Carlos Fenollosa

Carlos Fenollosa

Engineer, developer, entrepreneur

Carlos Fenollosa — Blog

Thoughts on science and tips for researchers who use computers

Links for 2019-11-24

November 24, 2019 — Carlos Fenollosa

Some SSD encryption is not secure

How secure is hardware disk encryption? (1 min, Twitter thread)

Dan Luu links to a paper by Mejier C et al., titled Self-encrypting deception: weaknesses in the encryption of solid state drives

In a nutshell:

We have analyzed the hardware full-disk encryption of several solid state drives (SSDs) by reverse engineering their firmware.

We found that many models using hardware encryption have critical security weaknesses due to specification, design, and implementation issues [that] allow for complete recovery of the data without knowledge of any secret (such as the password).

To make matters worse:

BitLocker, the encryption software built into Microsoft Windows will rely exclusively on hardware full-disk encryption if the SSD advertises support for it. Thus, for these drives, data protected by BitLocker is also compromised.


Roughly 60% of the market [is affected] currently one should not rely solely on hardware encryption offered by SSDs and users should take additional measures to protect their data.

This is really, really bad.

Download old Linux distros

Linux Distros (RH) is an archive of old Linux ISOs that you can install on a virtual machine or similar.

Every entry has screenshots, making it a very nice resource to browse even if you don't commit to testing the distros.

Designing a modern text editor

Neovim and the state of text editor art in 2019 (15 min, pdf, via)

I never thought that a text editor could be such a complex and inspiring software product!

There is a video of the talk (50 min) in case you want more context than the bare slides.

GIF like it's 1999

The 88x31 GIF Collection (RH, via)

A collection of 2680 classic 88x31 buttons from the 1990's, 2000's, and today in GIF format.

Geocities gif Designed with Macintosh Porn button Best viewed with any browser

Windows 95 UI

Designing Windows 95's User Interface (15 min, via)

Three years ago I came across an interesting paper written up by a Microsoft employee, Kent Sullivan, on the process and findings of designing the new user interface for Windows 95.

The website archives Sullivan's paper The Windows 95 User Interface: A Case Study in Usability Engineering, a very interesting text on easly GUI usability, along with screenshots comparing 3.1 and 95 interface which will put a smile on your face.

Windows 95 UI prototype

OpenBSD review

OpenBSD in 2019 (10 min, via)

I've written similar texts about OpenBSD twice, and I like reading other people's opinions.

There is a pattern here: somebody is angry with some Linux drama, tries OpenBSD, likes it, but for some reason can't use it as a daily driver.

Check it out if you are still unsure about its strengths and weaknesses compared to Linux and/or other BSDs.

There is a very good Reddit discussion about this post.

A p2p web browser

Beaker (2 min, via) is an experimental web browser which supports dat://, a modern p2p protocol.

I really like these experiments. I'm not sure if it will take off, but re-decentralizing the web is a great cause.

ASCII art game

ASCIIDENT (RH, via) is an "Open-world sci-fi game with a design completely made by text characters."

After trying the demo, I'd define it as a platform game like Duke Nukum, with a crafting element, and the ASCII novelty which makes it quite nice

ASCIIDENT screenshot

I have to admit I'm tempted to buy the game. To my wishlist it goes...

Save .org

Save .ORG (2 min) is a plea to stop the sale of .org domains control to an equity firm.

Worth a read, check out the original signers. Wikimedia, the FSF, the EFF, the Internet Archive... this is not your typical bullshit petition.

Check out the HN discussion with some alleged ex-ICANN members.

AI is not Terminators

AI today and tomorrow is mostly about curve fitting, not intelligence (5 min, via)

Some people cricize AI because we don't have terminators yet.

On the other hand, there is a lot of AI snake oil

The truth is: people in the field understand that we are harnessing the power of advanced curve fitting, not Hard AI.

It's our job to make journalists and the general public understand it, too.

Pornhub as a bastion of freedom

Banned from Youtube, Chinese propagandists are using Pornhub to publish anti-Hong Kong videos (1 min)

We truly live in the Craziest Timeline

RSS bridge

RSS bridge (2 min, via) is a connector that generates RSS feeds for sites that don't have one (e.g. Instagram, Twitter, Bandcamp...)

Last week I linked to Fraidycat, a similar concept.

I definitely need to set some time aside and check out both tools. I'd love a way to transform friends posts into an RSS feed.

Altair BASIC source code available

Micro-Soft Altair BASIC 3.2 source (RH, via)

After clicking on the link above, since this is the last one in the roundup, now go watch Pirates of Silicon Valley


Tags: roundup

Comments? Tweet