miskiPhone owners say the latest iOS update is resurfacing deleted nudes
mojo_raisinNothing sinister, we just don’t delete what we say we delete. Instead we keep it in your profile to feed the algorithms and set the “deleted” flag to make you think it’s gone.
Simon MüllerI mean, to be completely fair, that’s how data storage works.
We cannot really just make data disappear, so we let it get overwritten instead
ForesterProper deletion should include writing all 1s or all zeroes to the block but y’all be lazy as fuck.
Nitpick: it should be fuzzed with random 0s and 1s.
I’m not an expert, but wouldn’t proper deletion be writing random ones and zeroes to the block?
I don’t think it’s been shown to make a difference.
It certainly feels more deleted…
It was sort of true in the past, but not anymore. I think writing random data once is probably fine, even for most state level actors.
Why is writing zeros (or random data) over a hard drive multiple times better than just doing it once?
Lots of different programs, such as Darik's Boot and Nuke, let you write over a hard drive multiple times under the guise of it being more secure than just doing it once. Why?
That just makes no sense to do, modern storage is write limited. As long as you used encryption the old bits mean nothing to anyone but you.
SSDs are. Big storage is not using SSDs.
yeah cuz for normal, day-to-day use that’s exponentially slower the more you’re deleting
You can do that when you wipe something.
Yeah, such as sensitive photos
cm0002Only necessary on the ol spinning rust, with SSDs not only is not completely unnecessary, but it also burns extra writes.
Spinny’s store data magnetically on the platter with 1s and 0s, SSDs store data on the NAND as a held charge. If there’s a charge in the block it’s a 1 if there’s no charge it’s a 0.
With spinny’s, a file gets marked as “deleted” but the residual magnetic 1s and 0s will remain on the platter until eventually overwritten
With SSDs a file gets marked “deleted” and within no more than a few minutes TRIM comes along and ensures the charge on the NAND is released for that data, there’s no residuals to worry about like with spinny’s and is in fact necessary to ensure decent lifespans.
Wow, the SSD can hold the charges perfectly while unplugged for ages? Amazing.
In a post apocalyptic world where I am in charge of building a storage drive and I’m given all the instructions and fabs, the world is going without storage.
Wow, the SSD can hold the charges perfectly while unplugged for ages? Amazing.
Yup. Before flash memory, devices like video game cartridges which had game saves actually needed a battery to power the memory holding the saves.
I want a spinny as a pet now. Sounds cute.
But wouldn’t TRIM be the deleting he is requesting? Removing the charges would be setting all the bits in that block to the same value.
But clearly the data is not overwritten and this was intentional. How do I know? Because that would amount to a massive amount of data, if it was de to a bug in Apple software or underlying filesystems, it would be detected in monitoring systems “Hey, we’re using 10x the data we should be, maybe we should look into it”.
The mistake was in the flag code that was supposed to fool us.
no when I say “overwritten” I mean that the area is set as deleted in the filesystem and the next time something writes to that area the data that was there before is disregarded.
So are you saying that they suffered from a filesystem bug that caused deletion failure? I’d imagine they use standard filesystems on their backend, I haven’t heard about any bugs like this.
If you ask me, what’s more likely, that a company known for shitty behavior lies about deleting files so they can continue to use that information to profit, – OR – that they are experiencing a filesystem bug on their backend, I’ll choose the former.
no I don’t believe a damn word of what apple’s gonna say on this, I just wanted to get the message out there that generally file deletion works by allowing data to be overwritten, so if the images are local this could very well just be that either it’s showing data that hasn’t been overwritten yet or it accidentally brought things out of the “recently deleted” depending on how long ago it was deleted.
Undeleting nudes
That’s iPhone
Seriously: I don’t think the cost benefit is there to intentionally make a maneuver like this. Any crap they pull needs to have a perfectly proper explanation, with our agreement to a specific term buried somewhere in their policies. Can only imagine how much money they blew throwing these billboards up all over the San Francisco Bay area. We have to buy Apple over Google for ostensible privacy gains, and Apple has to lock us in to their walled gardens to make up for their comparatively smaller/data business.
This post assumes Apple is aethical (that’s like amoral but for ethics right?) but still a self-interested economic actor. They can’t let short-term greed get in the way of long-term greed!
Undeleting nudes
That’s iPhone
Seriously: I don’t think the cost benefit is there to intentionally make a maneuver like this. Any crap they pull needs to have a perfectly proper explanation, with our agreement to a specific term buried somewhere in their policies. Can only imagine how much money they blew throwing these billboards up all over the San Francisco Bay area. We have to buy Apple over Google for ostensible privacy gains, and Apple has to lock us in to their walled gardens to make up for their comparatively smaller ad/data business.
This post assumes Apple is aethical (that’s like amoral but for ethics right?) but still a self-interested economic actor. They can’t let short-term greed get in the way of long-term greed!
Seriously: I don’t think the cost benefit is there to intentionally make a maneuver like this.
You might be right
They can’t let short-term greed get in the way of long-term greed!
lol
and the next time something writes to that area the data that was there before is disregarded.
A single overwrite might not be enough to defeat physical forensics because shadows of the old data persist in how the new data is stored. Also when it comes to SSDs you might be waiting a long time for the data to get overwritten as the drive will wear-level its erm sectors (what are those things called with SSDs?).
kaboom36They are called cells IIRC
the shred command in Linux tries to do this, but it may not work if the hardware moves rewritten data blocks around to mitigate wear.
talshred doesn’t even necessarily work at the OS level. If you use something like ext3 and I assume ext4, normally when you overwrite data in a file, you’re not overwriting data even at the logical level in the block device. Journalling entails that you commit data to somewhere else on the disk, then update the metadata atomically to reference the new data.
It was more-practical in an era of older filesystems.
That’s skipping over the fact that recovering deleted data, even if it isn’t overwritten, is not an “oops”. It it takes extra effort, and if that data isn’t being protected it would be overwritten incidentally as drives are used.
There is a big difference in a database between “flagging” data and actually removing the association of the data to the database.
The data just needs to be overwritten to be truly deleted.
ThannThey don’t care about your security or privacy, they care about being the exclusive vendor of your personal information.
That’s how a lot of people handle deleted data in database, it’s literally just a flag. That’s why there’s a recommendation to edit Reddit posts before deleting them, to ensure they’re actually overwritten so they can’t just be restored.
Funny how you think an edit doesn’t write the old record to a comments_old table
Well, there’s a non-zero chance they were too lazy to implement that.
Every time someone says something like this I have to explain CDC and regular old backups. There’s no way in hell Reddit doesn’t keep cold and hot backups of their shit. And while Reddit is unlikely to be doing CDC for soc2 or other compliance reasons, it’s the easiest method to capture data for analytics purposes.
CDC stands for change data capture. It’s generally done with databases by streaming the change log or ref log to a bucket or a service like Kafka where you can fast forward and rewind the log queue to see the state of the DB at any point in time. Even if you edit your comments it’s likely sitting in a Kafka topic or a snowflake bucket outside of the DB or cache used for the presentation layer.
Zero large scale websites operate with a truly single data store. There is always another layer that your user operations don’t impact
Yes, that’s certainly possible, but it’s also out of my control. I have basically three options:
That’s it. There’s no guarantee it works, but it has a much higher chance of working than the other two.
And there’s a good chance they delete old backups. Hosting every edit is expensive, so there’s a decent chance they clean up old data after some months.
In 2019 the total size of the text stored by Reddit was only 50TB. A Petabyte of data in cold storage is only 12k a year so even if they 500x in size since 2019 (very unlikely) it’s a drop in their ARR. given they sell the data for advertising and for AI, they are not deleting it. Reddit also self hosts a lot of their infra (they used to present their architecture at kubecon) so the storage costs would be even lower
If you never had any nudes in the first place, and update, is there a chance to get some?
Asking for a friend.
You should check out the federated backup of Apple Cloud. You can reach it at lemmynsfw.com. I mean your friend.
Midnight WolfEvery time I go looking, there’s a barren desert of male/gay content. In some lateral communities, furry porn is beating the content ratio like 10:1.
Y’all need to hold your phones or something while you browse the 5 billion straight communities, give me something that’s not weeks+ old. Uncut guys to the front of the queue, thanks. 📸
Be the change you want to see in the world
The only problem with that server is there are tons of shit you’d rather not see. It’s sadly not as easy to filter like the reddit porn subs are.
Is it that bad? I’ve been making a habit of blocking every community that shows up that I don’t want to see. So these days I rarely see stuff I really don’t want to see.
It just gets tiresome when you have to block 100 communities for the 15 you wanna see
In that case just subscribe to the 15 you want to see then?
Kinda hard to find them if you don’t know they exist in the first place.
I think that already happened and was called “The Fappening”. You can still find it with Google.
I remember the night when I found out about that and saw Jennifer Lawrence was one of the victims 😍
Good job Lemmy
steal_your_faceCheck your DMs 😏
Computer data is never actually “deleted” until it’s overwritten with new 1s and 0s — operating systems simply cut off references to it.
That’s not entirely correct, and I would expect a tech news site to know but ig not.
It’s true with spinny’s since they store data magnetically on the platter with 1s and 0s, but SSDs store data on the NAND as a held charge. If there’s a charge in the block it’s a 1 if there’s no charge it’s a 0.
With spinny’s, when a file gets marked as “deleted” the residual magnetic 1s and 0s will remain on the platter until eventually overwritten like they say
But with SSDs, when a file gets marked “deleted” then within no more than a few minutes TRIM comes along and ensures the charge on the NAND is released (Which means that data is gone, permanently) for that data, there’s no residuals to worry about like with spinny’s and is in fact necessary to ensure decent lifespans.
This is dependent on the TRIM schedule. It could be size based (execute a TRIM when 50% of the blocks are used).
Perhaps, but this is unrelated. The magnetic charges may still be there, but if the reference to the content is deleted, how is the filesystem meant to know what file is there? This seems really suspicious to me.
TRIM works outside the filesystem, it does not care about 99.9% of it, the only part it cares about is if there is a reference in filesystem to the block charges. No reference == data to be released
It could be or maybe the SSD has its own on-firmware TRIM schedule, but all major OS’s execute a TRIM on a time based schedule no longer than every 10-15 minutes.
Afaik the default for windows 10 is weekly via disk defragmenter, and that assumes it recognizes the drive as an ssd. I’ve had drives cloned to ssds that retain the hdd flag and had to setup a 3rd party tool that actually saw it properly and would trim as expected.
11 might have reigned that in… but probably not.
There’s most certainly residuals, I’ve accidentally deleted then installed Windows on top of a bunch of my game saves. I found some random file recovery application and let it run for awhile. Guess what? Nearly everything was readable despite the fact it got wiped and then had a whole windows install.
NAND also experiences minor permanent damage on writes. Actually clearing the NAND involves a write as the charge has to be forced out (a write of 0s)
This can happen when TRIM is disabled
Here’s a study published last year I read that goes through this exact thing
In consideration of results obtained from the experiments, it concluded that the behavior of Wear Leveling in different SSD manufacturers having the same storage capacities does not match. It varies based on the number of files, types of files, and sizes. The recovery of files from different SSD manufacturers showed different results. In all SSDs, not a single trace of any file found in disk format scenario(s). Whereas, some of the data recovered in the delete case and from only one drive. It clearly showed different behavior of data recoveries in format and delete cases. The obvious finding from this study is that the time interval of image acquisitions played a significant role, and the longer time interval supports few chances of data recovery because the TRIM and Garbage Collection process effects clearing residual data from the drives
Non PDF link
Which means that data is gone, permanently) for that data, there’s no residuals to worry about like with spinny’s and is in fact necessary to ensure decent lifespans.
I doubt that the firmware is doing an overwrite of TRIMmed data. Rather, I expect it’s marking it as having been TRIMmed, and so can report that it’s zeroed to higher layers. If a higher layer queries the firmware for its content, sure, they might get zeroes returned. But if you can modify the firmware or otherwise bypass it, you may be able to get at the underlying media.
There is also the “bad block” issue, where storage media can take blocks – which may contain readable data – out of use, so that higher layers cannot access them. That applies to rotational drives and it looks like SSDs do the same thing. Again, might require bypassing or modifying the firmware to get direct access. But there can be data leaked there.
I also wouldn’t be terribly surprised if there is lingering information even after zeros are written to an SSD that might be recoverable if you could directly access the media, though I’m not familiar with the situation there. That is the case for rotational drives – the drive platter itself is “analog”, doesn’t just store a discrete string of ones and zeroes at the physical level. I once knew a cryptographer who was working on quantifying that leakage for rotational drives.
Now, attacking some of that is a pain and probably not a concern, but there are some cases where it might be a target. I once knew a professor who used to work at the Department of Defense, and he’d talk about their disposal process for rotational drives:
Drive has N random overwrites.
Drive gets passed through a rock-crusher device.
Remains get put in an acid bath.
I don’t know what they did if Step 1 couldn’t be completed due to drive failure. Maybe they were allowed to skip that step in that case.
That being said, probably most people don’t have to worry about the same level of resources being aimed at them.
EDIT: Step 1 might have been a degauss rather than an overwrite. Either way, it was definitely just aiming to twiddle bits, not physically destroy the drive. I’m trying to remember a conversation from a couple decades back…
I doubt that the firmware is doing an overwrite of TRIMmed data. Rather, I expect it’s marking it as having been TRIMmed, and so can report that it’s zeroed to higher layers. If a higher layer queries the firmware for its content, sure, they might get zeroes returned. But if you can modify the firmware or otherwise bypass it, you may be able to get at the underlying media.
TRIM is garbage collection and is a part of the wear leveling system. The whole point of TRIM is to have the SSD only hold the charge it needs too for still in use (i.e. not deleted) data. It’s the charge that damages blocks over time, so to extend lifespans it clears everything not needed. It’s not overwriting data for security or anything per se, but rather just a result of its longevity processes
Now, I’m sure there are cheap no name SSD controllers out there with ineffective TRIM operations that just lie about the operation, but any controller worth its salt is gonna have proper TRIM.
There is also the “bad block” issue, where storage media can take blocks – which may contain readable data – out of use, so that higher layers cannot access them. That applies to rotational drives and it looks like SSDs do the same thing. Again, might require bypassing or modifying the firmware to get direct access. But there can be data leaked there.
Part of that process is to move the data to another block and release the charge to prevent further damage, it’s possible the block is damaged in such a way that it won’t even release the charge, but if that’s the case it’s incredibly unlikely to be readable.
I also wouldn’t be terribly surprised if there is lingering information even after zeros are written to an SSD that might be recoverable if you could directly access the media, though I’m not familiar with the situation there. That is the case for rotational drives – the drive platter itself is “analog”, doesn’t just store a discrete string of ones and zeroes at the physical level. I once knew a cryptographer who was working on quantifying that leakage for rotational drives.
Yea it’s possible, but now you’re in the needing x-ray machines, powerful microscopes, full clean room labs and people with extensive, specific skill sets which means $$$$$$$$$$$$$$$$$$$$ or in other words, state level budgets range. 99.99999% of people will be fine