Skip to content

Science and Engineering

August 10, 2015

Previously, as in maybe 100+ years ago, “science” was important and the importance of it vastly exceeded the importance of engineering.  Today, I believe that trend has changed and the discipline of “engineering” is probably more important.  But, I am of the believe that engineering is at least the stepchild of science and you can’t ignore scientific discipline any more than you can ignore gravity.

Engineering, in layman’s terms, is the practice and discipline of making things that work, making things that aren’t working work, and the skills and abilities to be able to convert someone’s theory into practice.  This is certainly concerned with science but is more practically grounded.  In today’s world the distinction is important.

One of the key aspects of this is the motivation of the scientist is always “Why?” whereas in general the engineer isn’t really concerned with why or why not but just getting the thing working.  Out in the desert with a non-working car the scientist is going to be stuck on the point of trying to figure out where the water in the cooling system went and while he might have some interesting theories about where you could find water in the desert, the engineer is going to be focused a lot more firmly on both getting something into the cooling system and that it stays put.  The idea of using a children’s fruit drink isn’t going to occur to the scientist – its not water, remember – but to the engineer the sugar in the drink might just be the ticket to sealing up the leak.

McGyver is certainly not a scientist but he is the 1980s answer for engineering.

Over the weekend I made a big mistake; once again I watched the movie “The Core”.  This came out over 10 years ago and, as far as I know, has never been equaled in its mistakes, gotchas and distortions.  One of my least favorite lines is where one of the “scientists” in explaining to someone that all science is “best guess” and nobody really knows anything.  This might be a cute line for a post-modernistic movie tailored for an audience that believes science has given them nothing but Agent Orange and Tang but shows a disturbing lack of education.

Part of the annoyance of watching the movie is that for the entire 135 minutes there is about one silly thing every minute or so.  There are plenty of web sites that talk about the “bad science” of this movie, so many that there is no need to repeat the litany of wrong-headedness that pervades this movie.

The tie-in with this post is early on in the beginning of the movie we see pigeons crashing through big windows in tall buildings.  Now a “scientist” might be able to come up with a plausible theory how this is possible, but from an engineering perspective it is incredibly silly.  I did a very small amount of research on this last night and discovered the phrase that tempered glass is a pretty old technique and one that has been superceded by a number of other ways to make higher strength glass.  But even tempered glass in a 1/4 inch thick window glass form requires an impact of around 10,000 PSI to punch through it.  With a hammer, what you need is 10,000 pounds of force (better expressed in something like neutons, but I’m trying to stick with what I have) to break such a window – not impossible with a 1-pound hammer with about a 1/4 inch striking surface and a good swing at the window.  This is assuming the hammer is tilted somewhat when striking the window – if the head of the hammer was perfectly perpendicular to the glass the striking force would be distributed over a larger area and require even more powerful a swing.

OK, so what about a pigeon?  Your average pigeon is 9-13 ounces in weight, and the top of its little head might be at most 1 square inch in area after some initial mashing occurred.  So could a pigeon create a 10,000 PSI impact into a glass window?  I am NOT going to get into the full depth of the mathematics here to prove such a thing is impossible, but I am going to say that it would require the pigeon be flying over 100 MPH at the time of impact.  Highly doubtful.  I don’t think you could break a modern building window with a pigeon even if it was fired from a good-sized air cannon at over 100 MPH.  One of the key aspects of this is the little pigeon body has far less resistance to impact forces than the glass.  So even if you has sufficient acceleration of the pigeon, the pigeon would be pulped rather than actually breaking the glass.

Could you break the window with more pigeon impacts?  Say, 100 pigeons striking at the same time?  Dividing up the force required by 100 would certainly change things some, but still we are talking about 100 pounds of pigeon needing to develop far more than 10,000 pounds of force because it is spread over a much larger area.  The end result is 100 pigeons become a sticky mass of pulped pigeon and the window remains intact.

This commentary on pigeons can also be applied to the 1963 Alfred Hitchcock classic “The Birds”.  Although we are dealing with small window pane glass or the glass in a telephone booth, still the mismatch between bird structure and glass structure leads one to the inescapable conclusion that the birds simply do not have sufficient mass or cohesiveness to effect damage on virtually any size piece of glass.  At least for birds the size of pigeons or smaller.  Now, if you want to talk about bald eagles going up against a window the size of the bird itself, well, we are talking about a whole different sort of scale here.

Here is where the engineering discipline makes a significant difference.  A scientist is likely to focus on mass-on-mass impact and come out with a lot of equations showing that at 1027 MPH a pigeon can penetrate a large office building window.  The engineer is far more likely to note very early on that one reason pigeons do not fly over 30-40 MPH is because their wings would tear off.  Similarly, upon impact with any hard surface the less cohesive mass is going to come apart and distribute the impact energy over a much larger area.  There is little question that a pigeon is less cohesive than a big glass window.

So rather than expressing the problem as a purely mathematical one that has a solution – all it takes is a big blackboard – the engineer can get right to the heart of the question and say all the math is pointless because the pigeon comes apart.

This is the difference between the scientist and the engineer.

I would happily further this discussion with people that want to refute this or confirm it.

Sometimes We Are Too Smart

July 14, 2015

At least sometimes we are too smart for our own good.  This is something that has existed since 1998 or 1999 and hasn’t been “discovered” until now.  Sometimes, consequences take a while to come around to bite you.

A long, long time ago there was a product created called CD-R Verifier.  The idea behind this product was to produce an MD5 signature value of a whole CD or CD-R and be able to compare this to another disc easily and graphically.  The “point” of the product was that it used pretty sophisticated buffering techniques to stream the data off the disc about as fast as the drive could possibly read it.

Along the way, it got decided there would be a “demonstration” version.  This is different than a real trial or evaluation in that it would never time out but it would only be a demonstration of the capabilities of the program.  The demo version was to be only that and not do anything useful at all.  There was even a note in the help that the demonstration version couldn’t actually be used for anything and that it was simply a “demonstration.”

This product was never an astonishing success but it was an interesting illustration of the capabilities of optical media drives with proper buffering being used.  The US military decided to use it to compare MD5 signatures of discs in the field with disc signatures created on a Unix system where they were created initially.  Disc duplication and manufacturing companies utilized the product to check the discs they were producing.  As it is a pretty cheap product and fulfills a pretty specific need, it is a nice tool to have if you need it.

It has been a remarkably stable product since 1999 and has required only minimal changes over the years to cope with changes to Windows.  Until recently, that is.

A couple of months ago I got an email from a customer saying that they were having a problem with their customer.  They duplicated a master disc and checked the signature in their office.  The master and the duplicate matched perfectly.  They sent the disc copy to their customer who checked it and found a different signature.  Now, this has happened before and it has generally resolved down to being a problem with a specific drive.  The solution has been to get that drive, check it, and figure out what the problem was in getting the correct ending sector for the disc.

Of course, being an obsolete drive where the incorrect signature was being calculated meant a trip down EBay lane to get one of them.  No problem, it just took a little time.  When the drive arrived it was tested and after some fooling around it was shown to be calculating the correct signature.

Huh?  Yes, the supposedly failing drive was doing the right stuff.  Getting the disc from our customer that was copied and failing resulted in no change – the correct signature was being calculated every time.  After some further checking it started to seem like the end user had something odd going on until our customer reported getting the same signature on a specific model drive.

Along about now in the process we get an email from forwarded from the folks encountering the problem that was remarkably informative.  They were using the demonstration version of the product.  They never noticed that it wasn’t supposed to produce valid signatures.

Some folks might point out that the folks using the demo version were simply trying to get away without paying for the product and “shame on them.”  Well, maybe, but part of the software business is not doing dumb things to your (prospective) customers and I feel this was clearly a case of just being too terribly clever back in 1998 or so.  The idea was to give a meaningful demonstration of what the product did without ever having to have a real expiration, unlock code or any nonsense like that.  The idea that someone might miss that they were using a demonstration version and try to use it as the full product didn’t really enter into the thinking at the time.  In hindsight, that was a big mistake.

So with the latest release the demonstration version comes out with a nice warning message at the beginning that says it is just a demonstration and cannot really be used for anything useful.  This message is presented in a number of different ways to the user to make sure they cannot forget they are using a demonstration version.

This isn’t a case of encouraging people to actually buy the product when they need it, although that would be nice.  The problem is that a lot of expensive support time got wasted figuring out what a non-problem was because the customer’s expectations were different than the reality of the product.  Clearly a case of the developer being too clever for the customer.  For a simple tool-type product this is something that might be able to be forgiven, but it can cause incredible headaches if this sort of thinking gets into larger systems.  If it is embedded deeply enough this can be uncorrectable and users will be unlikely to be very forgiving.

The lesson here is that if you are going to do something the customer or user might not expect, you need to tell them explicitly.  No, a note in the help that nobody ever reads isn’t going to cut it.  It needs to be in the user’s face at least once and not just when they install the product.

DB Freedom – a Mobile, Ad-hoc Query Tool

June 29, 2015

Let’s say you have a need to find out what customers have reported problems with their purchases recently.  It is all in a database and if you were at your desk there is a nice tool for accessing this… but it isn’t a web app and you can’t use it from your iPad.

Sure, the company has been talking about getting a mobile development company to build some apps for use by sales, but so far it hasn’t happened yet.  Because it is considered a nice-to-have it is always the first thing to get cut from the budget.

So, what can you do?  Well, DB Freedom is an easy-to-use tool that is suitable for sales people to be able interrogate databases from an iPad.  It shows you the databases that are available, shows you the tables and columns that are available and helps you to build “queries” that go against the live database.  You want to know what customers have reported a problem in the last month so if you call on them you aren’t taken by surprise with outstanding issues?  Easy.  This is the sort of thing that can be done in a few minutes with DB Freedom.

No, you can’t make changes this way.  And it is secure, so important company information isn’t going to be leaking out.  It works with Wi-Fi and cellular connected iPad devices right now with Android support coming in the future.

See more information about this on the InfinaDyne web page.



I have mentioned DB Freedom before, but there has been an important new part to this story.  Previously, the only way it worked was to have each user running a database connector application on their office computer.  This creates some overhead and can introduce some rather unexpected network traffic if there are a lot of users.

There is now an alternative to this one-user-one-PC approach.  The Enterprise Server.  What this does is consolidate all of the “user PC” database access into one server.  It improves the response time of the mobile app and it cuts out all the network traffic going to and from individual user PCs.

The Enterprise Server is designed for companies that have at least 10 users of DB Freedom and can benefit from consolidating the network traffic and such into one server.  Obviously, it requires the IT folks to get involved and set this up, unlike the individual access that is part of the DB Freedom app.  It requires very little attention to manage so it should be IT friendly.

Contact InfinaDyne for more information about DB Freedom and how it can help you.

Mobile Ad-hoc Query Tool

May 19, 2015

Would you like to be able to create, save and run queries against a database from a mobile device?  I might have the answer for you.  InfinaDyne has a product called DB Freedom which is designed for the iPad which does this.

How do we get to run queries against a live database from a mobile device?  Well, it involves some tricky networking and security.  First off, it is your database that you want to access, so you need to run an access tool on your PC to get to it.  This access tool usually can run as a service in the background, so you will not even know it is there.  Even if your company has a firewall in place to prevent such things, DB Freedom’s PC component will likely be able to be used – the iPad does not connect directly to your PC.

The iPad app will function with current iOS versions and is pretty simple to use.  It allows quite a bit of flexibility in terms of selecting and formatting output and uses a strongly guided approach towards building queries.  Of course, there are limitations to what the query builder can do and what sorts of things can be done with the whole system but overall I think you will find that it is possible to do a huge amount within the limits that are there.

Mostly, this app is self-explanatory.  You pick a database and it shows the tables that are contained within it.  From there you can choose multiple tables and specify the relationships between the tables (which is remembered) and then choose from the list of columns that are then exposed.  You can then specify formatting for the columns, change the column order and decide to prompt for one or more items to control the selection.

This means that you can define a query to prompt for a part of a name and it will do so whenever that query is invoked.  It is all pretty simple to use and makes getting the information you are interested in quick and easy.  From the results that are displayed you can copy the contents and paste it into other apps or messages.

Because this is all done from a live database and not a cached snapshot there is no requirement for synchronizing or limits based on the amount of storage available on the iPad.  Large results sets can take up memory on the iPad which may require you to terminate other running apps if you are going to try to do something that returns 500 or 1000 results.  Also, because this is all happening over the network doing this with an older iPad that doesn’t have a 4G cell modem may be somewhat slow.  Certainly if you are going to retrieve large results sets you want to be on a Wi-Fi connection.

The data that moves between your database and the iPad is encrypted for security.  This allows you to use this on open Wi-Fi networks without concern for other users “eavesdropping” on your connection.

The iPad app is free… sort of.  You get five saved queries when you install it and if you want to save more than that you need to purchase additional save “slots”.  This app has been tested on iPad models 2, 3, Air and Air 2 and performs well on all of them.

What kinds of things can you do with this?  Well, one of the things that I have set up is a query to show recent sales recorded in our customer database.  It shows a list of recent purchases and tapping on one of them will then show the details of a sale.  This sort of list-detail navigation is built into the structure of DB Freedom.

Today DB Freedom is available for the iPad only, but if there is substantial interest in this adding Android tablet support is certainly something that will be coming along.  You will find mention of an “Enterprise Edition” and this is something that is also planned for the future.  Right now, one PC running the connector application is required for each iPad being used.

What Writer Wrote This Disc?

March 12, 2015
tags: , ,

A common question that comes up in many different ways is the idea that it is possible to tell what computer or disc writer created a specific disc.  There are some common misconceptions about this that can be cleared up and some interesting information for both users and forensic professionals.

Almost 20 years ago there was some discussion about “RID” or Recorder IDentification.  This mostly came from the introduction of stand-alone music recorder devices which could, in theory, be used to make copies of music discs and to record onto CD-R discs music from the radio and other sources.  This was the same level of concern that was introduced with DAT recorders.  The outgrowth of this concern led to a new category of CD-R discs, the “Music CD-R” and the requirement that all stand-alone recorders label discs with the device that created them.

As we can see today, most of this fuss was for nothing.  Stand-alone music recorders exist, but they are expensive and not all that much fun to use.  Yes, you have to buy special discs for them which hasn’t helped their adoption either.  Just like DAT recorders, they are a niche product and not used for piracy.

Well some manufacturers decided to implement RID-labeling of data discs as well for computer peripheral drives.  In our collection at InfinaDyne I believe we have two such drives out of around 50.  It wasn’t a popular thing to do and it wasn’t done in a consistent manner by manufacturers.

When DVD-R recorders finally made it to the consumer market, there was a standard in place to allow drives to mark the discs they wrote to in the Recording Management Data or RMD.  This was much better than the situation with CD recorders because at least from the beginning there would be only one implementation.  This standard was not mandatory, so different manufacturers were free to implement or not implement the marking of discs with the recorder that wrote them.  Just like with CD recorders, not very many manufacturers chose to mark discs with this identification.

The situation with DVDs is much like that with CDs in that the identification that is put on the disc has a drive serial number, but this is an internal, electronic serial number not the one that is printed on the outside of the writer itself.  There may or may not be a simple translation between the external serial number and the electronic serial number.  About the only way to make sure that a given writer identifies itself by a given number is to ask the writer what its serial number is and compare that to what is found on the disc.

What this means to the average consumer is that if they write a CD or DVD it is highly unlikely that there is any identification of the drive that wrote to the disc embedded in the disc itself.  If there is a serial number, it isn’t necessarily one that might be registered with the manufacturer, so even if this information is present on a disc, there may not be any way to track this back to the original owner of the writer – assuming the serial number was registered for warranty purposes.

CD/DVD Inspector today does not search CD-R discs for RID markings.  There are at least three different locations where RID information might be written and some of these cannot be easily retrieved – some drives will read these locations but others will not.  With DVD discs, the situation is quite different.  If the recorder identification is present in RMD field 1, it is displayed by CD/DVD Inspector’s Analysis tool.  If you aren’t using CD/DVD Inspector you may be able to find other tools which read and display RMD field 1 so you can determine if the writer is identified.

For forensic purposes, RID is extremely valuable when it is present on a DVD.  Unfortunately, most drives do not label the discs they wrote, so this helpful bit of information is not available.

Update: running through a sample of 103 DVDs 18 of these had Recorder Identification in RMD field 1.  The writers that were shown were Lite-On, Pioneer, Plextor, and Sony.  This is by no means an exhaustive test but it does tend to indicate that DVD RID marking is more prevalent than CD-R marking was.  There is some evidence that this is under software control as well as the writer, so some writing software may not follow the correct DVD writing process resulting in no RID marking.

CD and DVD Forensics

February 6, 2015

Back in 2006 I worked out a deal with a technical book publisher known as Syngress to get the book “CD and DVD Forensics” published.  It was an educational experience and a little exposure into the publishing world.

After eight years there is finally a second edition of this book coming soon.  No, it isn’t going to be published by Elsivier – they acquired Syngress late in 2006.  Their book selection process seems to be a little different than it was in 2006 and all I know is that we aren’t going to be working together.  The new book is likely to be available through Amazon unless big things change in the next month or so.

This new edition of the book is a complete rewrite of the original with lots of new material and somewhat of a new focus.  The original book had some requirements placed upon it by the publisher and while these made sense at the time, these requirements no longer exist.  A lot of the space in the first edition was dedicated to reference material for the CD/DVD Inspector product.  This has been changed to be more task-oriented than simply reference material and there is a lot less of it.  This does mean the new book is going to be about 1/3rd the pages of the first edition, but it doesn’t mean there is any less useful content.

As far as the content is concerned, there is more information about file systems than there was in the original book and I think the section about evidence handling is more useful.  There is also a new chapter about understanding hidden data on optical media.

Moving into the world of self-publishing means that there are a number of services that I get to work out for myself, such as a cover design, copy editing and reviewing.  If you would like to review the book, please contact me directly.  If you would like to be a “technical editor” for this second edition, please let me know as well.

I will be reaching out to some existing customers about bulk purchase of the new book but if you would be interested in finding out more about this, please contact me directly.  The likely publishing method for this will be print-on-demand as well as making the book available in various electronic forms, so if I can put together a large print run it will save all of those participating quite a bit over the standard pricing.

Email Sillies – Dumb Things I Get Sent To Me

January 20, 2015

I could write a long book on the State of the Art of Spam with plenty of examples.  Sadly, it is something that many people could probably benefit from reading.  Today I am going to address one small aspect of this subject because it annoys me more than anything else has in a long while.

Spam works because people get the idea that they are being offered something that is a good deal.  So, a few people out of millions that receive some ad jump on it and buy something.  It only works because the costs of sending millions of emails is nearly zero – assuming you aren’t paying someone thousands of dollars to do it for you.

But there are other types of emails that fall in the same category as spam but aren’t advertisements at all.  I’m ignoring the “click this link” malware distribution and that sort of thing.  Today I want to address the bogus offer emails that I see pretty frequently.  It starts out simply enough with an offer to buy something from my company:

‌‌Hello

Good day and how are you? I am writing from Ausparts Group in Australia to make a few inquiries.

  1. Do you ship overseas? I already know of a freight forwarder that will pick up my packages from your store. Their service is cheaper than that of any other courier, and they are effective in shipping my goods to me here in Queensland, Australia. Shipping time is estimated to be 3-4 days.
  1. I have used their services in the past, and it was splendid. Do you accept credit cards for payment? I have U.S. Visa and Mastercard. Send me a response with your contact details: email, website, and land and mobile phone numbers. Kindly let me know your answers to these questions before I send details about the items I am interested in purchasing from you.

Best Regards,

Barry Egan.

You will notice that at no time does Mr. Egan ever say what he wants to buy.  I am not sure if Ausparts Group exists in Australia, but I am pretty sure that there isn’t anyone named Barry Egan that works there.  This came from a Gmail address.

Think about this for a moment and you might get a little concerned.  What if you work for a company where lots of products are sold and the sales staff gets emails all the time from customers wanting to buy stuff?  Could one of these emails get taken seriously?

So what is the problem with this?  Well, from experience and many years of intensive spam training, the problem is going to be with the credit card.  What they want to happen is some bunch of stuff gets charged to a credit card and handed off to the courier service.  The credit card turns out to be fraudulent and the stuff gets sold off on EBay or Craigslist.  I am sure it never makes its way to Australia.  Of course, the seller gets stuck with the bill for this plus a chargeback fee for the bogus credit card.

Just for laughs I responded to one of these and said in an email that we had a product that would fit their needs just fine: recycled condoms.  Talk about yuk factor… Anyway, the reply said that a box of 50,000 recycled condoms was $1000 per box, so how many did they want?  I got a reply back that they would like to order five boxes of recycled condoms for a total of $5,000.  See, it is true that you can sell anything on the Internet.

We have dealt with logistics companies in our dealings with various customers before.  In all cases we ship to the logistics company’s location and they then deliver the package to the customer.  We have never had anyone come to pick up a package like what the email was proposing and I have never heard of anyone doing business like that.  So that should be the first thing right off that is a huge warning.

The lack of any real contact information is another red flag.  No “signature” with phone numbers or company information.  The email supposedly came from Gmail rather than a company email address.  All of these things say FRAUD pretty loudly.

The reason I get at least one of these a week is because people are falling for this scam – it works.  I have done searching on the web for other people posting information about this scam and I haven’t seen anything, so I thought I would post this.  It is a bit off topic, but I think it serves a useful function for people.  Please don’t fall for a scam like this.

If you run across this posting and find it interesting, please leave a comment or send me an email.  I might write some more about the email I get in the future if there is enough interest.