or the specific file format of the data those binary > digits combine to form - and that's all "they" are likely to be looking at > and analysing.
> -- > Vince M Hudd > Soft Rock Software
I can verify this... When I first obtained my A7000+, I had to put a re-furbished 20GB drive from the club's "wiped" stock. It had our green label on it saying that it had passed wipe, though with a little help from !Zap and a simple string filter I knocked up in BASIC, I managed to pull a WinXP boot sector and some other text strings off the drive. Seems that this one never got wiped. I can confirm that DBAN works though, because on inspection of another drive that I personally HAD wiped, I could get nothing but random garbage, which is what DBAN writes to the drive on the last pass.
Vince M Hudd wrote: > Alan Calder <alan_cal...@o2.co.uk> wrote: >> In article <Liv*OA...@news.chiark.greenend.org.uk>, Theo Markettos >> <theom+n...@chiark.greenend.org.uk> wrote:
> [...]
>>> For example: Someone buys RPC They decide to upgrade the hard drive They >>> take out the old drive, and leave it at the tip/give it to a charity >>> shop/sell it on eBay Someone malicious picks it up with the intent to >>> poke around on it
>> I'm sure you're correct in theory.
> Theo's not correct in theory, he's just correct.
>> In practice I wonder if such a thing has ever happened - an old RISC OS >> drive picked up by somebody malicious and searched for data. I'd bet that >> even if it was attempted the first attempt to read that old small drive >> would be the last. The format wouldn't be recognised and they'd just >> abandon it and move on to something more profitable.
> A string of binary digits is a string of binary digits, no matter what the > format of the drive, or the specific file format of the data those binary > digits combine to form - and that's all "they" are likely to be looking at > and analysing.
It is easier to extract whole files on a FileCore format drive because it makes a much better job of keeping the drive defragmented than most other systems, so the file will usually be contiguous on the drive, rather than lots of small pieces which are much harder to find and reassemble.
|
