Ubuntu – Securing SSH or OpenSSH

Background

Concern that having SSH/OpenSSH running with the default configuration (/etc/ssh/sshd_config) exposes an attack vector increasing the risk of Ubuntu being compromised.

Issue

The more externally available services running on a system, the greater the risk of attracting unwanted visitors. The default configuration of SSH is fairly flexible in order to accommodate most users, but the universal flexibility comes at the cost of security.

Solution

Four important modifications: change the port, use keys rather than passwords, disable password-based authentication, and disable root login. All of these modifications are made in the /etc/ssh/sshd_config file, as outlined below:
Change the default port from 22 to another port: Port 12345
Setup ssh keys for user accounts: Great guide
Disable password-based authentication for all accounts: PasswordAuthentication no
Disable root login access, or at least restrict root login access to key-based authentication: PermitRootLogin no

Sources

Disabling password-based authentication: http://www.linux.org/threads/how-to-force-ssh-login-via-public-key-authentication.4253/
Setting up ssh keys for user accounts: https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys–2
More options: https://help.ubuntu.com/community/SSH/OpenSSH/Configuring

Posted in Technology

Crashplan – Route over wlan on Linux

Background:

Have a faster internet connection over wlan0 than eth0. Prefer to route Crashplan backup traffic over wlan0 rather than the default eth0.

Challenge:

The Java GUI for Linux, doesn’t provide controls for selecting the network interface, although the Mac and Windows clients do.
Using the route command worked well for http traffic, but didn’t seem sufficient for directing Crashplan’s application traffic.

Solution:

Editing the Crashplan configuration xml files and specifically excluding the eth0 interface. A helpful utility to confirm traffic is flowing over the correct network interface is: iptraf. The exact lines to add into the configuration file, crashplan/conf/my.service.xml are below:

    <networkinterfacesexcluded>
      <patternlist>
        <windows></windows>
        <macintosh></macintosh>
        <linux>
          <pattern regex="eth0"></pattern>
        </linux>
        <solaris></solaris>
      </patternlist>
    </networkinterfacesexcluded>

Route commands that didn’t appear completely successful:

j@j:/etc/rc2.d$ sudo route add -net 216.17.8.0 netmask 255.255.255.0 gw <local gateway ip>
j@j:/etc/rc2.d$ sudo route add -net 38.81.66.0 netmask 255.255.255.0 <local gateway ip>
Posted in Technology

Cryptocurrency – Beginners Guide

Background:

In the Spring 2014 semester, I researched cryptocurrencies and created a beginners guide, under the direction of Professor Simon Johnson.

Outcome:

Attached (PDF): Beginners Guide to Cryptocurrencies

Posted in Consumer, Monetary Policy, Technology

Infographic – Concerns of threats around the world

Random assortment of infographics:

The infographic, as described below, shows countries color coded by the type of threat people worry about most.

pew-threats-2

Source: http://www.pewresearch.org/fact-tank/2014/10/16/what-is-the-greatest-threat-to-the-world-depends-on-where-you-live/

Posted in Infographics

Infographic – External sovereign defaults since 1800

Random assortment of infographics:

The infographic, as described below, shows a list of countries with the number of defaults mapped over a timeline indicating when the default occurred.

IMG_20140803_213256

Source: http://www.economist.com/blogs/graphicdetail/2014/07/daily-chart-23

Posted in Fiscal Policy, Infographics

Infographic – GDP of the US split in half and mapped to regions

Random assortment of Infographics:

The infographic, as described below, shows the GDP of the United Stats split in half, with each half mapped to a geographic region.

United States Economic Activity, Split in Half

Source: https://visual.ly/united-states-economic-activity-split-half?utm_source=visually_embed

Posted in Infographics

Infographic – Child Mortality Rates from 1751-2011

Random Assortment of Infographics:

The infographic, as described below, shows the number of children dying before the age of five, per 1,000 live births over the last ~260 years (1751-2011) in Sweden, UK, Germany, India, and Ghana.

IMG_20140802_214041

 

Source: http://www.ourworldindata.org/data/population-growth-vital-statistics/child-mortality/

Posted in Infographics

Infographic – Average number of hours per week spent on

Random Assortment of Infographics:

The below infographic, as titled, shows the average number of hours per week spent on various activities by Mothers and Fathers over the last ~45 years. The three main categories of activities are: child care, housework, and paid work. Mothers and Fathers are categorized as adults aged 18-64 with at least one child under 18 living in the household.

Source: http://www.economist.com/news/united-states/21608779-there-large-class-divide-how-americans-raise-their-children-rich-parents-can

Posted in Infographics

Sony Vaio Pro 13 Ultrabook – Audio over HDMI

Background:

Purchased a great Sony Vaio Pro 13 ultrabook with excellent hardware running Windows 8 and now updated to 8.1. The Intel® HD Graphics 4400 hardware controls the HDMI output and the audio over the HDMI output.

Issue:

Using the built-in HDMI output provides video, but no audio. Also, unable to locate audio options for HDMI in the Sound settings control panel of Windows 8.1. The Sony Vaio update tool confirms all the latest software drivers and other patches have been installed, but the issue of no audio over HDMI remains.

Solution:

After reading through many online posts and blog articles, the root cause appears to be related to the specific Intel Graphics Drivers being used by Sony on this specific model laptop. The Sony Vaio update tool confirmed that the Intel Graphics Drivers 10.18.10.3304 with a date of 9/9/2013 is the latest version. A community post on Sony’s forum shows that other people with a Sony Vaio Pro 13 laptop also experience no audio over HDMI, but they were able to resolve the issue by downloading updated Intel Graphics Drivers from a link on Sony’s web site: http://dlv.update.sony.net/pub/vaio/download/EP0000317186/EP0000317186.exe. The newer Intel Graphics Drivers are version 15.33.5.64.3316 with a date of 10/4/13.
After installing these “updated” Intel Graphics Drivers, I’m able to receive audio over the HDMI connection and I’m able to adjust that option in the Sound settings of the Windows 8.1 control panel.
The only potential concern might be that Sony does not provide future updates for the graphics drivers as my version might be out of sync with the version expected by the Sony Vaio update tool.

Sources:

Community post and thread on Sony’s forum
Alternative update drivers from Sony – untested

Posted in Consumer, Technology Tagged with: , , , , , ,

Ubuntu – VirtualBox Repository Configuration

Background

VirtualBox is a great product and has routine updates. Setting up the repositories for automatic updates and installs seemed to be more challenging than most other software packages.

Issue

Originally, after following the simple directions on VirtualBox’s web site, I received this error:

"Error: W: Failed to fetch http://download.virtualbox.org/virtualbox/debian/dists/precise/Release Unable to find expected entry 'contrib/source/Sources' in Release file (Wrong sources.list entry or malformed file)".

I read that by following VirtualBox’s directions, two resposities were added, one for software and one for source code, but as the source code isn’t distributed from Oracle in the respository, it should be disabled.
After disabling the respository, I still wasn’t seen the latest update and had to further research the issue.

Solution

I found the most comprehensive solution on a Ubuntu community page, which gave one long command that performs all the correct steps to properly setup the VirtualBox repository:

sudo sh -c "echo 'deb http://download.virtualbox.org/virtualbox/debian '$(lsb_release -cs)' contrib non-free' > /etc/apt/sources.list.d/virtualbox.list" && wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add - && sudo apt-get update && sudo apt-get install virtualbox-4.3 dkms

The above commands add the VirtualBox repository download link for the distribution’s specific name (lsb_release -cs) to virtualbox.list, then downloads the public key to verify the authenticity of the VirtualBox downloads, adds the key to local storage, refreshes the package list and installs the latest version of VirtualBox plus DKMS for keeping the modules updated.

Sources

Remove sources from repository list
Comprehensive solution
VirtualBox Directions

Posted in Technology

Chrome – Recently Visited Tabs Disappeared

Background:

Google Chrome is very good at maintaining a history of open tabs, which allows for a great multitasking web browsing experience.

Issue:

Since Chrome frequently and correctly restores tabs, many users might not realize a strong dependence on this feature until it breaks. Over the last three years, there have been only a few occasions when Chrome has crashed and wasn’t able to successfully restore the previously opened tabs. After building a dependence on always having the same tabs restored, suddenly not having access to these tabs can be devastating.

Solution:

Chrome stores the currently open tabs as well as the last session’s open tabs in a few important files labeled: Current Session and Current Tabs as well as Last Session and Last Tabs. On Ubuntu, these files are stored in the local user’s home directory.

~/.config/google-chrome/Default

If Chrome isn’t displaying the correct tabs from the last sessions, a quick fix is to rename Last Session and Last Tabs to Current Session and Current tabs, then restart Chrome.
If that quick fix doesn’t work, the issue might be more serious as Chrome only keeps track of the current session and one previous session. To extend the history, routine backups can be kept and these Session and Tabs files can be restored from a backup.

Posted in Consumer, Technology Tagged with: , , , , , , , ,

WordPress – Allowed Memory Size Exhausted

Background:

WordPress is a great blogging platform that has many powerful features. The hosting environment WordPress operates under can provide constraints and limitations.

Issue:

After upgrading a plugin for WordPress, I immediately encountered the error, “Fatal error: Allowed memory size of x bytes exhausted in…php on line x). All WordPress web pages would display the same fatal error.
A user might expect, that if WordPress is encountering a fatal error with a plugin, the plugin would be disabled. This process is not automated.

Solution – Short-term:

Disabling the WordPress plugin required manually editing the WordPress database and disabling all plugins. Under the table containing the name “options” and under the column named “option_name” with the value of “active_plugins”, I erased the option_value. The option_value contains a setting of which plugins are activated and which are not. By removing the values in option_value, all plugins will be disabled. This approach allows plugins to be re-activated one by one until the fatal error is encountering, thus allowing the troubling plugin to be identified.
MySQL database command to view the option_value:

SELECT * FROM `options` WHERE option_name='active_plugins'

MySQL database command to reset and disable all plugins:

UPDATE `options` SET `option_value`='' WHERE option_name='active_plugins'

Solution – Long-term:

WordPress is powered by PHP and hosting environments set limits on the amount of memory PHP can consume for each customer or instance. If WordPress is legitimately in need of more memory, it will be best to increase the PHP memory limit for the user or instance. The method of increasing the memory limit varies based on the way PHP has been configured on the server. Some common solutions are to add or edit a file called php.ini or php5.ini with a line, “memory_limit = 128M”. Common values for the memory limit include: 32M, 64M, and 128M.
For a shared hosting environment, the most reliable approach is to contact the system administrator.

Conclusion:

When encountering a fatal error involving memory consumption, a likely root cause could be a plugin. The easiest route to identify whether a plugin is the root cause is to disable all plugins. If disabling all the plugins resolves the memory exhaustion issue, re-enabling one-by-one will identify the offending plugin.

Sources:

Fatal error: Allowed memory size exhausted
How To Disable All WordPress Plugins From The Database?

Posted in Consumer, Technology

Dr Martens Great Customer Service

Background:

I’ve purchased and worn Dr. Martens shoes over the years as they’ve proven to be very durable. Although the prices are sometimes higher than other shoes, I’ve found that the shoes last for a long time. In addition, I found the soles provide excellent traction on slick and wet surfaces, as well as good traction on icy surfaces!

Issue:

During the winter of 2014 I had worn a pair of Dr. Martens that were a few years old, but in great shape. The shoes, by far, had the best traction in snow and ice. One morning, when I was putting on the shoes, I noticed the outside rubber of the soles from the toe to the middle of the foot was cracked, on both sides of the shoe and on both shoes. The crack was serious enough that a yellow material inside the sole was exposed and seemed impossible to easily mend. I was very surprised as I’ve never encountered this type of issue before and I’ve had various Dr. Martens shoes for many years and used them in many different climates.

Solution:

I reached out to Dr. Martens customer relations department via email, [email protected] I attached a few pictures of the issues with the shoes, as I found it hard to describe and hard to believe. They offered to inspect the shoes for manufacturer defects if I was willing to pay the shipping fees to send the shoes to Portland, OR. After paying roughly $25 for the proper sized box and shipping, I waited three weeks. I didn’t hear back from Dr. Martens until I found a box at my door. Inside was a pair of brand new shoes in the most similar style to my previous pair!

Conclusion:

Although the communication from Dr. Martens was minimal, I was very impressed to receive a brand new pair of Dr. Martens without any charge!

Posted in Consumer Tagged with: , ,

Android – Detect Root Access from inside an app

Background

Google Wallet used three methods to determine whether an Android device had root access configured. Google Wallet used to mark a device as “Unsupported” if root access was detected on the Android device. The code used to implement the root detection methods was reversed and posted here on pastebin.com.

Overview

Three methods were used:
1) Check if the “su” command was successful
2) Check if the file “/system/app/Superuser.apk” exists
3) Check if the system OS was built with test-keys
If any of these three methods were true, Google Wallet would mark the device as “Unsupported”.

Code Analysis

First method – Execute “su” command

The first method created an interface to the environment, where the app was running, through getting a singleton instance by invoking getRuntime() and passing the “su” command. If an IOException error was not encountered, the command was determined successful.

  private boolean canExecuteSuCommand()
  {
    try
    {
      Runtime.getRuntime().exec("su");
      i = 1;
      return i;
    }
    catch (IOException localIOException)
    {
      while (true)
        int i = 0;
    }
  }

Second method – Check for apk

The second method created an “abstract” representation of a file by using the absolute path and filename to the most popular Superuser application. A call would be made to this representation of the file to check whether the file exists. If the file exists, the command was determined successful.

  private boolean hasSuperuserApk()
  {
    return new File("/system/app/Superuser.apk").exists();
  }

Third method – OS built with test-keys

The third method would extract the operating system build information from a system properties file (/system/build.prop). The extracted build tags information was searched for the phrase “test-keys” and if “test-keys” was found in the build tags information, the command was determined successful.

  private boolean isTestKeyBuild()
  {
    String str = Build.TAGS;
    if ((str != null) && (str.contains("test-keys")));
    for (int i = 1; ; i = 0)
      return i;
  }

Summary method – Determine whether a device is rooted

The final method gathered the results from the prior three tests and if any of the three test results were successful, would return true, indicating the device is rooted.

  public boolean isRootedPhone()
  {
    int i = 0;
    if (!this.mClientConfigurationManager.getClientConfiguration().isRootedPhoneDetectionEnabled());
    while (true)
    {
      return i;
      if ((!isTestKeyBuild()) && (!hasSuperuserApk()) && (!canExecuteSuCommand()))
        continue;
      i = 1;
    }
  }
Posted in Technology Tagged with: , , ,

Android – Checking for Nexus 5 Availability

Saw a great GitHub Gist shared on twitter by @pof for using crontab and curl to check for the Google Play page of the Nexus 5. I added a few tips on getting everything setup for those who might not have postfix running or used crontab recently.

Everything is also on my Gist, which I forked from poliva and added the same tips in a comment: https://gist.github.com/joeykrim/fc0dd9f25dd4cfe55438

Setting up postfix to work with Google Apps: http://blog.bigdinosaur.org/postfix-gmail-and-you/

bash script forked from poliva:

#!/bin/bash
URL="https://play.google.com/store/devices/details?id=nexus_5_32gb"
EMAIL="[email protected]"
mkdir -p /tmp/googleplay/
rm /tmp/googleplay/after 2>/dev/null
mv /tmp/googleplay/now /tmp/googleplay/after 
curl "${URL}" -o /tmp/googleplay/now
len=`diff /tmp/googleplay/now /tmp/googleplay/after |wc -l`
if [ $len != 0 ]; then 
        echo "${URL}" > /tmp/content.txt
        cat /tmp/googleplay/now > /tmp/che.html
        /usr/bin/mutt -x -s "Nexus5 available on GooglePlay" -a \
                /tmp/che.html -- ${EMAIL} < /tmp/content.txt
fi

Setting the bash script as an executable for crontab: chmod +x nexus5.sh

Good guide on crontab: http://www.thegeekstuff.com/2009/06/15-practical-crontab-examples/
Use the following line for crontab to run the script every 5 minutes:

*/5 * * * * /home/mydirectory/nexus5.sh
Posted in Technology

DataTables – Default sorting by the table column header class name

DataTables is a jQuery Javascript library plug-in to convert static html tables (including dynamically generated) into dynamically viewable and sortable tables. The advantage to using this plug-in is that the end user is given control over viewing and sorting the information presented in a table.

There is one feature which I wanted to implement but had a difficult time finding the exact solution. I wanted to set the default sorting for one specific column. The function, aaSorting, handles this but requires the use of an integer indicating the location of the column header. The downside to using fixed integers is that if the column headers change at some future point, the sorting could break then requiring the fixed integer to be updated. Why can’t this be dynamic and rely on a class name for the column header, instead of a fixed integer?

The author of DataTables addresses this question and feature in a post, that also includes a work-around to accomplish setting the default sorting by using the table column header (th) class value. The author also posts a live example.

In the end, the workaround code is:

    "aaSorting": [[ $('#example thead th.default_sort').index('#example thead th'), 'asc' ]]
Posted in Technology

Top 15 U.S. Business School Rankings, Tuition Costs and Salaries Charts

The below charts are for the top 15 U.S. business school MBA programs based on an average of rankings from four sources: US News 2012, BusinessWeek 2012, Financial Times Global 2013, and the Economist 2012
For a more consolidated version, view the top 6 U.S. business school MBA programs.

Bar Chart showing the average ranking from four sources: US News 2012, BusinessWeek 2012, Financial Times Global 2013, and the Economist 2012 (lower is better)

Bar Chart showing the total expense for 2 years of tuition (in USD) using 2012-2013 data

Bar Chart showing the average 1st year salary (in USD) without bonus using 2012-2013 data

Bar Chart showing the revenue/expenses ratio. Revenue being defined as the 1st year salary without bonus. Expenses being defined as two years of tuition costs. The break-even point is 1. Values greater than 1 break-even after the first year of revenue. (Larger value is better)

Posted in Consumer

Top U.S. Business School Rankings, Tuition Costs and Salaries Charts

The below charts are for the top 6 U.S. business school MBA programs based on an average of rankings from four sources: US News 2012, BusinessWeek 2012, Financial Times Global 2013, and the Economist 2012
Top 15 U.S. business school data

Bar Chart showing the average ranking from four sources: US News 2012, BusinessWeek 2012, Financial Times Global 2013, and the Economist 2012 (lower is better)

Bar Chart showing the total expense for 2 years of tuition (in USD) using 2012-2013 data

Bar Chart showing the average 1st year salary (in USD) using 2012-2013 data

Bar Chart showing the revenue/expenses ratio. Revenue being defined as the 1st year salary without bonus. Expenses being defined as two years of tuition costs. The break-even point is 1. Values greater than 1 break-even after the first year of revenue. (Larger value is better)

Posted in Consumer Tagged with: , , , ,

Android – Google Play issue: “your device isn’t compatible with this version”

At some point in the last few months changes were made to either or both the ADT plugin for Eclipse and Google Play that rendered my most recent Android application updates “incompatible” with tablets.
After doing a bit of research, I was able to locate 3 items that after adjusting in my applications resolved the new “compatibility” issue with my applications distributed through Google Play on tablets.

1) I added the below lines to the AndroidManifest.xml file. The lines explicitly declare support for all screen sizes, especially the xlargeScreens for tablets.

<supports-screens
        android:smallScreens="true"
        android:normalScreens="true"
        android:largeScreens="true"
        android:xlargeScreens="true"></supports>

2) Adjusted the section of the AndroidManifest.xml file from:

<uses-sdk android:minSdkVersion="4" targetSdkVersion="8"/>

to

<uses-sdk android:minSdkVersion="4"/>

3) Ensured that there was a drawable-xhdpi folder under the res directory that at least had the Android application icon.

After making these three changes, Google Play restored “compatible” for my applications with tablets.

The most frustrating part of the experience is that Google Play gives no indication during the application upload and publishing process that it will prevent tablets from using the application.Due to this lack of transparency, the issue can’t be identified until the application update has already been published and made public for users on tablets.

Update on June 3rd 2013: For the next update to the applications, I might try adding back in the targetSdkVersion to see whether or not that impacts tablet support in Google Play. As mentioned in the comment below, and I do agree, that removing/adding targetSdkVersion shouldn’t impact tablet support.

Posted in Technology Tagged with: , , , , , ,

OCZ Vector 256GB SSD AES 256-bit Encryption Technical Details

After previously posting a summary of my research around the best options for a well priced high performance and secure 256GB SSD drive, I attempted to gather as much detail as possible around the encryption provided on the OCZ Vector 256GB drive.

The official documentation for the OCZ Vector 256GB drive used to state, “Data Encryption: 256-bit AES-compliant, ATA Security Mode Features”. This information has been removed within the last week and I inquired about this below. In addition, the previous official documentation was vague and didn’t provide much technical detail. With the help of Dr Charl Botha and his blog, SSDs with usable built-in hardware-based full disk encryption, I was able to hold a very technical conversation with an OCZ Technology Support representative, Eric Von Stwolinski, regarding the AES encryption implementation on the OCZ Vector 256GB drive.The full conversation is below.

In the end I’ve found the lack of technical details and current conflicting information to be confusing. The overall experience has been slightly frustrating as no definite conclusion can be drawn.
If you have any feedback or ideas, feel free to post them in the comments.

Apr 23rd, my original question:
“1. Does the encrypt its AES keys with the ATA password?
2. Is the ATA password stored as a non-reversible hash on the firmware?”

Apr 23rd, Eric Von Stwolinski:
“The drive does support 256-bit AES. It is enabled by setting an ATA level password.
Once a password is set the drive is completely inaccessible until the password is provided. There is no master password for the drive or any way to access the drive other than to supply the correct password once it is enabled.”

Apr 24th, my reply:
“Is the AES key, that is used to encrypt the data on the drive, encrypted using the ATA password?”

Apr 24th, Eric Von Stwolinski:
“It uses AES encryption, but this feature is enabled and used by setting the ATA password on the drive.

If no ATA password is on the drive then the AES encryption is inactive. Only when an ATA password is applied to the drive is the AES encryption used.”

Apr 24th, my reply:
“Unfortunately, your last response doesn’t directly answer my question. I’ll repeat and rephrase my question. Thanks for your assistance in clarifying this important point for me.
Repeat: ‘Is the AES key, that is used to encrypt the data on the drive, encrypted using the ATA password?’
Rephrase: I understand that the AES encryption is only activated once the ATA password has been applied. My question is about how the ATA password is applied in relation to specifically the AES encryption key. AES encryption requires a key to encrypt and decrypt the data. The handling of this AES key is the focus of my question. Is the AES key itself encrypted using the ATA password?”

Apr 25th, Eric Von Stwolinski:
“The ATA password is the AES key.
The key for AES is enabled, disabled, or set using the ATA level password function. If an ATA password is set then AES is enabled, and the key to unlock the drive is the ATA password.
This means the ATA password must be provided every time you want to access the drive or if you want to change/disable the password.
Any attempt to access the drive without providing the ATA password would require getting through AES 256 bit, which isn’t possible to do with currently existing computers.”

Apr 29th, Eric Von Stwolinski: “The notes about AES support are just on the product page for the Vector drive:
http://ocz.com/consumer/vector-7mm-sata-3-ssd”

Apr 29th, my reply: “Hi Eric,
I have two follow-up questions. I do appreciate your assistance is sorting the AES encryption on the OCZ Vector SSD!
1) The product detail page you linked is very vague only saying, “256-bit AES-compliant, ATA Security Mode Features”.
Is there a more detailed public resource that provides the same level of detail you’ve provided regarding the AES encryption key and relation with the ATA password?
2) Regarding your previous comment two responses ago, “The ATA password is the AES key.” If this is true, then changing the ATA password will change the AES key, since they are the same. The current data on the OCZ Vector SSD, which was encrypted with the prior key, can’t be decrypted with the new/changed key, rending the current data unreadable? To summarize, you’re saying if the ATA password is changed, the current data on the OCZ Vector SSD is lost?”

Apr 29th, Eric Von Stwolinski: “We have no further documentation about the drive’s security features. This is only a consumer grade drive. Our enterprise grade drives have much more documentation available. If you are looking for a high security drive I strongly recommend looking into an enterprise grade drive.
If you wish to destroy all information on the drive forever, that can be done using the secure erase function in the toolbox utility. This is the only way to reset and wipe the drive. A secure erased drive is not recoverable by any means.”

Apr 29th, my reply: “Hi Eric,
Thanks for clarifying the documentation. I’m still not clear on my previous follow-up question. I’ll rephrase and attempt to clarify.
Is it true that changing the ATA password will render the data on the drive unreadable or inaccessible?
This is based on your comment that the “ATA password is the AES key”. If this is true, changing the ATA password would change the AES key. Without the previous AES key (previous ATA password) that the data was encrypted with, the drive can’t decrypted the stored data.
Can you confirm that changing the ATA password makes all data, prior to the ATA password change, on the drive unreadable or inaccessible?”

Apr 30th, Eric Von Stwolinski: “Changing or removing a password will not wipe out all information on the drive. That can only be done by a secure erase using the toolbox.
Forgetting a password will render the drive inaccessible and all data is lost, but merely changing or removing the password (which requires that the correct password is first supplied) will not destroy any information on the drive.”

May 2nd, my reply: “Hi Eric,
Thanks for all the clarification and assistance. I was reviewing all the information you’ve provided and when I accessed the link you gave to the OCZ Vector Specifications page, http://ocz.com/consumer/vector-7mm-sata-3-ssd/specifications, I see the section that previously mentioned, “Data Encryption: 256-bit AES-compliant, ATA Security Mode Features” is no longer listed on the page. I can’t find any mention of AES-compliant or ATA Security Mode Features on the official page.
Can you confirm you aren’t able to view this on the official link you provided and help me understand why this was removed? Has official support for the 256-bit AES-compliant encryption and ATA security mode features been dropped?”

May 2nd, Eric Von Stwolinski: “I’m unsure why it was changed. It may have been changed due to firmware updates.
Please note that while the controller is capable of 256 AES, it is not intended to be a primary feature of the Vector drive.
Our enterprise grade drives are designed and built with a much wider range of features, including greatly increased write endurance as well as security and monitoring features.
http://ocz.com/enterprise”

Posted in Consumer, Technology