WeekEnd Feature: Who's looking over your shoulder?

by Ian Thompson, CCSP Staff Editor
June 5, 2004

Okay, so you're working alone in an empty room. You know full well that things are under control; you have the place locked, you've taken a regular backup of your vital work, and no one is actually looking over your shoulder at this time. Is that enough? Or is there a dangerous assumption being made here? Do you know where your work is kept?

Way back in the mists of time (erm, January 2004, when I wrote the first article actually) I went through the ever-increasing volume of data storage needed to complete a backup of work. This not only had implications for my employer, but for my own purposes as well. Work had slightly more resources available, where we installed fully redundant mirrored servers, each with RAID-5 arrays. Backups are taken each night across the newly upgraded network, from the main file store to the mirror. In addition, a tape backup system is also used. Our facilities also allow us to take CD and DVD backups, though these are obviously of a lower capacity.

At home, I tend to rely on Zip drives, with CDR for occasional archiving of the more vital stuff, like accounts records and old email archives - you don't know just how picky the UK tax service can be!

The problem with CD-ROMs…
One thing to remember is that most of us still use a mixture of magnetic and optical storage. Magnetic includes the good old floppy disk, hard drives and high capacity removable devices like Zip, Jazz and all forms of tape (analogue, DAT or whatever). These are normally prone to data corruption in the presence of strong magnetic fields that realign the molecules on the surface of the disk in some other way than the drive originally wrote.

Optical drives like CD ROMs, on the other hand, use laser light to burn a digital code into sensitive layers within the structure of the disk. They are more resilient, and certainly are not bothered by magnetism so much.

This, though, leads to one problem. What do you do with optical media once the data has been made obsolete, or is just plain wrong?

You see, with magnetic media, standing the tapes in a very strong magnetic field is enough to make the drive fail to read. Bulk tape erasers have used this feature for years now - pop in a box of old backups, set the dial, light the light and five minutes later your media is wiped clean of your data. All very much like a microwave oven really. Okay, so if someone was really bothered, they might be able to recover some data, using very advanced means to reconstruct the media surface, but there are ways to avoid that. Data scrubbing software uses a technique of over-writing the storage areas with random junk. The bulk eraser can be set to a longer time (though too much might make the media unusable - not so good if you merely wanted to reuse them later).

Of course, the most obvious block on preventing someone else from simply picking up your tape and making off with it lies in the fact that most PCs are not fitted with a tape drive, let alone one that is compatible with your format of tape. Most tape drives use pretty near to proprietary format cartridges - you'll not get an Ecrix VXA tape to load in an OnStream ADR drive.

So, one of the apparent disadvantages of magnetic media might turn out to be an advantage.

Go on then, what's the real problem with CD-ROMs…?
Optical formats are designed to last. The original proud boast was that data is practically indestructible and will last practically forever. Both of those claims are now no longer made because they've proved false - mainly because 'forever' is an awfully long time, and we now accept 30 or so years. Apart from that meaning that I've been around longer than forever, there are a few things to realise…

Firstly, how many of you have suffered the dreaded 'Buffer underrun' error? The drive's busying away, writing to your blank CD, when suddenly the data rate drops, the drive's limited buffer space is soon used up, and you get a gap in the recording. This means a break in the flow of data (that should be continuous), and a subsequently unusable (or at best a very nearly unusable) disk. Dead CDR; dispose of it please.

Secondly, have any of you suffered from the changes made in a software upgrade? Tape drives are normally only accessed through specific software utilities, but generally speaking that sort of stuff usually remains faithful to the drive throughout its life.

This harks back to another article, doesn't it? For example, most office software recognises a piece of work created in is predecessor and can convert this, but (perhaps not surprisingly) the older version can't manage to deal with the newer formats. You may have a backup up your system, but can the backup be read on the newer servers - given that they should generally last 5-8 years before being replaced.

So, magnetic storage (Zip drives, floppies or hard drives) should never be placed in a magnetic field, which is why the various bits of a PC system (wherever they have big RF generators) are shielded. Simply storing good ol' magnetic media near to the PC monitor (if it’s a CRT type - doesn't work with LCDs) will be enough to cause the media to fail to write.

Oscar the Grouch
Ever heard of 'trash-canning'? It's the delicate and often stomach-turning activity used by celebrity-following hacks to find old receipts, guarantee details, personal stuff that should really be more carefully dispose of, by sifting through their garbage.

In this day of identity theft, fraud and so much more, many more people are finding that their details and private information is being lifted from the stuff they discard. The more aware of us will have had our new best-friend, MR shredder, working for some years now. I use this to shred old bank ATM or shop credit receipts into tiny 3.5mm wide strips, the resulting confetti being very difficult to reconstruct.

However, this physical method can also be applied to electronic data.

I recently spotted a desktop shredder that could handle about 30 pages of A4 in a single mouthful. What made it special was that it's also able to dealt with old CDRs - one at a time, the data will be crunched down into thin strips and cut to a limited length. A true jigsaw puzzle, but it doesn't have a box-lid picture to get started, so I guess that more skill is needed so that even the basics can be recreated.

Who wants to live forever?
Then there are the perils of upgrading again… for example I have recently regained the use of the Microsoft Briefcase tool, which I had attributed to a software upgrade. A further upgrade later and I have the tool back in working order, but it gives us cause to consider this:

Books have been around for centuries. The user interface is easy to learn and is also quite intuitive. The method of encoding is weak, so that even the lowliest attempt at cracking it usually works.

Electronic media has only been around for 30-40 years. In that time, computers have grown, not just in hardware capacity, but in the software that they use - including the OS. A fine piece of work such as the BBC's attempt at recreating the Doomsday Book, which was only ever released in quantity through schools and libraries, is now inaccessible because there is no possible way of hooking up the older laser disk format disk drive to a modern PC. It will die at the same time that the last of the laser disk drives fall out of use. The same goes for the old 3-inch floppy format, versions of which needed to be turned over to access Side B once Side A had been filled

So the summary is this: If you want to keep your info safe, for ever, in a method that anyone can have a go at reading, deliver it in a book..

If, on the other had, you could risk the electronic method for speed, convenience and so on, but the downside is that the format may die a death - you'd need to recreate the backup every 10 years.

And you need to dispose of older CD-R's in a much more secure way than just binning them!


by Ian Thompson ComputerCops Staff Editor

Ian Thompson is a Network Manager of a 500-PC, 9-server, 1700-user school network and is an ICT teacher at a UK high school near the city of Leeds. He has written articles for the Hutchinson Encyclopedia, plus many resources in support of teaching ICT in the UK schools' National Curriculum.

Copyright © Ian Thompson All Rights Reserved 2004.