Tag Archives: backup

Lois Lerner’s White House emails missing?

IRS Says ‘Lost’ Lois Lerner Emails… Rep asks NSA for metadata… (originally published 13 June, 2014)

lois lerner image

WASHINGTON, D.C. –Congressman Steve Stockman Friday asked the National Security Agency to turn over all its metadata on the email accounts of former Internal Revenue Service Exempt Organizations division director Lois Lerner for the period between January 2009 and April 2011.

If the NSA doesn’t comply, the mail servers that Lois Lerner used will have her emails — especially if she used IMAP or webmail. The tape backup systems for those servers should have archives of all of her emails. (A decent backup system will archive everything every month in off-site storage. It’s urgent that these archives be retrieved before they’re purged.)

In addition, chances are excellent that the emails on her crashed hard drive on her PC can be recovered. They just need to call OnTrak data recovery service or any of its competitors.

This stinks.


Updates

5 September 2014 Yesterday, The Washington Post asked, Why did the IRS clean out Lois Lerner’s Blackberry as probes began? The short answer seems to be that this was part of an effort by one or more people at the IRS to destroy evidence. My question: What happened to the Blackberry’s SD memory card?

This attempt to destroy evidence is kind of stupid. As I’ve mentioned before, copies of those messages will reside on the mail servers and their tape backup systems. I gather that the IRS uses Microsoft Exchange mail servers; by default, Microsoft Exchange turns on mail archiving.

25 August 2014 Today Judicial Watch announced that they have been told by DOJ attorneys that backup copies of all federal government documents, including Lois Lerner’s missing emails, exist in federal archives. Judicial Watch intends to file a request for production of these as part of their ongoing lawsuit against the IRS. The judge won’t be happy to learn that the IRS has been hiding evidence.

Judicial Watch’s release includes a link to the latest sworn statement by an IRS IT manager regarding procedures that were followed when Lois Lerner’s hard drive failed. They’re unremarkable except that no detail is provided about the failure itself (was it electronic or logical, was the disk spinning?) or what measures were used to recover data from the failed drive. What’s not addressed are questions such as, “Before scrapping the failed drive, did anyone evaluate the value and uniqueness of its data?” and “What archiving system is used on the Exchange servers used by Ms. Lerner? Can we pull the lost emails from that archive?”.

Again, this reveals incompetence or coverup. Or maybe even an incompetent coverup.

29 July 2014 Yesterday I watched over an hour of recent grilling of the IRS director by the House Government Oversight committee. Apparently one of his staffers recently testified that the data on Ms. Lerner’s hard drive was recoverable, but management had declined to bring in an outside contractor to recover the data.

Incompetence
or
coverup?

I’ve encountered many failed hard drives over the decades — on servers, desktops, and laptops. I’ve always been able to recover the data on them, using a variety of techniques. The worst case required the services of a specialist to pull data from a failed SCO Openserver Unix system disk. I handled all other cases myself. In systems that I’ve managed, we had both automated central backup tape libraries and external backup hard drives for remote laptop users such as Ms. Lerner. We had entire laptops stolen, yet their users lost only data created since they last connected to the enterprise network or their external backup hard drive (whichever was most recent). Even when no backup system is in place, data on failed hard drives is almost always recoverable. The worst case is that it will require expensive surgery in a clean room.

My conclusion:

  • The I.T. staff at the IRS is incompetent, or
  • One or more persons at the IRS are trying to hide something that involves Lois Lerner.

 

 

11 July 2014 Today a federal Judge orders feds to find Lerner’s hard drive.

U.S. District Judge Reggie B. Walton wants the IRS to tell him whatever they know about the hard drive that Lerner says malfunctioned and lost two years of emails sought by congressional investigators, and he wants those answers in just one week.

Walton issued an order Friday afternoon demanding to know the serial number of Lerner’s hard drive and, essentially, where it is now.

The same article announces that

On Thursday, Federal Judge Emmett Sullivan ordered the IRS to make a sworn declaration in writing describing how Lerner could have lost all the emails she sent to other departments from mid-2009 to mid-2011.

The declaration is due by August 10.

10 July 2014 The Washington Times reports that Lois Lerner warned IRS employees to hide information from Congress. The IRS produced this incriminating email today, one year after it had been subpoenaed.

27 June 2014 Holy Moley! This news indicates a cover-up: IRS CANCELLED Contract with Email-Storage Firm Weeks After Lerner’s Computer Crash. One comment:

Federal Records Act requires mandatory 5 year prison sentence for every federal record that can not be produced.
If we only had an Attorney General that followed the law.

24 June 2014 Representative Trey Gowdy (R-S.C.) questions IRS commissioner last night about missing emails from Ms. Lerner. He slices. He dices. (5 minute 54 second video)

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Advertisements

This guy’s cloud burst.

How Apple and Amazon Security Flaws Led to My Epic Hacking

Never put all your eggs in one basket cloud.

The sad story of what happened to Mat Honan has been big news for the past ten days or so. All of his devices and data were interconnected via Apple’s iCloud, and they all got wiped clean within minutes. Here’s his story, in his own words. Excerpts:

Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification . . .

It turns out, a billing address and the last four digits of a credit card number are the only two pieces of information anyone needs to get into your iCloud account. Once supplied, Apple will issue a temporary password, and that password grants access to iCloud.


GET OFF OF MY CLOUD
(M. Jagger/K. Richards)
Chorus

Hey! You! Get off of my cloud
Hey! You! Get off of my cloud
Hey! You! Get off of my cloud
Don’t hang around, baby, two’s a crowd

No technical skill was requs guy’s e-life. The hacker(s) just needed patience, knowledge of customer service procedures at each provider, a method, a couple lucky guesses, and convincing telephone presence. We worry about the security of 128-bit encryption, or the virtues of SHA-2 (secure hash algorithm) versus SHA-1, when the most vulnerable part of any system is the humans who use it.

The fact that the authentication value of a credit card’s last four digits is zero at Amazon and significant at Apple is worrying. Apple claimed that a service rep didn’t follow its password reset procedure. In fact, the procedure WAS followed; it was just a flawed procedure. Apple has reportedly changed their customer service procedure for authenticating an account owner over the phone.

Forget backups, if you use a tablet.

Wikipedia entry: Tablet Rimush Louvre AO5476

List of the victories of Rimush, king of Akkad, upon Abalgamash, king of Marhashi, and upon Elamite cities. Clay tablet, copy of a monumental inscription, ca. 2270 BC.
photo: Jastrow
I mean clay tablet. Otherwise, you’ll need to backup your tablet’s data, just like you do with any other computer.

Today it’s possible to read inscriptions on 5000 year old clay tablets, yet it’s difficult to find a tape transport that can read data on 9-track digital tape that was recorded in the 1960s. One moral: keep multiple backup generations, on multiple media types.

Twenty years ago, Zip and Jaz disks were viable backup media. Before that, Bernoulli drives made sense. Going WAY back, 360 KB 5.25 inch floppy disks were viable. Today, I don’t know where you’d find the hardware to read any of these media.

Tape formats have come and gone over the years, as well. Though data on good tape formats such as DLT last a long time, they don’t last forever, either (magnetic field bleed-through between layers of tape). And neither do CDs or DVDs (oxidation of metallic film or dye layer). Thumb drives are less reliable; they both have a finite write life and may randomly fail without warning.

Are you backing up to an external hard drive? Good, but all hard drives eventually fail. In fact, their complexity means that they can fail at any moment for any number of reasons: head crash, electronic failure, surface failure, motor failure . . . You get the picture.

My point is that we need to keep our data backed up on more than one type of media, and keep a copy off-site. An alternative is to inscribe your data in a wet clay tablet and then fire it in a kiln. Burying your freshly-baked tablet for safekeeping through the millennia is optional.


Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Are you ready for a disaster?

Ready.gov website
Ready.gov website

Ready.gov will help you prepare for a disaster.

The U.S. federal government has a website, www.ready.gov, that’s aimed at individuals, families, and businesses that wish to prepare for disasters. It’s chock full of good ideas. Your next step is to prepare your computer systems for disasters. My website has pages that will help:

© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Carbonite and Acronis are colliding

Each backup software vendor is treading on the other’s territory as it tries to offer a complete solution.

Small server after fire. Telephone sits atop case.
photo: John from USA

The small business data backup market is getting crowded. Medium and larger size enterprises have IT staff who look after their data backup requirement. But data for a small business is just as critical, yet they can’t afford IT staff to manage their backup requirements.

IT professionals know that to truly be ready for disaster recovery, system disks, application programs, and data must be restored quickly. For years, one way to quickly recover a system disk was to have a bit-by-bit system disk image (1 in the drawing) on the shelf and restore from that. Application programs may be included on the same disk image.

Once the system disk and application programs (2 in the drawing) have been restored, one only needs to restore data from the latest backup set (3 in the drawing), and everything should play.

drawing by Russ Bellew
A Complete Disk Restore

For many years, PowerQuest’s Drive Image and Norton Ghost were leaders in disk imaging software. Unfortunately Symantec acquired both products and slowly sucked the life out of them. Acronis filled this vacuum with their Acronis True Image products. If you have a bug-free release, True Image works great, but it’s not a complete solution because the image (1 in the drawing) probably doesn’t include yesterday’s data files.

In the meantime, Carbonite grew out of nowhere in the mid-2000s, with a file-by-file backup program that stored users’ files via the Internet unto Carbonite’s servers (3 in the drawing). I like Carbonite: there’s no hardware to buy or staff to train, and it provides grandfather / father / son versioning back to 3 months, but Carbonite is not a complete solution, because it won’t recover your system disk.

About 18 months ago, Acronis introduced their file-by-file backup system for backing up files over the Internet to Acronis’ servers. I’ve tried it, and prefer Carbonite.

Now Carbonite offers their disk image program, as an extra-cost item. I’ve not tried it. They also, for more money, offer next-day courier delivery of all of your files on an external hard drive.

The small business owner will probably benefit from the competition as Carbonite and Acronis fight it out in the small business marketplace.

Further reading from my website:

 

Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695

Digital photography best practices

Photo by mikebaird
Work like a professional photographer.


Even if you take only family photographs, you’ll find plenty of good ideas on the ASMP (American Society of Media Photographers) Best Practices page. I’m impressed with how thoroughly they cover the all-important topic of backup. I especially like its Backup Overview page, written by Peter Krogh. His 3-2-1 idea is very sensible:

  • We recommend keeping 3 copies of any important file (a primary and two backups)
  • We recommend having the files on 2 different media types (such as hard drive and optical media), to protect against different types of hazards.
  • 1 copy should be stored offsite (or at least offline).
  • In fact, this 3-2-1 idea makes sense for any important file.

    Visit my website: http://russbellew.com


    Carbonite has a new competitor: Acronis

    The photograph is by John from USA. That was a telephone atop the computer case.

     

    Acronis enters the online backup market by offering a $50 per year service: 5 computers; 250 GB max.

     

    Carbonite is the leader in the online backup market. For $55 per year, Carbonite backs up an unlimited amount of data from one computer (either Windows or Mac). I like it: the service is reliable, unobtrusive, and the user interface is intuitive. It has a few competitors, but it leads the market. Acronis, who’s the leader in computer backup software for backing up to local media (tape, external hard drives, etc.), has begun offering Acronis Online Backup for $50 per year. It’s limited to 250 gigabytes of backed-up data, which may be distributed amongst up to 5 computers (Windows only – no Macs). This will be attractive to households and small businesses with several computers.

    Acronis’ local backup and disk imaging software regularly wins awards. They are integrating it with their well-respected local-backup product, True Image. This is an industry first. (I have conservative customers who use both an external hard drive and Carbonite for backup. This gives them the fast speeds of local backup plus the security of having encrypted copies of their data reside off-site.) It’ll be interesting to see how well Acronis integrates local and online backup — this could be a real winner.
    If Acronis Online Backup is as good as their local backup product, it will give Carbonite serious competition — especially at the introductory discount price of $30 per year (available until 15 February 2010. Subsequent years will not be discounted.). Have a look — both companies encrypt your data before it’s sent over the Internet and both companies offer free trials



    Regardless of vendor, online backup offers low entry cost and complete protection within a few days of sign-up: there’s no hardware to buy and setup is very easy.

    Articles on my website:

     

     

    Disclosure: I am an affiliate of both Acronis and Carbonite.


    Visit my website:
    http://russbellew.com

    Synchronize files with “the cloud”

    “Cloud computing” can store and help you synchronize files on multiple laptop and desktop computers.

    The trendy term “the cloud” simply refers to the Internet. (Schematic diagrams display the Internet as a cloud.) There are a number of companies that offer file synchronization services. Most offer a basic service for free and charge money for enhanced services.

    One of the leading players in this market is Dropbox. Maximum PC recently suggested 15 clever ways that Dropbox can be used to provide other services. Strong competitors include SugarSync and MemoPal

    A nice thing about all these services is that you can use them to synchronize files between geographically diverse sites. You and a colleague who’s located thousands of miles away can work together on a sales proposal in almost real-time: pretty nice for zero cost.

    CBS News discusses data rot.

    Yesterday, the CBS Sunday Morning Show aired an 8 minute segment that discussed “data rot”. It seems ironic that while we’re able to read the stories of ancient peoples who carved in stone, we’re unable to read from magnetic tape and disks that are only a few decades old.

    Nothing lasts forever
    One moral: If your data resides on CD-ROMs or DVDs, don’t think that it’ll last forever. After only five years, I’ve seen CD-ROMs with 1/8 inch holes in their metallic substrates — that’s missing data. A wise archiving scheme employs different kinds of media: magnetic tape, magnetic disk, optical disk (CD-ROMs and DVDs), flash ram, and Internet data storage services such as Carbonite. That way, if (or rather, when) you’re unable to restore from one storage medium, you can restore from another.
    Visit my website: russbellew.com

    Why backing up files is necessary but not sufficient.

     
    This might be a good time to read my Data Backup page. I updated it to include a section titled "Why backing up files is necessary but not sufficient" after observing a commercial customer who was backing up data files from their Point Of Sale system’s Unix server to tape but had no plan for restoring the server when (not if) the server’s system disk crashed. (They had no system recovery or setup disks. In their case, the data files resided on the server’s system disk.)
     
    While you’re in a "better safe than sorry" mood, read my Disaster Recovery Plan suggestions.
     
    Here are the causes of data loss:
     
     
     
    Visit my website: russbellew.com
     

    After an HP Computer Recovery

    A customer ran HP’s Recovery procedure on her Hewlett-Packard desktop PC. It ran Windows XP Professional. Before doing so, she had copied all of her data files unto an external hard drive.
     
    After the Recovery, she thought that she’d lost many gigabytes of drive space.
     
    Where did the files go?
    It turned out that the HP Recovery procedure first creates a directory called C:\USERDATA\ and then, as user SYSTEM, moves a bunch of files, including C:\Documents and Settings\, into this newly created C:\USERDATA\ directory.
     
    This is fine, but normal users can’t see the contents of C:\USERDATA\. The result is that, after Recovery, to most users the disk seems to be missing a large chunk of its storage space.
     
    How can I restore these files?
    By rebooting into XP’s Safe Mode and logging on as Administrator, I was able to change user rights on all files and directories that were contained in C:\USERDATA\. Because we had already restored her files from her external hard drive, we were safe to delete the contents of C:\USERDATA\ to free up disk space. If you didn’t back up your files before performing HP’s Recovery procedure, you should probably move these files to their original locations.
     
    Visit my website: russbellew.com