With the launch of Mac OS X 10.7 (Lion), Apple has introduced a volume encryption mechanism known as FileVault 2.
During the past year Joachim Metz, Felix Grobert and I have been analysing this encryption mechanism. We have identified most of the components in FileVault 2’s architecture and we have also built an open source tool that can read volumes encrypted with FileVault 2. This tool can be useful to forensic investigators (who know the encryption password or recovery token) that need to recover some files from an encrypted volume but cannot trust or load the MAC OS that was used to encrypt the data. We have also made an analysis of the security of FileVault 2.
A few weeks ago we have made public this paper on eprint describing our work. The tool to recover data from encrypted volumes is available here.
With Windows NT, Microsoft introduced Windows Backup (also known as NTBackup), and it was subsequently included in versions of Windows up to and including Windows 2000, Windows XP and Windows Server 2003. It can back up to tape drives, using the Microsoft Tape Format (MTF), or to disk using the closely related BKF file format.
Support for Windows Backup was dropped in Vista but Microsoft introduced the Windows NT Backup Restore Utility for both Windows Vista/Windows Server 2008 (supporting disk and tape backups) and for Windows 7/Windows Server 2008 R2 (supporting disk backups only).
If you just need to restore a MTF/BKF file, the Microsoft-provided software above is probably the best option. However, if (like me) you don’t have a Windows computer handy, or you want to convert the backup into a format more likely to be readable a few years later, they are not ideal. That is why I tried out the mtftar utility, which converts MTF/BKF files into the extremely well-supported TAR file format.
Unfortunately, mtftar appears unmaintained since 2007 and in particular, it doesn’t build on Mac OS X. That’s why I set out to fix it. In case this is of help to anyone else, I have made the modified GPL’d source available on GitHub (diff). It works well enough for me, but use at your own risk.
Andrew Rice and I ran a ten week internship programme for Cambridge undergraduates this summer. One of the project students, Connell Gauld, was tasked with the job of producing a version of Tor for the Android mobile phone platform which could be used on a standard handset.
Connell did a great job and on Friday we released TorProxy, a pure Java implementation of Tor based on OnionCoffee, and Shadow, a Web browser which uses TorProxy to permit anonymous browsing from your Android phone. Both applications are available on the Android Marketplace; remember to install TorProxy if you want to use Shadow.
The source code for both applications is released under GPL v2 and is available from our SVN repository on the project home page. There are also instructions on how to use TorProxy to send and receive data via Tor from your own Android application.
Sometimes I find that I need to concentrate, but there are too many distractions. Emails, IRC, and Twitter are very useful, but also create interruptions. For some types of task this is not a problem, but for others the time it takes to get back to being productive after an interruption is substantial. Or sometimes there is an imminent and important deadline and it is desirable to avoid being sidetracked.
Self-discipline is one approach for these situations, but sometimes it’s not enough. So I wrote a simple Python script — screentimelock — for screen which locks the terminal for a period of time. I don’t need to use this often, but since my email, IRC, and Twitter clients all reside in a screen session, I find it works well for me,
The script is started by screen’s
lockscreen command, which is by default invoked by Ctrl-A X. Then, the screen will be cleared, which is helpful as often I find that just seeing the email subject lines is enough to act as a distraction. The screen will remain cleared and the terminal locked, until the next hour (e.g. if the script is activated at 7:15, it will unlock at 8:00).
It is of course possible to bypass the lock. Ctrl-C is ignored, but logging in from a different location and either killing the script or re-attaching the screen will work. Still, this is far more effort than glancing at the terminal, so I find the speed-bump screentimelock provides is enough to avoid temptation.
I’m releasing this software, under the BSD license, in the hope that other people find it useful. The download link, installation instructions and configuration parameters can be found on the screentimelock homepage. Any comments would be appreciated, but despite Zawinski’s Law, this program will not be extended to support reading mail 🙂