http://www.recuva.com/
Aug. 29th, 2009 11:38 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
eugeneboNever ever thought that I'd be advertising anything in my life. But here I am, doing that. This case is definitely worth it.
So, today I went to a trip to Eastern Washington. Made tons of photos with a beautiful model and a new shiny car and all those rocks and cliffs on the background. And... accidentally deleted them from the SD card and continued shooting over that same card! F@@ck, f@@ck, f@@ck!!!
That was a disaster. All the primary session photos were lost! I've got some pics from the rest of the day, but those were really secondary. Crap!
So I decided to try to recover them. After all, my SD card is FAT16 and since it was only 1/4 filled with the new photos, chances were high that some of the old ones survived. FAT16 does not actually "delete" the photos, you know -- it only marks them for deletion.
I started searching for the tool to do that. Sure, there were tons of them, but... they all had just one "little" problem. They wanted your money first, and then they would try to do something for you. Of course, with no guarantee. And of couse, they wanted to run as Admin during the setup [why?]. And most did not even bother to have a digital signature on their EXE :)
One app [I'm not willing to increase its ranking by mentioning its bloody name] pulled even a worse trick. It claimed to be free, but when ran it refused to recover just one "tiny" file type: the image files! It was asking for money to do that. A dirty extortion, this is how I view it.
Finally, I came across this nice app called Recuva, you can get it from http://www.recuva.com/. These folks use a different model. The app is truly free. But if you like it, you can donate some money to them.
So I tried it. And I liked it! I've got back all but 3 of the session photos, whoa! Of coure, I donated after that. These Recuva folks have really saved my day, thanks! So I feel obligated to support them for that, and for maintaining this open business model. That's why I'm telling this story to all my friends.
So in short, I highly recommend the Recuva app for deleted files recovery for the following reasons:
* Open model. They show 100% of work face first, ask for money second.
* And the work is good -- the files were recovered!
* The last but not the least, they don't require Admin during install. You only need it when you try to do Admin ops [which is needed in like 99% of the cases in this space, but at least they tried to keep up with the minimal privilege principle!]
Oh, and did I mention that the Recuva's EXE had a digital signature? Neat job, folks! :))
So, today I went to a trip to Eastern Washington. Made tons of photos with a beautiful model and a new shiny car and all those rocks and cliffs on the background. And... accidentally deleted them from the SD card and continued shooting over that same card! F@@ck, f@@ck, f@@ck!!!
That was a disaster. All the primary session photos were lost! I've got some pics from the rest of the day, but those were really secondary. Crap!
So I decided to try to recover them. After all, my SD card is FAT16 and since it was only 1/4 filled with the new photos, chances were high that some of the old ones survived. FAT16 does not actually "delete" the photos, you know -- it only marks them for deletion.
I started searching for the tool to do that. Sure, there were tons of them, but... they all had just one "little" problem. They wanted your money first, and then they would try to do something for you. Of course, with no guarantee. And of couse, they wanted to run as Admin during the setup [why?]. And most did not even bother to have a digital signature on their EXE :)
One app [I'm not willing to increase its ranking by mentioning its bloody name] pulled even a worse trick. It claimed to be free, but when ran it refused to recover just one "tiny" file type: the image files! It was asking for money to do that. A dirty extortion, this is how I view it.
Finally, I came across this nice app called Recuva, you can get it from http://www.recuva.com/. These folks use a different model. The app is truly free. But if you like it, you can donate some money to them.
So I tried it. And I liked it! I've got back all but 3 of the session photos, whoa! Of coure, I donated after that. These Recuva folks have really saved my day, thanks! So I feel obligated to support them for that, and for maintaining this open business model. That's why I'm telling this story to all my friends.
So in short, I highly recommend the Recuva app for deleted files recovery for the following reasons:
* Open model. They show 100% of work face first, ask for money second.
* And the work is good -- the files were recovered!
* The last but not the least, they don't require Admin during install. You only need it when you try to do Admin ops [which is needed in like 99% of the cases in this space, but at least they tried to keep up with the minimal privilege principle!]
Oh, and did I mention that the Recuva's EXE had a digital signature? Neat job, folks! :))
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2009-08-30 07:24 am (UTC)no subject
Date: 2009-08-30 07:34 am (UTC)no subject
Date: 2009-08-30 07:36 am (UTC)no subject
Date: 2009-08-30 09:03 am (UTC)no subject
Date: 2009-08-30 06:34 pm (UTC)1. That the software is created truly by who claimes to have done so.
2. That the software was not tampered with between the moment it was signed and the moment the signature was verified.
Combined, that means that the software authors realize possibilities like MITM attack or their server being hacked, and want me to be protected from running arbitrary malware instead of their software.
no subject
Date: 2009-08-30 07:01 pm (UTC)If I download a program from somebody I've never heard of, let them be called momandpop.com, how likely is it that their web site or internet connection would be compromised and the program substituted with a piece of evilware? Indeed, in cryptography applications the rule is: If it could have been compromised, it was. But from a practical standpoint, the total number of software downloads completed to this day is, estimated most conservatively, in the ballpark of hundreds of billions. How many cases of such an attack have been actually recorded?
This assumes, naturally, that I trust momandpop.com that the program I am downloading is what they claim it to be, but that's a whole another story. A signature would not be of much help in this regard, if I am correctly understanding what you are saying. Is that true?
no subject
Date: 2009-08-31 09:06 pm (UTC)1. Man-in-the-Middle. The last time I did a compilative analysis on this was back in 2007, so my data are somewhat old, but as far as I know not much has changed in that space since then. Here are a few snippets from it:
* Resolution of a single domain name often depends on dozens of DNS servers.
* An attacker does not need to take over all of them – just one. After you do so, you can control all the traffic to all sites going through that DNS.
* In July, 2004, overall share of vulnerable BIND nameservers containing known documented bugs was 17%. Due to trust relationships between many servers, the actual number of potentially affected DNS servers is probably higher [through "poisoning" technology].
* In October 2005, roughly 20% of DNS servers were running out-of-date software; 40% allowed arbitrary zone transfers.
* Distributed DoS attack on Sharktech in 2002 employed up to 140,000 EXPLOITED name servers. Could that number be that high if taking over a DNS server was difficult?
* Per Next Generation Software report, in March 2005 using a rogue DNS server posing as an authoritive DSN server for a particular .com domain, Pharmers were able to cache poison several ISP-level DNS servers and request more than 900 unique Internet addresses and more than 75,000 email messages to be redirected.
* Per the same source, in January 2005 the domain name for a large New York ISP (Panix) was hijacked to a site in Australia.
2. Site hacking. This happens every day -- you can find examples of defaced Web sites serving the EXE malware by just Googling/Binging it, e.g.:
http://www.securitynewsportal.com/securityblogs/article.php?title=Defaced_Brazilian_site_pushes_Brazilian_malware
3. A slightly different but a related variation -- malware download from unknown sites. Typically used by Phishers, thus well-tracked by the AntiPhishing WOrking group [http://www.antiphishing.org]. They see a growing trend here. Specicially, in December 2008 there were about 70,000 sites known which serve password-stealing EXEs. A year ago that number was only ~18,000.
Sure enough, "signed" != "secure". Nobody implies that guarantee. But a slighly different guarantee is true and is quite useful. That is "signed by a broadly known publisher" == "not an intentional malware".
[Yes, I may not know the name of the publisher. But I can search for it on the Internet. And there certainly would be a difference in trust between a well-known publisher and some "RemoteAssHoleVille3744Publisher" :)]
no subject
Date: 2009-09-03 07:46 am (UTC)no subject
Date: 2009-08-30 09:54 am (UTC)no subject
Date: 2009-08-30 06:29 pm (UTC)no subject
Date: 2009-08-30 08:46 pm (UTC)Я удивляюсь как еще никто не запросил!
no subject
Date: 2009-08-31 09:06 pm (UTC)no subject
Date: 2009-08-31 07:07 am (UTC)no subject
Date: 2009-08-31 01:46 am (UTC)no subject
Date: 2009-08-31 09:06 pm (UTC)