Wednesday, December 31, 2008

How to Erase a DVD Completely and Securely

If you have a RW DVD, there are utilities to erase it, or you can overwrite it with something. Like hard disks, there may still be magnetic traces. If your DVD is +-R, write once, you can't soft erase it.

The best so far is to get a DVD shredder. I opted a while ago for the paper only shredder because the cost didn't justify the number of discs I may have to shred in the future. Also, for paper you need those cross shredder that is a lot harder to put the pieces together. For DVD there's no such fine shredding. As long as you can see a piece of silvery metal, you may be able to recover a large chunk of data or video from it. Are they real in CSI?

I have seen the microwave destruction video, taking only 5 sec. But there is a danger of harming your microwave because of the electric sparks. And there is bad smell. The metallic disc broke down pretty evenly, but the fragments are still large.

Here's what I tried, which didn't work, and don't waste your time. With a small craft drill you can destroy the surface easily using the right sander tip. But it is only skin deep. I don't even think that the plastic layer was penetrated.

I used pure sulfuric acid, which didn't do a thing because of the plastic layer protection.

It dawn on me that I have a plumbing torch. I fired it up outdoors, but surprising the DVD's are very hard to die. The plastic doesn't melt away easily, and it didn't burn. You have to melt the plastic until the inner layers are exposed, then there's a little flame and no more.

Here's the result, before I cut them up and put it in the trash a few pieces per collection day. Now, the superior part, after the torch treatment, the discs are, similar to the surface of the French desert made using the same technique, very crispy. You can crumble the discs into very fine pieces with your fingers, or you can hammer them into powder.

Friday, December 26, 2008

Early spring cleaning: secure computer data

I tried to encrypt bank accounts on my laptop long ago. You wouldn't believe how many money went through the laptop. I used KeePass and TrueCrypt, but gave up, until now.

You can setup your laptop with whatever password you can create, BIOS, Windows Logon, and even the hard drive. But all are crackable.

KeePass is good, but it's standalone, not integrated with anything. You have to pull your password into the browser forms. It's not bad at all but I have alternatives.

I was using TrueCrypt for file encryption. But it was tedious on a file by file basis. You can use it to create a big encrypted drive too, but I don't trust it enough. And the backup is a problem.

Revisiting TrueCrypt again, I came across encrypting entire operating system, optionally hidden, may have a decoy too. I doubt how TC deal with it. On close look, TC decrypts on the fly, which explains it's capabilities. When you are reading a file, TC doesn't decrypt it into another file, but decrypt a portion of it at a time and hand it over to the application.

I was amazed to see how fast and painless it is to use TC. I encrypt the entire video, actually quite a lot of large video clips, and play it. You don't feel any difference with the encryption, and you don't need to wait for encryption, nor have to deal with which version of the file to keep.

So instead of dealing with passwords, I encrypt the entire profile of firefox, which allows you to specify where your profile should be. So whatever I do on the web is encrypted, history, bookmarks, passwords (now double encrypted), and everything except some extensions may put data outside of the profile directory. If the profile directory is not mounted as a drive, it's just an encrypted file with a code supposed to be unbreakable. When it's mounted, someone need to run some spyware to read the drive where my profile is, or to steal the TC password in memory, if they know I'm using TC. Keyloggers and screen capture spyware won't work because I don't type in passwords anymore.

You can encrypt the entire OS, but I'll settle with using only two different master passwords. One is the personal secrets password and one is the shared secrets password. The only difference is, you don't need to or don't want to give out the personal password even when you drop dead.

There are three types of secrets to encrypt. The first two corresponds with the two type of passwords. Being secrets, the data naturally have to be backup safely. The third type are personal secrets that don't need to be backup. You don't want others to know but you can recover the data in other ways other than backup.

The model of 2 password, 3 types of data is strange, but like bookmark, you can lost it with minor inconvenience, but you don't want others to know all your online activities, such as surfing at work. (In this case there are other logs on the company LAN but you can also bypass the company LAN.)

For each type of data, you can split them into TC drives suitable for backup. Since secrets don't change that often, some drives can be huge. Example, 4.7 GB size for DVD, or some other values customized for your online backup accounts. To backup, you just copy the 4.7 GB encrypted file into a DVD. To read, you just mount the encrypted file as a drive.

For the Firefox profile, a 200 to 500 MB file size is enough, which can be smaller. You can setup automatic backup just like any other files. Though the whole file is copied whenever you use FF. I only backup it up manually when I added new passwords. They are randomly generated, only stored in the FF password manager, and I couldn't recover it if the file get corrupted (or lost the master password for that matter).

You can still do daily incremental backup like ordinary files. But you have to do it when both the source drive and the backup drive is mounted. Once unmounted, they are just ordinary drives containing ordinary files to any application.

TC has one interesting option, to have hidden encryption. You can have two passwords to the same drive, one mounts you the outer files, and the other decrypt the hidden files. I am not sure if that's theoretically possible, as I read about it a while ago as the next big research topic, which is supposed to be difficult. But for ordinary people, if you give them a password, they will believe what they decrypt is all what you have. TC seem to claim that others cannot know the existence of hidden files. It will not be easy, but I'm not sure it's impossible.

How to fix Christmas Lights

When I hanged the Christmas lights early, a section didn't light up. Unlike previous years, there are no apparently faulty bulbs in the section. I searched the web for short cuts and I found it - beepers. Those electric current detectors that you are supposed to use before drilling anything on the walls.

I had one, but unfortunately it also detect metal at an right angle to the current detector. Basically it beeps all the time, with a lot of false positive and false negatives. But since I was well trained on this beeper, it wasn't difficult to find the faulty bulb. It's a lot faster than swapping the bulbs one by one.

Unfortunately, a neighbor's kid shake the lights after I hanged them, and turned off a whole segment. The beeper worked poorly when the lights are in place, because the bulbs aren't far apart enough, and you have little control of their position, such as next to some metals.

Also, as I found out later, when multiple bulbs are loose from their socket, it's a nightmare.

So I took out the good old multimeter. After some thought I found a way to do it, better than swapping bulbs, and better than beepers, unless your beeper is high quality and the light bulbs are not close together.

First, set the meter to >120V (or 240V), wear insulated glove if you need to. Took off the bulb in question from it's socket. Probe one contact in the socket, and probe one prong of the main plug to the whole light chain. There are only 4 possibilities, one will give you a reading if the socket and the chain up to the socket is normal. That's how to find faulty bulbs or lose sockets. You don't need to swap all the 4 possibilities. After you get the reading for a working socket, the probe on the main plug don't need to change, and the other probe just follow the direction of wiring.

You can also do a continuity test instead of a live test, but it's less fun without the bulbs lighting up. I can be more formal about it, but I doubt if there's anything to simplify, and that Christmas is already over.

Thursday, December 25, 2008

Early spring cleaning: videos

What started the early spring cleaning is the real mpeg4 codecs, and the death of analogue TV.

After dragging on for a couple of years, finally the real mpeg4 standard appears as H.264, the video and audio codecs are simply called advanced AVC and AAC, with the container file format mp4. Open source software are freely available. If future players will play only one standard, this is it. AVC is used for Blu-ray so it's future proof. AAC isn't, but used in ipods, so it's not going to go away. Unless you are making sound for movies, there's no point to use the new Dolby Digital standards, even if you can get hold of some software.

DVD will be around for a long time, but there's no point storing video in it. You can store a lot more files on it and play it on the computer, or send it to the digital TV.

It's a joy to to the spring cleaning. Home movies can be 5 times or more compressed than DVD, and 25 times smaller than DV from camcorders. You clean up and have a lot more spaces. I got my 320G hard disk because of the videos. Now I have space to play with a lot of other things, like operating systems and virtual machines.

I still have some valuable home movies in VHS-C tapes!!. They are the best, not because of the format, but they use big lenses back then on big machines. The camcorder broke down a long time ago. A few years after that, I realize that we cannot get back the quality without buying a new but old VHS-C camcorder. There are same version loaded on to VHS tapes, and we still have the VHS-C to VHS adapter that hopefully works.

Surprisingly, I just searched online and found that plenty of VHS-C camcorders still on sale, while I thought digital DV tapes are already obsolete.

Of course there are format conversion shops. Firstly, you shouldn't easily trust them. Historically at busy times such as Christmas, when you send your films to develop, it could be lost forever. And I listened to online forums too much, and I believed that you have to touch up the videos and use manual settings to get the best out of the videos. This is plain wrong for home movies and I should have picked the best format or best solution at the moment rather than waiting for the future.

I have both PAL and NTSC VHS library to covert. I brought a dual standard player for the purpose but other than one or two conversions, it's sitting on the garage. I also have a analog to digital box for capturing the video, but I used it for something else and it broke long ago.

I have a DV camcorder with an analog input, designed for people moving from analog to digital. I never did the conversion seriously because I usually ran out of DV tapes, and I was convinced that the DV standard is bad for converting to DVD directly without some sort of color space compensation. I hope it doesn't break down anytime soon, otherwise I have to buy a useless DV camcorder for the purpose. There used to be PC graphic cards capable of TV capture, which give you twice for the same money. But now it's worthless because analog TV is dead. Also, I never brought any graphics card anymore, all integrated, there's no need to unless you are a true gamer.

Now most of the library in in DV tapes. I didn't know how to deal with it before. Compress to DVD and it would have been playing in blu-ray discs for years to come. But I was let to believe that the conversion need some compensation on the color space. And I was let to believe that noisy home movies will benefit a lot from noise filtering and color adjustment before compression. After a couple of years staying in the garage, I don't believe in the crap anymore. Home movie is home movie, that's little you can do about it, and the quality doesn't matter that much, the content is. So I brought bigger and bigger hard drives, and I load DV tapes into it, because it's cheaper and more convenient than tapes.

The other reason I didn't convert DV is because of interleaving. I don't believe the free interleavers are good enough and I had a hard time picking the right one. Also, I believe interleaved source, if compressed to DVD, will look better in analog TV. On the other hand, I was more like to watch in the computer, where interleaved version is more appropriate, and more future proof. Mpeg4 standard such as Divx and Xvid offers so much more compression, and had stand alone players for it. I was so tempted but it turns out that blu-ray players don't support, only DVD.

I don't care to put clips in DVD anymore or blu-ray for that matter. The only function is to impress kids after their birthday party. I got Sony Scenarist and used it a lot, but all comes to nothing. Even the full features of a DVD is quite coomplex, and the software cost a lot. So I don't bother anymore. A clip is a clip no matter where you see it.

So the target is set. I hope to finish everything before the next decade! Hopefully the PAL & NTSC VHS player doesn't break down, now that they don't make it anymore. Same for my DV camcorder, which plays the DV and converts the VHS too. And I will be watching the price of VHS-C camcorders. If they ever drops down to $100, it's worthwhile to buy one instead of sending the tapes to conversion shops, if the tapes are still working. And if I have the money, the time, and the motivation. Watching time flying by isn't always a good thing.

Monday, December 1, 2008

Free Fast VPN Proxies

 Updates:Free Fast VPN proxies 2

Can it be true? OMG it is for now. Not only that, I can make up a chain as secure as JonDo and even more secure and a lot faster. I think this is because a lot of networks are blocking Social Networks and Youtube etc. Entrepreneurs raise to the occasion. I didn't know why I missed these last time I looked. I did find and tried a few that was bad.

The best seems to be Ultrasurf. I think it's designed for internet cafe in China. You plug in the USB drive, run ultrasurf, which will fire up Internet Explorer. When you quit IE, no trace will be left, it claims. You can use any browser and ultrasurf is just a proxy client. I used it a while back and it was perfect, but not as fast as now. Bandwidth is perhaps cheaper now, and now China is unblocking many sites, lightening the workload of this bypass servers. However, it has ties to Fulon Gong, and perhaps funded by it.

At the time I was using it, I felt the tiny program is untrustworthy, but not in a technical way. The home page is Chinese for example. I thought it could come and go as other tiny proxy servers, and that like many proxy servers, the aim may be just to collect data for sale. Now it seems to direct url's that don't seem safe, and cause conflict, such as utilities that flag ultrasurf as virus.

You can call it a VPN as it's an encrypted proxy. However, it just divert browser traffic. The encryption is claimed to be better than the industry, that is, better than the browser uses. So nobody can ear drop on your traffic, nobody knows what you surf, and the target sites don't know your identity. However, ultrasurf have everything in their server log. You don't know if there's any security risks because it's not open source. The performance is best and passed the test. You can watch a movie with encryption!

BTW I tried the gladder, a later software to bypass the Chinese Great Wall. But to my surprise, it's a transparent proxy, even though the traffic is encrypted. The only reason for that is to avoid spammers flooding to the server. But it's too risky to review your ID to the target sites.

The next best is Hotspot Shield. It calls itself a VPN, quite rightly so because it's not a proxy client like others at the application level. You don't even need to set your browser. The traffic in your network is diverted to the proxy server. You can make sure all other users in your home PC are proxified without doing anything themselves. When you launch Hotspot Shield, it forces to launch a browser, but once after that, you can close and fire other browsers at will.

Hotspot Shield is similar to Ultrasurf, passed the Hulu test, quite reliable so far. Again it's not open source. It's ad supported, but the top banner don't appear all the time. For example, you can watch Hulu move full screen. It's a little slower than ultrasurf at times, but still much faster than JonDo and TOR.

It's a true VPN because when you open a command prompt and run ipconfig, the external IP address is changed to a private one. I ran bittorent on it and works without modifying any setting! Another proof is that the download rate is slower by several times. It wouldn't matter when you are in no rush, an hour of download time and several hours don't matter that much. But the problem is that free VPN can't be reliable. When the server is busy, you are thrown out of the private network. So the download went much faster in the middle. You have to manually reconnect to the network.

So Hotspot VPN is only suitable for browsing. When the VPN is down there is no warning other than that the icon turn red - you are suddenly using your own IP without other warning. You have to reconnect again manually.

Another surprise is that I found lots of fast SSL CGI Proxy at FreeProxies. Many are SSL proxies. For the bad, they are the usual trouble makers, pop-ups, top banner ad that distracts, strip a lot of things and can't support a lot of things. It didn't pass the Hulu test but you can surf most other sites. And blockers can deal with the rest, only sacrificing some real estate at top of browser.

The good thing about CGI proxy is that you can chain it with the VPN proxies above, and even add it to JonDo and TOR. You can have one tab that is proxified and the other not. When the banner is at top, you know it's working. When you see the address starts with https, you know SSL is in effect.