Weapons of Data Destruction
On Memories and Memory Cards
New in the Website
The 2011 Jasmine Revolution in Tunisia made official what we all knew, internet matters. Sites like Twitter and Facebook were operational both in the organization of the events and the disinformation by authorities. A few days later, these sites were suppressed in Egypt, once protests began also there. Suppression of digital work is easy. In the past, I experienced several attacks on my website; several of the websites linking to mine have also reported, publicly or privately, about organized state attacks on them. We live in a reality where governments illegitimately use Weapons of Data Destruction, bluntly violating human rights with obtuse disregard for their citizens.
Having no home and living in an eternal pilgrimage, I’ve been forced to find alternative methods of keeping an office. The memory card of my first digital camera became in late 2002 my first virtual office. Light and compact, the cards are easy to carry around; internet kiosks are the fixed part of the deal and can be found everywhere: Nepal and Thailand; Bolivia and China.
Unluckily, they are also easy to attack. Over time, I have developed a series of techniques to survive my frequent visits to internet kiosks unscathed.
A computer connected to the internet is on enemy territory. No storing device should be connected to it. Download all the files desired for subsequent work into the computer. Then, disconnect the computer from the web. This should not be done electronically but by physically pulling out the cable. Then, connect the storing device to the computer, and transfer the files to it. This doesn’t provide absolute protection. Signals can still be picked up from nearby with certain equipment, but for regular work, this is robust enough. Moreover, this is not possible with wireless devices.
Since 2002, I work primarily with memory cards and their readers. Memory sticks are less convenient than split devices since if their reader goes wrong, saving the memory part of the device is complicated. This is a crucial issue. The technology of these cards is based on solid-physics and in all my tests they have proven to be also physically solid. I never experienced an unprovoked problem with them and am quite confident the cards can survive everything I’ll survive. The myriad of memory devices existing in the market can be divided in two categories: those including reader and memory, and those in which the memory and the reader are physically separated. The first type is not recommended, since if the reader is short-circuited, then recovering the memory is troublesome.
The wise user should move around with at least two memory cards; a smaller one to be used as a files-buffer and a larger one as main storage; an additional backup card is also recommended. Moving around with two readers is recommended. In such a fashion, if the forces of evil would short-circuit the first, the user would not suffer delays.
All the card-readers I have tested until now do not include personal identification numbers, but all the memory cards include one. The number can be used to track down the owner of the card. I recommend changing the pre-installed ID number; this can be done with free programs available on the web. The best would be if all users changed the predetermined number into the same one. I propose using 0000-0000; hinting thus at the usefulness factor of this human rights violation act towards the perpetrators. (Memory Card ID Change Program)
This is not enough. The cards are still vulnerable to various attacks. Cards can be stolen. Israel robbed many of mine on several occasions, including in the savage attack of July 2009. Leaving safe copies in an embassy of a country hostile to yours is a decent enough precaution.
Since October 2009, my memory card readers were systematically short-circuited every two or three weeks. I took one of them to be checked out at an electronic laboratory. They found traces of short-circuit. In my last year at Tel Aviv University as an undergraduate student, I took a chemical physics laboratory course. Part of it included programming a control device with the help of a personal computer. We were asked to simulate different control methods for a device that changed the illuminating strength of a lamp through the modification of the current passing through it. The old 286-processor computer was used to control the current passing through its ports into an external device. In other words, every computer can double as a sophisticated toaster. Nobody else in the internet kiosks where I work experiences this problem. The shops selling the readers claim (and I believe them) the readers are reliable. Moreover, the events are strangely coordinated with certain articles I publish or emails I send that clearly infuriate Israel. This is the reason why having an extra reader and using a buffer card is essential. If burned, no permanent damage would be caused to the data on the main card. Having an empty card ready, no significant delay to one’s work is caused. I have no doubt these are intentional harassment attacks perpetrated by Israel. Yet, I cannot complain about them since they would be classified as circumstantial.
Unluckily, the computer industry (including Mac computers) has adopted Microsoft FAT as the files organization system. This allows rapid access of snoopers to the structure tree of your files. There is no way to avoid malicious software at least copying the structure. Thus, change the structure often, so that no scripts targeting specific files would be effective on your card. In the past, I have been the victim of a quite vicious attack on the FAT system of my buffer card. Several computers in the various shops I was working on began reporting problems with their available memory. None of my subsequent tests justified the report. Then, if I saved any of my open files it would be saved wrongly, ruining also the FAT data of physically adjacent files. This causes a snowball effect; the more files you touch, the more extensive the damage becomes. Once this is spotted, disconnect the memory, and go to a safe computer. Copy all the files from the memory card to the computer; during this process, don’t open them. Note that damaged files won’t copy. Then, format the damaged card. Afterwards, copy the files back from the computer to the card. Restore the damaged files from a backup card, and then wipe out the computer you worked on; cleaning programs are easily found these days; sensitive files stored on the computer should be thoroughly shredded before re-connecting it to the web. This type of file should not be “cut and paste;” otherwise you’ll need to wipe the entire hard disk to ensure deletion. To be entirely safe, replace the whole operating system on the computer after wiping it.
There is another instance in which Microsoft sold us out: autorun.inf. This is the name of an archive capable of automatically launching a program or a script. Amazingly, Windows defaults leave active this dangerous file on mobile devices. In this way, you can easily transfer virus and worm attacks from computer to computer. The best defense is creating an inaccessible mule, a sterile autorun.inf on your card. There are free programs on the web performing this service.
Related to this are various scripts that can be implanted in the card, and are activated by the autorun.inf file. To be sure the card is clean, make visible all protected and system files. Scripts featuring the .vbs extension would then be visible. Delete all scripts. Another noteworthy point is avoiding storage of files with active code in them, like .html files. Change their extension or save the content in a text format. Note that files allowing macros, like the Microsoft Office formats, are also extremely vulnerable.
A serious security problem results from the tendency of most of us to use a constant file structure. That allows writing scripts that allow downloading files by snoopers without the victim being aware of that. The solution is simple. The method to achieve that is by storing the files in a tree structure, and changing the root directory name often; this works well against off-line scripts especially if the structure includes thousands of useless files used specifically for this purpose. The name of the root directory should be changed every time the work is begun and not at its end, in such a way, if working offline, snoopers cannot change the script to allow for the new structure on time.
All this is fine, but it doesn’t solve the presence of key-loggers in public computers. I have proven the existence of these to my satisfaction. If working on a public computer on highly sensitive files, there are several ways to make sure the key-logger is deactivated. I’ll mention only the most obvious solution. After the work is saved, and while the computer is kept offline at all times, perform a low-level format of all the hard-disks and their partitions from the card. Only experienced users should do that; the staff at the kiosk would afterwards need to re-install the operating system, but no other damage is caused. Rotating between the available public computers is vital because it blocks certain systematic attacks.
At first all these steps may sound terribly complicated; yet, they are not. It’s all about keeping certain order in our usually messy computer work practices. Over time, they would become a second nature, to the true horror of illegitimate authorities violating our lives. On the day of the 2009 attack, something went wrong for Israel. They attacked me from behind and strangled me until I lost consciousness. After grabbing my belongings, they ran away in the ultimate show of cowardice. In the rush, it was daylight, and a few blocks from the city’s main venue, they left behind some of my memory cards. The manuscript of The Cross of Bethlehem, which back then was finished, but not published, survived.
This text was adapted from a chapter of the same name in The Cross of Bethlehem II: Back in Bethlehem.
My articles on the web are my main income these days; please donate or buy The Cross of Bethlehem or Back in Bethlehem.