Yesterday morning, my laptop passed away. The witch doctors offered to insert a new, bigger brain into its weatherbeaten shell, but instead I opted for a new one.

It's been some time and more than one reformatting since I started freelancing, and I've gotten better at backing things up, so this particular dataloss wasn't quite as bad as it could have been. Still, there are a few things I've been working on lately, and a couple really weird bits from the crooked, dusty corners of my brain that I never got around to saving to my portable harddrive and are gone forever, barring whatever I can remember of them. Which is what brings us to this point! There are some strange, strange things I should share with you before I forget them completely.

All material is strictly non-canon, and strictly for your edification and enjoyment. Since I'm mentioning it here, don't expect to see it in print, ever.

Seeks-the-Nuyen was an urban tribal shaman destined to be caught and killed by Kenneth Brackhaven while breaking into the governor's mansion in Seattle. The fiction was never finished, but the basic idea was for the sorcerer-thief to bust in, trusting to magic and her satchel of devices to get her in and out past the mansion's security - well, she made it halfway. The governor, reading his son a story at bedtime, shoots her with a dart filled with ekyelebenle venom, which renders the subject blind. This would give Kenny the opportunity to rant to the boy while the "helpless" magician thrashed about on the floor, unable to get a spell off. The big reveal was that the boy would turn out to be a nine-year-old clone of Kenny himself, natch.

Desiree Demijour from the recent SR4A book (the magic chapter intro fiction) was actually originally planned as occult detective Lakesha Dee, who worked in and around New Orleans, and whose primary sidekick was a "drummer adept" named Pedro. Their original case was to be a stolen antique Yoruban ceremonial drum (nonmagicial). Most of the rest of the case - and a couple other details invented for their planned series of short fiction adventures - were mashed down into the short story you get in SR4A.

I had orichalcum on the brain for a long time, and this was especially noticeable in my earlier freelancing days. I proposed that Wuxing-DeBeers and Snowdonia would pool their massive orichalcum stores to create "Wuxbux," an orichalcum-based currency (the idea being that these were essentially orichalcum certificates, convertible to a certain mass of the mystic metal no matter the current price), which took a long time to die. I proposed an orichalcum currency for Tir Tairngire in Runner Havens (quite literally, 1 gram of orichalcum foil sandwiched between octagonal slabs of synthetic quartz), which was thankfully left out, and then there was space orichalcum, which was blissfully red-inked out of an early draft in Street Magic. You're all welcome.

The Wake was the first piece of decent SR fiction I ever wrote - fanfiction, really, though I was nominally a freelancer at the time, nothing I had done had been printed and my name hadn't graced a sourcebook (besides SOTA, which doesn't count). It was literally the wake of Captain Chaos, which took place in a Link club so that deckers from around the world could attend. All in all, I think Happy Trails came out better, which is why it was put out there and The Wake was not. Anywho, it's really gone now.

Libra is probably the most embarrassing thing I ever wrote, and it happened right here one dark and particularly depressing Hallowe'en on the Dumpshock forums. It was so bad, in fact, that when it was pointed out I immediately erased it. Now even my final, hideous copy is gone. For those morbid few who are interested, the basic plot is about an assassin who creates a sympathetic link to his victim by cosmetically altering a look-alike. Which is what he did here - he altered a girl, seduced her, and in an act of tantric ritual magic killed her, using blood magic so that her death powered the spell that killed his targeted victim. Why Libra? He had a dead twin brother who's ghost would possess him (or whom he would channel, it was more than a little vague). Yeah, not my best moment.

Speaking of sometimes going beyond the pale, every now and again I venture too far outside what is acceptable for Shadowrun. There are no hard-and-fast rules, so it's feel-your-own territory, as you can read here (adult content). There have been other incidents than that one, however, and they went with my old laptop. Don't think you're missing much, the most significant fragment was an entry on an actual rape gang - considering the small use for such groups in most SR games, I don't feel bad it was cut or that it's gone.

Gangan was not even a fragment, more like a character sketch with partial attributes. I have a particular habit of rooting for the underdog, and this character was an attempt to see what you could do with the Astral Sight quality. The results...eh. Could have been better. I had plans for the character, but they never materialized.

Speaking of general voodoo-related stuff, back when Street Magic was in development we had planned a Hallowe'en-themed piece of fiction featuring some of the characters in the book. I had planned for Johnny Vendredi, Papa Dimanche, and Abracadavre to work together as a small voudoun society - initial ideas for foes were shedim and a free spirit named after a minor loa, but the story eventually lost momentum and ended up in a pile of lost story ideas, now sadly toast.

The original draft for Neo-Tokyo in Corporate Enclaves included a brief entry on the Yasakuni Shrine, which generally glossed over the controversy and involved a shadowy anecdote about the new Emperor entering the shrine to quiet some unquiet spirits. Our Japanese translators requested we remove the mention, and it was agreed - not least because the particular write-up wasn't terribly good. I mean, I fought tooth-and-nail to keep the placenta-eatery in there. You gotta have standards.

What I read at any given moment can have a significant influence on me. I think I was double-dipping Global Frequency and Planetary at the time, but I had the idea that the UCAS Army had experimented with cyberzombies, and one of their original examples was being kept alive by a pacemaker powered by a natural plutonium radical reagent from the Oklo Natural Nuclear Fission Reactor. I went so far as to start a short story with an old, grizzled general at a bar, drinking straight rum and coke with peanuts...yeah, I don't know where exactly I as going with that either, and it died a quiet death.

Ye gods, what else...some rules fragments that I can't remember verbatim and most of you wouldn't be interested in, except for some items left out of manatech in Arsenal. The Biofiber Mantlet was probably the stupidest idea I had, and it lasted until surprisingly late in the draft process - basically, it was a mantlet (shield on wheels) full of biofiber. This was nominally supposed to protect you from enemy spells, but let's be honest: if you're hiding behind the mantlet they can't see you anyway. The OuijaDeck is actually possible, if silly and expensive: if was a psychoscope (basically, a variation of a ouija board witn an independently-moving pointer of some kind) enchanted as a vessel, with a lucifier lamp installed. You turned it on, waited for a passing spirit to possess the board, and deliver it's message. Naturally, this was a bloody stupid idea - it's the occult equivalent of hoping to get hit by a lightning bolt, or taking the gamemaster's last beer. Build your own if you dare.

Many great authors tend to cannibalize themselves. I'm not a great writer, but I tend to cannibalize too. You'd be amazed what I'll chop up and rehash to get a short story in when given almost no notice. The reason this works is that I always have half a story sitting in a document file somewhere, which will never be used until I had a sudden need, dust it of, whip it into shape and send it in. Anywho, this crash wiped out my stock...but don't worry, I still have pages of handwritten half-finished stories, and the ones that didn't make it weren't shaping up to well. I remember in particular was about a street adept with psychometry that went barefoot all the time, because he could tell what was happening on the street...or possibly learn a lot about a person by breaking into their apartments and putting on their shoes, I tend to forget; in another Sticks spent three weeks sleeping under an overpass pretending to be a homeless guy in order to infiltrate some bum fights being organized underneath a nearby soup kitchen.

Anyway. All of that is stuff you won't have to deal with any longer. You're welcome.

d00d, googledocs. We use it religiously.

But thanks for sharing, and hope your new lappy lasts a little bit longer.

But isn't there that thing about googledocs where it gets to own part of your work (or was it your soul? Both?)?
That could make it awkward if you used it to do comissioned work, I guess.

And thanks for sharing, AH!

They may not have all been winners, but we mourn the fallen all the same.

You couldn't recover the HD? If the it was just the CPU that failed, you could pop the Hard Drive out and turn it into a External hard drive, and recover all the data.

I've done that to all my laptops that have failed, save the 1 that was destroyed by Beers.

That's correct. Google has a standard Terms of Use which is very umm.. Shall we say controversial view of intellectual property. They claim it's standard for all their apps. I'd be very wary of using it for anything commercially sensitive.

- J.

I suspect by brain he talks about the HD, as swapping CPU on a laptop is anything but trivial...

And with a HD failure i suspect hardware failure, so that the plate(s) will not spin, or the reading arm(s) no longer moves...

Recovering from that is possible yes, but that most likely requires the services of a dedicated company, with clean rooms and similar facilities to dismantle the drive.

It was a hardware failure of the harddrive, yes. For what they wanted to replace it and reinstall the operating system I could have bought a new laptop...so I did (granted, I spent more money, but the new laptop is much nicer).

just like how if one bought a car in parts, it would come out maybe 10x the cost of the equivalent car new from the lot...

Congrats on the new laptop. I know you've probably heard this all before, but I cannot stress it enough;

Update your firewall, anti-spyware, anti-virus to the point of religeous paranoia. And even then, take a half-step further. Multiple layers will help.

Have the reminders on automatically, but do the downloading yourself manually.

DO NOT use Yahoo as your main browser. Already my GF's laptop nearly crashed because Yahoo attempted to rewrite her settings. She called me two days ago angry that this happened to her (even though she herself updates all her software constantly), and after dumping Yahoo as her browser, all is well again.

Make sure your anti-virus and all anti-malware scanners are set to ACTIVE, so they scan everything that comes in and goes out.

Make sure anything you want to keep is backed up on CD-Rom archive (if you have a CD-Rom burner) or somewhere offline safe. WIPE YOUR TEMP FILES at the end of your session. EVERY session.

"A little paranoia is a healthy thing...."

Yeah, the whole thing were every frickin' piece of software wants you to load a toolbar and change your homepage these days is maddening. Y'all're lucky your commlinks don't come with built-in malware.

There is a reason why staying out of the corps influence is a good idea

Yeah, they just install malware in their programs, activated when you don't allow auto-patching.

-paws

I made a horrible mistake with the first computer I ever owned....it died and I lost years worth of material. Since then We've always had two or more boxes on our network and back up files that way. Recently one or our two pc's died a horrible death (board died). I got an enclosure and put the HD in it, everything backed up on separate drive now. Best $25 I've spent in awhile. (One day a week *fri* I update all folders on backup drive, if didn't do it that way I'd procrastinate and never get it done.)

Actually. I don't ever recommend installing all of those kinds of programs mentioned above. I mean, if you like slow computers with all of the resources used up "protecting" it, then sure go for it. But really... Isn't is just easier to NOT instill toolbars and download viruses? I ran an anti-virus program once... then I removed it after a week for being annoying and slowing down my computer. Since then (that was 5 years ago I think), I've not used anything like that. I forcibly kill all firewalls and "protection" features on those computers I use that run windows.

And yet, I don't get viruses, I don't have wtfeveryouwanttocallit-ware. To save yourself some trouble, stop using Outlook. Other than that? Just... don't install things unless you know it's not bad. I've really never understood why everyone has problems with this.

Anyway,

Thanks for the post AH. I had fun reading it.

Yeah, people complaining that their internet connection speed sucks elf-ass to me . . and when i ask about their computer, they brag about it being 100% secure. Router, Hardware-Firewall, Switch, Norton internet Security, ZoneAlarm, Free AV . . all at once . .

ZoneAlarm should die in a fire! My cousin talked my parents into installing that POS (and a couple other "security" programs) on their computer and it caused so many more problems than it ever solved. My dad actually stopped using the computer because of ZoneAlarm's constant pop-up alerts.

I've been using Spybot Search & Destroy on my computer for a while, but its detection library is getting bloated to the point of uselessness. And Teatimer has been pissing me off tremendously, enough that I'm seriously considering uninstalling. Other than that, I have a router for the home network and I hit up Trend Micro a couple times a year. Just in case.

blah blah blah

Since we're pretty much off topic anyway... Anyone have any suggestions for a shared network drive? I've been wanting to get one (.5 TB or, maybe, 1 TB) for a while, but not sure what sort of specs I should be looking for.

-paws

I actually would have been interested in seeing those rules fragments.

@Paws:
IcyBox < = Probably the best you can get in NAS-Technology nowadays.
Or Qnap.
Else, try and get a Router with USB and try to get a usual external HDD to work there.


Yeah, most of us would have liked to see that stuff. Because most of the stuff Uncle Ancient cranks out reeks of the Awesome.

I'm glad someone beat me to it.

I don't run firewalls, virus scanners, malware checkers, nothing...I use Yahoo! as my main search engine (Google on occasion) and outlook to run my email. In the last, say 15 years I've been using computers and an internet service, I've had one "virus/malware" and that was two years ago when I got a little click happy when a bunch of pop-ups came up on my screen on some crappy porn site.

You just have to be aware of the stuff you are clicking and installing. I agree with Chibu, if you don't know what you are installing, don't install it. If you don't know who the email is from, or it looks suspicious, just delete it or use a browser-based client instead.

As for hardware failures, I've had two in the last 20 years...one was an LCD on a laptop about a year ago and the other was someone else's hard drive I was cleaning up as a favor. Now I do have an external harddrive that we use to save photos of the kids and CD backups as well, but my wife does all that.

I don't know, common sense has served me well for 15+ years...don't have any reason to change it now!

That's great if your computer is always 100%, super-up-to-date patched, and you never visit questionable sites or download stupid stuff you really shouldn't. But keep in mind, there are exploits out there that can infect you even if your computer isn't actively doing anything except sitting online. And there are enough files bouncing aroudn with viruses that, unless you do little more than check your news and your e-mail (and even then) the odds of your getting infected are certainly not small enough to ignore.

On the flip side, Windows comes with auto-updating features (still a little behind discovery) and a default firewall. So even a system with nothing on isn't actually naked, unless you actively turn it off. In about six years of running a system with non-automatic patching and ZoneAlarm, I've gotten two viruses. I run a virus scanner now because I have the processing power, we download more files, and I have a toddler on the computer. But before it wasn't really necessary.

I will also say, you can turn off the pop-ups on Zonealarm by clicking 'stop showing these messages' or 'always allow this connection'. I've been using it for six years, and with the exception of one version I didn't care to learn, I've had no real trouble.

Three or four firewalls is a bit excessive, and virus scanners not programmed aroudn your actual usage habits is a waste of resources. But going with everything just flapping in the wind isn't exactly prudent either.

i think i read a test ones that showed a clean install of windows getting infested by a worm within 15 mins of being connected to the net...

Yeah, but is that with 15 minutes active surfing and outlook usage, or 15 minutes just sitting there connected to a router that's online?

iirc, the latter...

Wonder how that works.
The only thing that's immediately online if you are NOT using your browser or Outlook is the windows update.
Meaning the Worm would have to come in through their automatic update service. Or is that wrong somehow?

Just google "15 minute windows compromise" or similar terms. I seem to recall that RPC is often the culprit on older Windows systems.

My windows box is secured by the power button. ;P

Meaning what exactly? O.o
You shut it down every 10 Minutes to prevent it from being compromised after 15 Minutes? ^^
Best Security System is using a Virutal Machine for browsing and downloading stuff and the such.
Let the thing be infected all it wants, just reset it to non infected status and keep going.

http://adamjury.com/2007/windows-for-the-future/

Actually, since I wrote that, I've changed things slightly ... I reinstalled Windows and didn't bother with any virus scanning, malware scanning, etc. I turn the computer on when I need to use it and turn it off right afterwards; same with file-sharing.

[I have two Macs that I do my real work and communications on.]

O.O wait what? i was actually technically right? o.o
Yeah, do the important stuff on something else than windumb.
Use windumb for the one thing it's good for. playing games.
Forget about it and just format/reinstall if/when it gets to slow.

Actually, Windows has bunches of other services which open ports. Windows messenger was the classic one, which people actually used to send porn messages that came up in pop-up windows. They fixed that pretty early, but if you have an old installation disk, you'll still have the problem. Some other obvious ones are windows verification and the clock, but there are very, very many more.

Even still with Vista/7?

Oh, ok. See, the thing is, I don't let windows run things. The first program I run after installing windows is services.msc. I turn almost everything off, including the "security center", "automatic updates", "firewall", messenger etc. After you turn off all of the crap, it really lowers the minimum system requirements. I run windows XP on a 300mhz, 128mb ram box in my shed for playing music (at bonfires). So, yeah. I suppose that probably has alot to do with why I don't have problems. (Ftr, I run Linux on here for programming)

But yeah. Beat up windows, and you'll be ok.

Well, i don't have anything important on this machine.
So id on't really care about security. As long as it does not hamper my computers performance, i let the little buggers do what they want.

and for some reason, i cant help but feel thats the attitude that joe wageslave also holds. as long as their porn catalog or cred account do not end up on some social network for everyone to smirk about, they do not care what happens to their comlink. Bread and circus...

I've not seen a study like this on Vista, so I can't honestly comment. However, I would be absolutely floored if they had properly fixed that problem. Vista was shipped early and it's a completely new platform. I have higher hopes for the new version of Windows.




1) Indeed, if you are skilled enough to do what you just did, and to run the tools necessary to actually check your open ports (and keep the programs which open ports properly updated - for instance, I would never run things like Adobe Updater in the situation you described) you would probably be okay. However, the vast majority of people do not have that level of skill, so your solution really is not applicable for 99.99% of people out there (computer professionals included, who really don't want to spend the time going through that, and troubleshooting if/when he turns off a service XP actually needs to run properly). This position, again, requires you test your ports regularly to make sure you still have that secure setting, and you severely watch what you install. With XP as my dominant OS, I would not enjoy functioning as that, and I suspect most other users wouldn't like it either.

2) It takes 10 minutes to install a firewall and set it up. (In your case, of course, that doesn't really work, but you are clearly the exception).

Don't assume anti virus and a firewall fully protect you. Web based attacks are increasingly common. Do yourself a favor and install Noscript. Cross site scripting attacks work across all platforms.

- J.

Nezumi: Yeah, that's why I pointed that out. I forget sometimes that other people can't do stuff like that... I think the reason for this is that I setup computers for basically everyone I know, so when I think about people's computers, they're all like that Also, I use what is probably an illegal version of Windows XP, which I pre-configured to have everything fixed. Now don't get me wrong, I only install it on computers for which the user (myself included) has a leagal, paid-for, version installed. And as Microsoft is no longer actively supporting Windows XP (and I don't like vista), updating it myself was the only option. (No, I'm not sending anyone a copy of it, so don't ask (that violates even dumpshock's policy).) But yes, you're correct that most people cannot do this, so it's not really an option. However, I still think that knowing what you're installing and not using outlook are more important than having a firewall or antivirus, as well... I've seen viruses that mess with firewall programs and antivirus programs, so even using them has the possibility of not helping.

Jake: XSS attacks are actually rather limited in Firefox 3. I've written quite a few of them (mostly for explaining to people why their site is not secure (and mostly because I was asked to)), and it takes alot more skill to do with the new version of Firefox (I haven't actually tried hard enough to know whether or not I can), though admittedly, it's not impossible (since the better ones work at the server level as opposed to the client level). As I'm actually a web programmer, I don't take this threat very seriously either. Though others probably should.

AH: Sorry for turning your thread into a discussion of computer security... >_<

Meh. Security is only ever as strong as the weakest link and I sure as hell won't rely on Mozilla or Microsoft alone to protect my browser. IE6 is still the most widely used and liberal HTML rendering engine known to man and full of so many holes you could drive a dumptruck through them.

NoScript ain't perfect but if an attacker has an O-day to bypass NoScript, they've earned the right to access my credit cards and personal data!

- J.

Null perspiration.
Even in the future nothing works.

It's EASY to get a PC compromised.

We manage about 10,000 PCs. When I started we didn't have a firewall or really anything. We had hundreds of machines at any given moment that were totally owned and busy spamming or scanning the internet. With a firewall, an IPS, fairly comprehensive AV we still find about one machine per day that gets compromised. And I don't mean spyware, I mean fully all-out malware We have oodles of spyware, but life is hard and we are not staffed enough to worry about spyware, these are machines that are actively talking to botnet command and control systems.

A lot of the compromises are from ads placed on well-known web sites via the ad services, who take an ad feed from some who ultimately is the Russian Business Network or the various Chinese versions. If you go to the site when it's showing that ad you lose. The active code in the ad will own your PC. It doesn't matter what AV you have, how patched your computer is, etc. If you have javascript and/or java running it will own your box.

Of course even more are from people clicking on the ecard URLs or spam URLs, but they are all installed just by your browser going to a URL.

We get quite a few attacks blocked by the AV software, and we still see machines on the internet that are compromised by 5 year old viruses and are busy looking for hosts to infect.

We used to have to build systems off-line and then install patches from CD because otherwise by the time they were able to download patches and service packs they were fully owned. Ah, the "good-old-days". I love stateful firewalls and NSM.

Heh, something tells me that the matrix probably has a background buzz of malware and kiddie groups going round making a mess.

This then taken care of by wageslave support "spiders" with just enough skill to order squads of agents around, while the next tier up keeps an eye out for the elites, the proverbial ghosts of the machines. The ones that are in it for more then money and quick infamy...

AH, if you still have access to the physical drive, I wouldn't give up on the data just yet.

For one, there are services that specialize in extracting data off of dead HDDs. It can be fairly expensive, but I think it can be done for a few hundred bucks today. I'd recommend some searches for 'data recovery services' and similar.

There's also a cheaper trick I've used in the past to good effect. You buy an external HD enclosure for your dead drive. Then you put your drive in a plastic baggie with some paper towels to absorb condensation, and put it in the freezer overnight. (I'm serious.) Take it out of the baggie the next day, let it defrost for an hour or two, pop it into the enclosure, and plug that into a working machine. If it detects, you might have a few hours to get data off of it.

I'd recommend deciding in advance if the data is worth the price of a professional job before opting for the "thermal technical tap." If it is, just pay it because it's conceivable that the freezer could damage the drive more. The freezer trick is kind of a hail marry, in my opinion --but it's worked for me in the past.

I've also heard of people building clean rooms in the bathroom and doing open-heart surgery on drives in their home. That trick is to hermetically seal the room, steam it up, and then let the steam completely settle and condense, clearing the local atmosphere of dust particles.

That's a bridge too hardcore for this nerd, though.

There is quite literally nothing on that drive worth that much to recover.

When my hard drives die, and no longer work in windows, I have actually had alot of success throwing them into my FreeBSD server, which has a crappy, hacked, read-only NTFS interface. I'm not sure what the difference is here, or what, ultimately, the problem with the drives was, but I've been able to copy everything off of "dead" hard drives more than once. They were both "dead" from the same computer though, so it's possible that it's a specific issue with that box and this won't ever work for anything else. I'm not really a hardware guy, I only know as much as I need to really.

Same here. Next challenge is to see whether this technique will work on a RAID5 set when the hardware controller dies.

I worked at one major Aussie university and we looked after approximately at least 20,000+ machines (that's desktops + servers). Control over various network segments was distributed so it wasn't ALL us, but anyway - we'd occasionally speak to the one person, over and over who was infected. And it would often be the same person. We'd ask what happened, what did they do around the time of the infection, etc. etc. We found out he was pretty much executing every attachment and opening every link he got in email. When we tried to tell him not to do that, he'd tell us it was our job to stop him from being infected in the first place and he'd flatly refuse, stating it was our job to "deal with it". This was a uni professor btw. I suggested "downgrading" his PC to a typewriter until he learned the folly of his ways but this was no well received by my manager.

- J.

We have similar issues... We have some few people who get their computer owned every month or two, others that never do. User education doesn't seems to work on some people unless there is a hammer somewhere... Then there are the spear fishing attacks that look a lot like official campus email going to something that looks just like an official campus site, or the guys that take over the superbowl host web site to serve malware. And then every year or two we get some very smart person somewhere else that tells us about a host attacking his network, which leads us to the boatload of PCs (which are fully patched machines running current AV that are totally owned) doing subtle evil, and after a week of forensics we have NO IDEA how they got owned, or why it was just those particular boxes.

Willful stupidity, bad luck, or a really clever attacker can all get you.

that sounds like a real life stef:
http://www.userfriendly.org/cartoons/stef/