Drive image, Disk image, Clones and Backups!

What is this all about?
In the computer world a drive image is a copy of the data on a hard drive. Sometimes called a disk image it is just ones and zeros. An exact copy including all the partition information, boot sectors, file allocation tables, operating system installation and application software. Similar to a disk clone which is just copying everything to another hard drive. The disk image has everything stuffed into a compressed file like a zip file without the dot zip extension. These image files tend to be rather large and are usually stored on another hard drive.

Relax lady, I'm just here for your Hard Drive!

That’s great but just about anything can be put into a zip file, good or bad. Any number of malware programs can be hidden in a zip file and your virus scan might not see them until it is decompressed. If there is some malware on the source machine, whether intentionally or not, it will most likely be in the zipped file too.

But if something worse happens and the system becomes unstable like a malware infection, drive failure or even from a failed upgrade or service pack installation the normal backup is just a small part of what you will need to get your system back up and running. With a cloned drive you just have to physically switch the failed drive out and replace it with the clone. But if, for example you get a new, blank or move to a larger hard drive then the image can be restored to the new drive. You will need a System Repair disk to restore the image. You can make one of these when you create the image.

Once you replace the failed drive with the clone or restored the system image you can start working again from the time you made the image. You don’t need to reinstall Windows or any of your programs. You won’t need to reactivate Windows either or mess with any of those mysterious product keys.

Modern hard drives
are much more reliable that they were twenty years ago but they are still one of the weakest components in your system. Eventually it will die. So that all your work doesn’t die along with it a disk image is a good idea.

Go back to the top

Apple vs. The FBI

This one was just unbelievable to me. In case you haven’t been watching the news lately a Federal Judge ordered Apple to create a software tool that would bypass security mechanisms in Apple’s software so that the FBI, (and anyone else who got the hands on this "tool") could perform what’s known as a bruteforce password attack to guess the password on the phone. The bruteforce attack is trying all sorts of passwords until you get the finally get the right one.

Here is how it works.

Starting with versions of its operating system released in 2014 and later, Apple uses two factors to secure and decrypt data on the phone;

1. The password the user chooses
2. A unique 256-bit AES secret key that’s embedded in the phone when it’s manufactured.

The user’s password gets “tangled” with the secret key to create a “passcode key” that both secures and unlocks data on the device. When the user enters the correct password, the phone performs a calculation that combines these two codes, and if the result is the correct passcode, the device and data are unlocked.

To prevent someone from brute-forcing the password, the device has a user-enabled function that limits the number of guesses someone can try before the passcode key gets erased. Although the data remains on the device, it cannot be decrypted and therefore becomes “permanently” inaccessible. This happens after 10 failed guesses, if the user has enabled the iPhone’s auto-erase feature

In addition to the auto-erase function, there’s another protection against brute force attacks: time delays. Each time a password is entered on the phone, it takes about 80 milliseconds for the system to process that password and determine if it’s correct. This helps prevent someone from quickly entering a new password to try again, because they can only guess a password every 80 milliseconds. Instead of being able to try hundreds or thousands of password guesses per second, the feds would only be able to try eight or nine per second. With all the possibilities that exist that could take a very long time.

The FBI wanted Apple to create a version of its software that eliminated these two protections. Apple told them no!

Now for a little reality

Number one, we proceed from a false premise. The iPhone is not impregnable, it’s not even close. It is slightly more secure than the Android devices and slightly less secure than the Windows phone but these and others including Symbian and Blackberry can be hacked!

And it is no secret either. Law enforcement, detectives and private investigators in this country and abroad do it every day. A whole industry exists to provide these services. A simple Google search for Mobile Device Forensics will provide enough research material to keep you reading for a week. The National Institute of Standards and Testing, (NIST) even has guidelines for testing and evaluating these tools.

Companies like Cellebrite, Teel Technologies, Phone Forensics, just to name a few. will provide you with the hardware, software, training to extract data and cloud based information from these devices. They will even provide the services and do it for you. Cellebrite, which has been in this business since 1999, even has a contract to provide their services to the FBI!

All it takes is money. OK so it takes a lot of money. You will have to buy upwards of twenty grand worth of equipment that is only good for one thing and goes obsolete faster than teenage fashions. Plus you will need considerable training on how to use this equipment. It isn’t what you would call intuitive or user friendly.

And if all else fails you could just get one of the previously mentioned companies to do it for you. They can provide you a full report of calls, texts, pictures, videos and more. Of course that will take even more money. But on a case like this that is nothing. The FBI reportedly spent over 1.3 million dollars in the fight against Apple. The cost of the equipment wouldn’t even pay for the lawyers bar tab.

What is wrong with these people? Particularly organizations like CNN, ABC, CBS, FoxNews and their “Investigative Reporters” who don’t seem aware of any of this. And then we have the idiot politicians who immediately jump and make demands. Vowing to defend one side or the other, (mostly the FBI) and issuing proclamations and making more demands.

And who is in charge at the FBI where the left hand doesn’t seem to know what the right hand is doing. The people who broke Watergate can’t seem to find a multibillion dollar industry right in their own back yard. Who, if anyone, is running these organizations?

And then at the last moment the FBI dropped the case. They finally got the information they needed and without any help from Apple. What took you guys so long?

I am not a big fan of Apple
but I am solidly behind them on this one. I may even go so far as to buy one of their overpriced toys just to help support them. It is Apple’s job to make the device as secure as they can. It is the job of others to crack that security.

The lesson in all of this is ...
...never put anything on your phone that you don’t want to share with ten million other people. Pictures, music, documents and personal information can be extracted if your phone gets into the wrong hands. And it seems that the people we trusted in the past are totally incompetent now. Once the data it is out there on the web there is no chance of pulling it back again!

And as always with any important data remember to make a back up!

Go back to the top