Friday, February 20, 2026

The age verification epidemic

Let’s take a look at Age Verification:

First: anyone can create a website. There is no license. No mandatory security certification. No universal encryption standard. Under age-verification mandates, any site can demand a government ID, a selfie, or biometric data in order to grant access. That includes incompetent operators. That includes data resellers. That includes sexual predators. If someone wants to harvest minors’ identity documents, these laws hand them legitimacy. “Upload your ID to continue.” That is not protection. That is structured data collection.

Second: this creates a data-retention epidemic. Every ID upload becomes another stored record. Every stored record becomes another breach target. Birthdates, driver’s licenses, and facial scans cannot be reset. When that data leaks — and it will — it persists. Expanding age verification multiplies permanent identity databases across thousands of private entities. The attack surface grows. The exposure grows. The risk grows.

Third: the blame shifting needs to stop. Large language models are not sentient. They are probabilistic systems — neural networks trained via gradient descent to optimize next-token prediction across weighted parameter matrices. They generate text by computing conditional probabilities. They do not understand meaning. They do not intend harm. When people claim an AI company is responsible for “leading” a child to harm, they are assigning agency to a tool that uses weights and measures to determine it's responses. There is no thought, it doesn't "understand" what it's saying, and it doesn't "know" anything. It's a machine that merely produces an algorithmic output. The misconception that there is any thought is all is a byproduct of anthropomorphizing and nothing more. If a child is unsupervised, isolated, and relying on a chatbot instead of a parent, that is not a parameter problem. That is a supervision problem.

Fourth: we already know how accountability works. School attendance is mandatory. If a child repeatedly skips school, responsibility falls on the guardian. Six strikes you go to jail if I remember correctly. There are escalating consequences. Phones belong to parents. Access is granted by parents. A strike-based enforcement model — similar in structure to truancy escalation — keeps responsibility where it belongs. Not on OpenAI. Not on Facebook. On the adult who handed over the device.

Fifth: devices should ship locked down by default. Child-protected mode out of the box. The parent explicitly unlocks higher tiers. The phone remains inspectable. Handing a child unrestricted internet access without structure is like handing over car keys without instruction. The answer is not forcing every website to collect ID. The answer is enforcing supervision at the device level.

Sixth: Websites can publish standardized content ratings — similar in concept to ESRB categories — in machine-readable metadata or an extended robots.txt declaration. The device, operating in parental control mode, reads that rating and enforces it locally. If a publisher lies, parents can see these sites visited by children, file a complaint which can be investigatedand sites with false or misleading ESRB or MPAA ratings can be held accountable. Sites with no rating can be blocked. The child does not upload a driver’s license to browse the web.

Seventh: where age thresholds truly matter, verification can happen on the device using cryptography instead of document storage. The operating system verifies age once. It then derives a salted hash representing an age condition, such as “age ≥ 13.” When a service requests proof, the device returns a signed attestation derived from that hash. The service verifies the signature against the OS’s public key. It never receives the birthdate. In more advanced designs, zero-knowledge proofs allow the device to mathematically prove the age condition without revealing any underlying data at all.

Advertisers can take a list of customer identifiers tied to a specific interest—such as emails or phone numbers—and run them through a one-way cryptographic hash function (for example, SHA-256). That process converts each identifier into a fixed-length hash value that cannot be reversed under normal conditions. The social media platform does the same thing independently with its own user database. Instead of exchanging raw personal data, both sides compare hashed values. Where the hashes match, they’ve identified the same person without either party disclosing the underlying identifier. This is called a hash "collision". The advertiser never sees the platform’s user data, and the platform never sees the advertiser’s original list.

An API can automate this matching process by accepting only hashed inputs and returning aggregated match results or audience segments. No plaintext identifiers are exposed, and no direct transfer of customer records occurs. The system relies on deterministic hashing—same input, same output—so matches are exact without revealing identity. When properly implemented with salting, secure transport, and strict access controls, this approach limits data exposure to mathematical fingerprints, not personal information, preserving privacy and enabling targeted ad delivery. These two mechanisms can be used to verify on device and similarly serve anonymous ads. No third-party database. No identity upload pipeline. No retention problem.

This model keeps eligibility proofs locally with on device parental controls and legislation. Age-verification mandates do not solve a parenting problem. They expand data collection, expand attack surfaces, and take control away from guardians. If child protection is the objective, then the solution is device-level defaults, ESRB-style content signaling, cryptographic on-device verification, and clear parental accountability with real consequences for repeated neglect.

Posted by at No comments:

Monday, February 2, 2026

We want our ICE crushed

The ICE problem mirrors 1990s Florida after Pablo Escobar was killed....


When Escobar died, a major power vacuum opened in the cocaine trade. The Ochoa organization moved in and aggressively expanded into Florida, using extreme violence to establish control and make it clear they were the new dominant force. The surge in drug trafficking and violence overwhelmed local law enforcement.
Because departments were understaffed and under pressure, hiring standards were repeatedly lowered. What had once been a requirement of two years without drug use was reduced to one year, then six months, then one month. At one point, the standard was so low that officers joked that if you weren’t high at that moment, you could qualify.

The result was not stability, but a second crisis: widespread corruption. Some officers began extorting drug dealers, participating in racketeering, and working with criminal networks. This period later became the basis for major federal investigations and popular films about police corruption in Florida.
The same structural failure is now playing out again. 

Immigration enforcement has been underfunded and overwhelmed for decades. To fill positions quickly, the bar for employment has been lowered and we are now accepting low quality applicants. When agencies prioritize speed over quality, they inevitably create a workforce that is harder to supervise, harder to reform, and far more vulnerable to corruption.

We are not just dealing with a few bad actors. We are dealing with the long-term consequences of a system that was underfunded and now trades standards for manpower.


Proposal: Community Work-Release Model for Immigration Detainees.


The Problem:

Immigration and Customs Enforcement (ICE) is overwhelmed and underfunded.
This has produced two systemic failures:
Lowered hiring standards for officers
Staffing shortages have forced faster hiring with reduced screening and training. This has increased:
  • Misconduct
  • Corruption risk
  • Use-of-force incidents
  • Operational failures
  • Extremely high detention costs
Non-violent immigration detainees often remain in custody 6–24 months while cases are processed, costing taxpayers tens of thousands of dollars per person per year.
At the same time, the U.S. already has a working model for managing large supervised populations: Department of Corrections work-release programs.

Core Idea:

Replace long-term ICE detention for non-violent, low-risk immigrants with a supervised community work-release system, modeled after DOC programs.

This would:
  • Reduce detention costs
  • Reduce pressure on ICE
  • Eliminate reliance on private prisons
  • Allow immigrants to support themselves
  • Recover government costs
  • Improve compliance and court appearance rates
Program Structure:

1. Eligibility:

Applies only to:
  • Non-violent immigration detainees
  • No serious criminal history
  • No violent or trafficking offenses
  • Passed risk screening
2. Housing Options:

Participants must live in one of two placements:

  • A. Family or sponsor housing, if a verified family member or sponsor exists.
  • B. Work-release housing: State-run or federally contracted facilities. Same structure as DOC halfway houses. No private for-profit prison operators.

3. Monitoring:

  • GPS ankle monitoring
  • Mandatory check-ins
  • Employment verification
  • Court date tracking
  • One supervising officer can manage 30–50 participants, reducing staffing burden.
4. Employment & Income Recovery:

Participants are legally allowed to work while cases are processed. Currently they are not, and instead are housed on the taxpayer dollar for 6 months up to several years while waiting for approval. Up to 50% of earned income is automatically allocated.
Allocation Purpose:
  • Legal processing
  • Immigration court costs
  • Housing costs
  • If in work-release facility
  • Supervision costs
  • Monitoring & case management
  • Personal savings
  • Remainder held for release or return
This mirrors DOC Legal Financial Obligations (LFO) systems.

5. Fiscal Benefits:

Eliminates long-term detention housing costs
Reduces officer staffing pressure
Generates revenue to fund:

  • Immigration courts
  • ICE staffing
  • Monitoring systems
  • Participants pay taxes while employed and contribute to local economies
6. Why Not Private Prisons?

Private detention facilities are driven by shareholder pressure, which historically leads to:

  • Understaffing
  • Reduced medical care
  • Food quality cuts
  • Safety failures
  • Abuse
Several facilities were shut down for these reasons.

A fully federal system avoids corruption but is prohibitively expensive to scale.
This proposal avoids both extremes by:

  • Using community placement
  • Existing DOC work-release infrastructure
  • Electronic monitoring instead of mass incarceration
Outcomes: 

  • Lower taxpayer costs
  • Reduced detention overcrowding
  • Fewer civil rights incidents
  • Better compliance with court orders
  • Revenue recovery for the immigration system
  • No expansion of private prison systems

This model treats immigration detention as a supervision and compliance issue, not a mass incarceration problem.
Posted by at No comments:

Sunday, February 1, 2026

From the King’s Courts to Modern Statutes: Why “Common Law” Arguments No Longer Work in the United States

1. What “Common Law” Actually Was

Common law originated in medieval England under the authority of the English Crown. It was not “natural law” and it was not universal law. It was judge-made law created by royal courts and enforced solely through the King’s authority.
After the Norman Conquest in 1066, English kings centralized judicial power. Courts such as the King’s Bench, Court of Common Pleas, and Exchequer developed binding rules based on precedent. These rules had force only because the Crown enforced them.
When the American colonies were formed, they adopted English common law only as a temporary legal framework until legislatures could enact statutes. Every U.S. state constitution contains language similar to: “The common law shall remain in force until altered or repealed by the legislature.” This makes clear that common law was never intended to be permanent.


2. How Common Law Was Replaced in the United States


After independence, the United States replaced judge-made common law with democratically enacted statutes. Today, legislatures write the law, courts interpret it, and police enforce it.
Once a statute governs a subject, any prior common-law rule in that area is legally displaced. Marriage, contracts, traffic laws, and most other legal relationships are now defined by statute. Common law survives only where no statute exists, which is now extremely rare.


3. The “Common Law Marriage” Myth


The claim that living together for seven years automatically creates a legal marriage is false. There is no federal common law marriage, and while a small number of states still recognize it, most have abolished it by statute.
Even in states that recognize it, cohabitation alone is not sufficient. The couple must prove mutual intent, public representation, and agreement to be married.
Child marriage is banned in 49 of 50 states, as all recognize the harm it causes. The remaining state has not formally banned it but does not permit the practice. The myth persists because people confuse outdated English doctrine with modern statutory family law.


4. The “Right to Travel” vs. Driving


The U.S. Supreme Court recognizes a constitutional right to interstate travel, meaning people may move freely between states. It does not mean a person may operate a motor vehicle on public roads without regulation.
All 50 states require a driver’s license to operate a motor vehicle. Courts have repeatedly upheld this because driving is legally classified as a regulated privilege, not a natural right. Vehicles are considered dangerous instrumentalities, and public roads are safety-regulated spaces. Licensing is therefore a legitimate exercise of state power. The “right to travel” does not override traffic laws.


5. The “Strawman” Argument: Why It Fails


The claim, “That name is a corporate strawman; I am not that entity,” has no basis in U.S. law. There is no statute recognizing a legal “strawman,” no supporting case law, and no court that has ever upheld the theory.
Courts uniformly treat this argument as frivolous and, in some cases, sanctionable. A person’s legal identity is established through birth records, Social Security registration, state records, and judicial recognition. Refusing to acknowledge that identity does not negate jurisdiction.


6. Why These Conflicts Keep Happening


At traffic stops, some individuals rely on internet misinformation and expect officers to “back down.” Officers are legally required to enforce statutory law, not debate theories.
In court, judges cannot consider arguments that have no legal foundation or that have already been rejected by appellate courts. This leads some people to believe courts are “ignoring the law,” when in reality, the law does not support the claims being made.


7. Where Education Is Failing


Many officers and judges simply dismiss these arguments without explaining why common law was replaced, why statutory law controls, or why “sovereign” claims are invalid. This lack of explanation leaves people believing the system is hiding something.
Clear, basic legal education would prevent roadside escalations, courtroom disruptions, frivolous filings, and wasted public resources.


8. The Current Legal Reality


The United States is governed by constitutions, statutes, regulations, and case law interpreting those statutes. Common law is used only when no statute exists, which is now almost never the case. Claims based on common-law supremacy, strawman identity, license exemptions, or jurisdiction denial have been fully superseded by democratically enacted law and no longer function as legal defenses.
Posted by at No comments:

Monday, February 5, 2024

A Comprehensive Guide to Troubleshooting Common Laptop Issues

Laptops have become an indispensable tool in our daily lives, and it's essential to keep them running smoothly. However, these devices are prone to various problems that can impact their performance and lifespan. In this comprehensive guide, we'll delve deeper into the most common laptop issues and provide practical solutions for troubleshooting and fixing them.


Slow Performance:

Slow performance is one of the most common laptop issues that users encounter. It can be caused by various factors such as a full hard drive, outdated software, or insufficient RAM. To fix this issue, you can start by closing any unused programs, uninstalling unnecessary software, and deleting files or programs that you no longer need. You can also consider upgrading your hardware, such as increasing your RAM or replacing your hard drive with a solid-state drive (SSD). Upgrading to an SSD can provide a significant performance boost as it has faster read and write speeds compared to traditional hard drives. By far the SSD upgrade is the single best and most effective way to speed up your laptop, PC, or game console for your money.

Overheating:

Overheating is a severe problem that can damage your laptop's hardware and reduce its lifespan. This issue can be caused by several factors such as dust buildup, blocked air vents, or a malfunctioning fan. To fix this issue, you can start by cleaning your laptop's air vents and fan using compressed air. You can also invest in a laptop cooling pad that can help to dissipate heat and keep your laptop cool although this fix is arguable not effective. We at Bits N Bytes have measured negligible effects of laptop cooling pads with fans with a temperature change of only 1-2 degrees. Additionally, avoid using your laptop on soft surfaces such as a bed or a pillow, as it can block the airflow and cause overheating. This happens more often that you might think and is a huge factor in overheating. If your system gets slow and laggy while your using it, move that blanket!

Battery Life:

A laptop's battery life is a crucial factor that determines its usability and portability. If you're constantly on the go, you need a laptop with a long-lasting battery. To improve your laptop's battery life, you can start by reducing the screen brightness and turning off any unnecessary features such as Bluetooth and Wi-Fi. You can also optimize your power settings and adjust your screen timeout settings. If your battery is no longer holding a charge, you can consider replacing it with a new one.

Wi-Fi Connectivity Issues:

Poor Wi-Fi connectivity is a frustrating issue that can disrupt your work or leisure activities. This issue can be caused by several factors such as outdated drivers, network congestion, or interference from other devices. To troubleshoot this issue, you can start by resetting your network settings and rebooting your router. You can also update your Wi-Fi drivers, move closer to the router, or use a Wi-Fi extender to boost the signal. Additionally, you can try using a different Wi-Fi network or connecting directly to the router using an Ethernet cable.

Broken Screen:

A broken laptop screen is a severe issue that can render your device unusable. This issue can be caused by physical damage or impact, such as dropping your laptop or placing heavy objects on it. If the damage is minor, you can consider replacing the screen yourself using a guide or tutorial. However, if the damage is severe, it's best to take your laptop to a professional for repairs. You can also prevent screen damage by using a protective case or screen protector.

Keyboard Problems:

Keyboard problems are another common issue that laptop users encounter. These issues can include non-responsive keys, sticky keys, or missing keys. To fix this issue, you can start by cleaning your keyboard using compressed air or a soft-bristled brush. You can also remove the keys and clean them individually, update your keyboard drivers, or replace the keyboard altogether. In addition to the suggested solutions, there are software solutions you can use to help resolve keyboard issues. You can use a keyboard cleaning program which will detect and remove stuck keys from your keyboard. You can also try a virtual keyboard, which will allow you to type with your mouse or trackpad instead of a physical keyboard. Furthermore, you can adjust the settings of your keyboard to customize the speed, sensitivity, and other functions.

Sound:

Sound problems are one of the most common laptop issues faced by users, and it can be a major frustration if you use your laptop for multimedia or video conferencing. Some common sound problems include distorted sound, no sound, or low volume. To fix these issues, you can start by checking your volume settings and making sure that they are not muted or set too low. You can also check your laptop's sound drivers and update them if necessary. If your laptop's sound is still not working correctly, you can try disabling any audio enhancements that may be interfering with your sound output. Some laptops come with built-in audio enhancement software, such as Dolby or Beats Audio, which can cause sound issues. Disabling these enhancements can often resolve the problem. If you're still experiencing sound issues, you can try checking your external speakers or headphones to make sure they are functioning correctly. You can also try connecting your laptop to a different audio source, such as a Bluetooth speaker or home theater system, to see if the issue is with your laptop's sound card or the external device. In some cases, sound problems can be caused by outdated or corrupted drivers. You can check your laptop's manufacturer website for the latest drivers and install them if necessary. Another option is to use the Windows Sound Troubleshooter, which can diagnose and fix common sound issues automatically. Sound problems are a common issue faced by laptop users, but most can be resolved with simple troubleshooting techniques. By checking your volume settings, updating your drivers, and disabling any audio enhancements, you can often fix sound problems quickly and easily. If the problem persists, you can try checking your external speakers, or using the Windows Sound Troubleshooter.

BIOS issues:

Your laptop's BIOS (Basic Input/Output System) is responsible for managing the communication between the operating system and the hardware. Issues with the BIOS can cause your laptop to malfunction or not boot up properly. There are a few steps you can take to try and resolve the problem. Resetting the BIOS to its default settings will usually fix any minor problems. Updating the BIOS to the latest version available can also help, as it may contain fixes or improvements that will address the issue you're experiencing. If the problem persists, you can try restoring the BIOS from a backup you made when the laptop was functioning properly. If all else fails, it's possible that the BIOS is defective and may need to be replaced.

Hard drive failure:

Hard drive failure can result in the loss of your important data and files. Signs of a failing hard drive include unusual noises, slow performance, frequent crashes, and errors when trying to access files. You can try backing up your data and replacing the hard drive with a new one. If the hard drive failure is severe, you may need to take your laptop to a professional for data recovery. Back up your data! Remember the rule: If your data does not exist in two or more places at once... it doesn't exist...

Malware and viruses:

Malware and viruses can cause your laptop to slow down, crash, or even steal your personal information. You can protect your laptop from malware and viruses by installing a reputable antivirus* software, running regular virus scans, avoiding suspicious websites and email attachments, and keeping your software up to date. Never ever ever click any email you did not specifically request or were not expecting no matter how tempting the subject line topic is. Don't even open it. Some malware can infect your machine just by opening it and processing the malformed images inside. Mark it as Phishing or Spam and get rid of it! -*Note that third party Anti Virus can actually present an attack surface for hackers with all the extra software which can actually introduce more bugs to the system. Yuk! It's a good idea to stick with the built in Windows Defender because it's just as good as any full featured AV solution and the best part is it's free!

Driver issues:

Drivers are software programs that enable your hardware to communicate with your operating system. Issues with drivers can cause your hardware to malfunction or not work at all. You can try updating your drivers to the latest version, rolling back to a previous version, or uninstalling and reinstalling the driver. This is especially important after a virus infection as it can leave the system in an unusable state. In this case it is better to re-install the entire Operating System from scratch rather than trust a recovered system after infection.

Display problems:

Your laptop's display can experience a range of issues, including flickering, distorted or no image, and resolution problems. You can try updating your graphics driver, adjusting your display settings, running a display troubleshooter, or connecting your laptop to an external monitor. If the display issues persist, you may need to replace your laptop's display panel or graphics card. You can also check the cables* connecting your laptop to the external monitor, and make sure they're properly plugged in. If the external monitor works but your laptop's display does not, it could be a sign of a hardware issue. In this case, you should consult a professional technician to diagnose and fix the problem. Lastly, do not adjust HDMI cables while when any device is plugged in! This is a hot 12 volt line and will destroy your TV or game console HDMI chips! Make sure your devices are fully off before moving or changing the plug in locations of your HDMI cables. More devices are sent in for repair due to making the mistake of plugging or unplugging live HDMI cables than any other.

Startup problems:

Startup problems can occur due to various reasons, such as software conflicts, corrupt operating system files, or hardware issues. You can try booting your laptop into safe mode, running a system restore, or repairing the operating system. If these steps do not resolve your startup issue, you can try to identify the software causing the issue by booting into safe mode and disabling any recently installed programs. Another potential cause of startup issues is corrupt system files. You can use a system restore point to restore your computer to a previous state, or you can run a scan to detect any corrupt files. Hardware issues can also cause startup problems. It is possible that your laptop is having trouble booting due to a faulty hard drive, RAM, or other components. In this case, you may need to replace the faulty hardware.


In conclusion, laptops can encounter various issues that can affect their performance and longevity. However, by following the solutions outlined in this guide, you can troubleshoot and fix most laptop issues quickly and effectively. Remember to take good care of your laptop by cleaning it regularly, updating your software and hardware, and handling it with care to ensure it serves you well for years to come.



For more help contact https://bitsnbytesrepair.com to get an estimate or fill out a Repair Request. Go to https://shopify.bitsnbytesrepair.com to get the tools you need, purchase solar products, or explore tactical gear!



We look forward to seeing you there!
Posted by at No comments:

Friday, January 14, 2022

Remove that annoying part of the filename!

First Example:

This will match your pattern in the filename, and is great for movie files. In the first case case I am locating the whole filename up to the "s" or "S" indicating the the season of the title (upper and lower case), and the first and second digit ranging from 1-9 in the next two positions. Then I am locating the "e" or "E" indicating the episode portion of the filename, again upper and lower case instances, then finally the last two numbers indicating the episode count. I then match everything after the episode count for removal, rename the file, but keep the extension.

Copy and paste the following into your Bash Terminal:
find /home/USER/Movies -type f -iname '*mp4' -execdir rename 's/(.*)([sS][0-9][0-9][eE][0-9][0-9])(.*)/\2.mp4/g' '{}' ';'
------------------------------------------------------------------------------------------------------------------------------

Second Example:

Copy and paste the following into your Bash Terminal:
find /home/USER/Movies -type f -iname '*mp4' -execdir rename 's/(.*)(ENTER_PATTERN_TO REMOVE_HERE)(.*)/\2.mp4/g' '{}' ';'

Synopsis:

The "find" command is started looking for the data type "file", and anything with "mp4" in the filename in the users "Movies" folder. Then the "rename" shell is started inside find. We then make things more complicated by adding a command called "sed" to start the pattern match for us piped into the rename shell. It looks like this: 's///g'. The "/s" starts sed, the second "/" divides the "find and replace" fields, or 's/find/replace/g', and the "/g" switch allows "global" filename changes rather than only matching the first instance. This means if there are parts of the filename which have the same pattern they all will be changed in the string. Groups are defined by the parentheses: opened with "(" and closed with ")". I created three groups as you can see above. Group 1 is "(.*)" matching all characters before the pattern. The second group is the pattern to be removed, and group three is everything after your pattern except the filename extension. Group 2 is removed from the filename in all places throughout the filename string, then the filename extension is preserved, and the find command continues to locate more files under this folder for this processs.

Remember to make a backup of your primary library, execute this command, and enjoy your newly renamed files! No need to worry about sub-folders. Just run the command as is, and it will look in all folders under your primary folder. If you have a problem, just comment below and I will respond:)

**NOTE: Be CAREFULL to change the both parts of the line that refer to the filename extention to match! If you are looking for .mp3 files there are two places you need to change the reference from "*mp4" to "*mp3" and again from "\2.mp4" to "\2.mp3".
Posted by at No comments:

Friday, May 7, 2021

256 Bit Encryption:

256 bit encryption at rest has: 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936 possibilities.. Think of it a a key to a door with 2^256 cuts along the blade or 1.1x10^77 combinations. That's 78 digits! If someone were to hack at a good password, with every single computer on earth, all at the same time, for 4 billion years, no computer or combination of computers on earth can break it.
Posted by at No comments:

Wednesday, October 14, 2020

Dban fact and fiction:

Dban-ing your data? Read this first!

Dban is "good enough" for most but remember a few things. It does NOT guarantee a complete wipe. Wiping fully 2x is sufficient for total destruction with a few exceptions. Wiping 32 x is a waste of time and this was an idea that came about because older hard drives "MFM" and "RLL" would vary their writing depth based on the frequency of the drive. This could change for several reasons causing the write to go "deeper" in the media and thus more writes could be required to remove the data or not at all in most cases. Guttman is a myth beyond this. The need for this many writes is not true with modern drives, as the way data is stored, and the relation to the depth of the write is no longer dependant on the frequency of the drives write head. However loud noises can cause data to be mis-written due to the vibration of the sound and this is important but I digress. More to the point is that 32x (or whatever) is useless. On MBR disks typically a "quick format" only writes bytes 447 to 512 on the media which destroys the table of "file" pointers to the data and actually leaves the data in tact. When creating a partition the first 0 to 446 bytes *(see note) are written (or overwritten) and this creates/destroys the old data stored there but only there. Both instances of these operations destroy the database(s) stored there but leave bytes 513 to the end of the disk in tact and can be recovered later with a skilled hand. Note this is a little different with the GPT tables but basically the same effect. Only a Full Format will destroy the data and 2 full formats just to be safe. Format with Random data in case you missed anything (*caused by a loud noise hence the 2x formating) which would stand out from the rest of the Zero's you just wrote to the drive. This way any data missed due to _error_ looks like the rest of the noise you wrote randomly.

*Note: This is a "quick" overview of this topic for the purposes of debunking the "Dban" utility as the final solution to data destruction, and is not meant to be exact in the description of other related bytes written to the disk during the formatting of the drive. So don't shoot the messenger.

The exceptions are: Bad sectors "G" list, Bad Sectors "P" list, Wear Leveling:

G list:
Bad sectors can happen at any time from the life of the drive to the death and all drive have 2 tables. This is important because Dban is useless in this case. Dban does not have a function in which it performs any kind of checking to be aware of the bad sector table and does not perform any data recovery and wiping. The Bad sectors are managed by the drives firmware and completely hidden from Dban thus if you have a fragment of a image you shouldn't let's say, and you Dban the drive in which _error_ correction was performed at ANY time by the SMART service on the drive, this sector could have been remapped, marked as bad and left fragments of the image on the sector. Ie. One byte of a 512 byte sector is bad so smart "relocates" or copies this data (or as much as it can read) to a new good sector, but because it can't write, it marks this sector as bad, updates the Bad Sector table, and goes about the day and you never see a thing. Note the rest of the 511 bytes are still there. Dban will skip these sectors. This specific list of Bad Sectors is grown while in use and is specifically known as the "Grown List" or G list.

P list:
There is another set of bad sector tables known as the "Permanent List" and this is the list the drive is mapped with from the factory and can never be changed as it is hard coded to the firmware. This list is created at manufacturer time and because no drive is perfect in manufacturing thus mapping the default bad sectors is necessary to allow the drive to pass testing and be ready to function before it is released to the distributor as a working drive.

Wear Leveling:
On ALL digital media there are limitation as to how many times you can write to the same spot before it burns out. This is because apparently when storing data on an SSD of Flash media of any kind it involves pushing an electron through a "substrate" and lodging it there, which is read later as having or not having a charge (short version). This process leaves a residue behind. The residue will accumulate causing a buildup and eventually be unable to push an electron through and thus a "bad" sector will happen. To prevent this there is e technology called "Wear Leveling". Wear leveling is a small piece of software which will randomly move the disk writes to to another location instead and update the File pointer table or File Allocation Table (FAT). The FAT is a database located at the first 447 to 512 bytes of the storage media which contains the name of the file and where the data associated with the filename is. Magnetic media does not use wear leveling because it can be written to indefinitely as long as there are no defects on the physical media and as explained before is uses the SMART software to update the "G" list if there is a problem. Wear leveling protects the longevity of writes to the drive in this fashion but never actually overwrites any data until all other available sectors are used and it must again (assuming the space is now empty) reuse the same spot. Rinse and repeat.

Conclusion:
To get around ALL of the problem associated with bad sector tables the only solution for total data destruction is not Dban, it is Full Disk Encryption deployed before you ever do ANYTHING else on the media. Full disk encryption is the ONLY way to secure your data from the life to the death of the device. Be careful that you select a sufficiently long password as you don't want a brute force attack to uncover your precious cat videos, and remember that if your disk is decrypted the record you have of "deleted" or "trashcan" files would then be recoverable. Wiping your "recycle bin" on an already Full Disk Encrypted device is a waste of time unless you are expecting to have you password breached, and don't want your deleted file recovered and that's just crazy talk. Don't be careless, use a good password when full disk encrypting and I recommend combining a security token such as RSA or a Yubikey that has no API for recovering the key once it has been written to the device with you current password to secure your data.

"Dban-ing" your data at that point won't matter.
Posted by at No comments:
Subscribe to: Comments (Atom)