"security" prevents destruction of hard disks

Craig Carey snowfall at gmx.co.uk
Tue Aug 12 16:37:18 PDT 2003 


The sysinstall installer is able to delete most of a hard disk.

http://www.freebsd.org/cgi/query-pr.cgi?pr=i386/29375 [1 Aug 2001]
    "the disk editor used by /stand/sysinstall gets confused by
     slices that are not labelled in order and writes the
     partition table incorrectly."

http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/47384 [22 Jan 2003]
   "Machine has two disks, ad0 (existing 5.0 system) and da0 (scratch
   disk).  Selecting da0 as the target for 'partition' and then
   following that by the sequence 'label/distribution/commit'
   results in a wiped ad0."

For bug i386/29375 [disordered primary partitions], the bug is
outside of the "sysinstall" directory.

The i386/29375 bug report does not mention data loss but I guess
that is the bug that got a big fraction of one of my hard disks
a few years ago.

Now reasonably priced IDE hard disk is about 160GB in size. FreeBSD
can delete the data on that.

The OECD 1980 principles of the 'Guidelines on the Protection of Privacy
and Transborder Flows of Personal Data' (Paris, 1980) rule out the
loss of personal information in computers.

Here is that principle quoted:
>---------------------------------------------------------------------------
>| Security Safeguards Principle 
>|
>| 5. Personal data should be protected by reasonable security safeguards
>|  against such risks as loss or unauthorised access, destruction, use,
>|  modification or disclosure of data. 
>---------------------------------------------------------------------------
...
>A copy of the OECD Guidelines is here:
>
>http://www.anu.edu.au/people/Roger.Clarke/DV/OECDPs.html
>http://www.anu.edu.au/people/Roger.Clarke/DV/PaperOECD.html
>    (pages by Mr R. Clarke, Canberra)


FreeBSD seems to be have a mailing list

   FreeBSD Security Advisories <security-advisories at freebsd.org>

that is about attacks. The postmaster's (Mr Bresler's) attacks on the
public got me unsubscribed in Aug 2002. I never rejoined. It was a
list that was always indifferent to data loss.

Has FreeBSD embraced a defective unacceptable definition of the
idea of "security" ?. These attacks are basically undocumented and
there are basically no numbers available. Because of such an
onslaught of attacks against FreeBSD, seemingly all *@freebsd.org
addresses were having some of their e-mail secretly black=-hole
deleted in March and April 2002 but perhaps for senders having no
IP number for a very-wrongly LHS truncated hostname. There seemed
to be no way to get reasoning from the postmaster (Jon Bresler).
The expected bounce messages did not exist. It was all justified
as being due to security. It is probably hitting down those
innocent ISP in accordance with the hopes of the FreeBSD 'security'
officers.

Security of computers (at least in Europe) also embraces this idea

>Openness Principle 
>
>6. There should be a general policy of openness about developments,
> practices and policies with respect to personal data. Means should
> be readily available of establishing the existence and nature of
> personal data, and the main purposes of their use, as well as the
> identity and usual residence of the data controller. 

Is this correct: legal quality top filesystem programmers must be
careful to avoid using the word "security". H

Stopping probs from users and i-nets from influencing or knowing.
   
Big government agencies in a rush and hoping for a way to skip
checking FreeBSD, would want to look at the version rewrite of
security ideals of protecting the common person from the whole
gamut of problems that computers present, with some of the hardest
to correct being wrong decisions of security officials.





C Carey

Hitech controversially notes that the GPL allows high charges and
withholding for their Gcc-based C compiler:
   http://gcc.gnu.org/ml/gcc/2003-08/msg00731.html  12 Aug 2003

A FreeBSD project that aims to get the BSD code redesigned:

       http://www.dragonflybsd.org/

More information about the freebsd-fs mailing list