jaclaz

Member
  • Content count

    17,238
  • Joined

  • Last visited

Community Reputation

598 Excellent

3 Followers

About jaclaz

  • Rank
    The Finder

Contact Methods

  • Website URL
    http://jaclaz.altervista.org/

Profile Information

  • OS
    none specified
  • Country

Recent Profile Visitors

3,292 profile views
  1. Well, no. It must be proposed as a Linux distro suitable to people wanting to switch from Windows ... with a suitable GUI and all. jaclaz
  2. Naaah, you cannot seriously assign a trophy to the winner without a contest before. My submission, just in case : http://www.mindblowingidea.com/JULinux/index.html https://sourceforge.net/projects/ultumix/ (the YouTube video had 188 views till now) jaclaz
  3. Just in case : https://countingdownto.com/countdown/freedom-from-windows-10-nagging-countdown-clock# jaclaz
  4. I don' t know, the four "common" cases were given - more or less - in order of probabilities they happen, i.e. #1 is the most common and #4 is the least common, of course there is the chance that the device is perfectly functional but that *something* (malware or - no offence intended - a mistake by the user) actually wiped it or filled it with 00's or partially overwrote its contents. Before giving up it is anyway worth to try imaging it and analyze the image, it could also be a combination of two issues, some malfunctioning of the device (hence the access error in DMDE) that caused only a partial wipe, if this is the case anyway the image will be much faster to deal with. The three golden rules (which you learned the hard way): and, to hopefully cheer you up a little bit: http://www.brainyquote.com/quotes/quotes/c/cslewis103466.html http://www.quotationspage.com/quote/26155.html jaclaz
  5. I would be more worried TODAY if the (surely human) someone is distracted or plainly got the wrong medicine from the pharmacy. If you prefer are you more worried on what WILL happen when all people will be driving Tesla's with "autopilot" watching Harry Potter or about what can happen today because of (human) people are playing Pokemon GO while driving? jaclaz
  6. You need some background. Names like "integral" or "integral Neon" usually mean "nothing", they are just "brands". Inside the small (plastic) case of a USB stick there is a device that - usually - is produced in quantities and what the "brand" does is just creating the design of the case. The device consists (basically) of four parts, a USB connector, a quartz or however "timing" device, one or more Flash (memory) chips and a controller. The controllers are made by a handful of producers, in your case it is Phison. Of course there are several models of these controllers by the same manufacturer, the programs mentioned will help to find which specific model it is. These controllers are (usually) programmed through the USB but use a "special" protocol and set of commands, typically the device is produced "blank" and then it is programmed to be compatible with the Flash chips coupled to it, set removable or fixed, a certain part of the available memory may be reserved for "over provisioning", given a VID and PID, etc., etc. Seemingly your device now is all 00's, in order to confirm this, try making an image of it "as is" (you will need of course around 31 Gb free on your hard disk to store this image), in DMDE you go: Tools->Copy Sectors In the popup as source you click on "Device" and select the USB stick, fields should autocomplete to 0/60566015/60566016, as destination you click on "File" and point it to a folder on your hard disk capable of holding the 31 Gb file. It will take some time to create the image, but the output, is successful, will be a perfect 1:1 copy of what the OS can actually see. Once you have the image, you calculate the MD5 hash of the file (using *any* MD5 hashing tool you may have) as an example: http://www.winmd5.com/ Then you get the given AllZeroHashCalculator and calculate the "virtual" hash of a file filled with 00's the exact same size of the image. If the two hashes are the same it means (as I suspect) that the whole device is seen as filled by 00's. When a stick is defective, usually one of four things happen: 1) *something* in the electronics goes bad and the device is not recognized by the OS or is 0 byte/inaccessible 2) *something* goes wrong (in the software) and the device becomes read only 3) *something goes wrong (in the software) and the device becomes 0 byte in size 4) *something* goes wrong (in the software) and the device becomes all 00's <- this is what I suspect happened on your device In some cases of #2, #3 and #4 a tool by the manufacturer of the controller may exist and (if it exists/is available AND some understandable documentation - most are Chinese - is available) it may be able to correct the error. As you may well understand, it is a looong shot, but it is not like there that many alternatives. Identifying the controller chip and checking if such an utility is available would be the next step. A selected number of professional may be able to do a "chip-off" or a "transplant" of the memory chips and recover data (if still there) but it wont' be easy to find them and it will anyway cost in the order of a few hundreds dollars. jaclaz
  7. It doesn't look good (though it is not yet the case to despair). What you see in the background is the first absolute sector of the device (LBA 0), as you can see it is all 00's, while it should have normally some MBR code, at the very least it should have had a disk signature at offset 440, an entry in the partition table and magic bytes 55 AA at offset 510 if it was a partitioned device or - if it was a "superfloppy" - some bootsector code (and anyway the 55 AA at offset 510 ). The message disk needs to be formatted comes from those 2 bytes missing, but that is not the problem. The device is seen as 60566016 sectors (0 60566015, see top left of your screenshot) which sounds "just right" as 60566016*512=31009800192 i.e. roughly 31 Gb in disk manufacturer terms and 28.8 in OS ones, whilst DMDE is seemingly not capable of accessing sector 6056015 (last sector) this is not in itself a problem, it can happen and you can click on ignore or ignore all. Let's see if it makes progresses... IF nothing is found, try checking sectors LBA 2, 63, 128 and 2048, if also all of them are all 00's the issue may be something in the controller (i.e. it is possible that data is still in the solid state memory chip(s) but for *whatever* reasons the controller inside the USB stick cannot find the data and "simulates" an empty stick). You could make an image of the stick anyway (DMDE has a provision for this but it has to be seen whether it works in this case since last sector has troubles), make a checksum of the image and verify with the zero hash calculator: http://www.edenprime.com/tools/epAllZeroHashCalculator.htm Can you post a link to the exact model of the USB thingy? The controller is seemingly a Phison one (rather common) but if we get to know the exact model there may be other tools (from the controller manufacturer) to try on that stick. Go to this page (Russian, use google translate): http://www.usbdev.ru/ you want to get Chipgenius, ChipEasy AND Usbflashinfo, and provide results of all of them (each tool may be "better" than the other to gather appropriate information"). jaclaz
  8. To be fair, someone that actually bought a surface 3 deserves that , but the US $ 99 fee for support call to be told you need to turn in the machine (and pay the 450 $ for the battery replacement) is a bit too much even for them. http://answers.microsoft.com/en-us/surface/forum/surfpro3-surfhardware/surface-pro-3-battery-degradation/783f6a00-19ba-4dcf-a828-0ad87751e15a?page=5&auth=1 jaclaz
  9. The "allows them" should be read as "allows them or any three or more letters government agency and/or a vast number of hackers as long as they have an internet connection". And "humanoid" actually means "looking similar to a human being" or "having the looks of a human being", not "acting like real people" (BTW I would hope that robots - humanoid or not - would be acting/behaving better than real people ) jaclaz
  10. Only to (hopefully) clear the "theoretical" approach, CleanAfterMe is more a "privacy" tool than a "System" tool for USB, it's main intended scope is to remove traces of several activities on a PC. The USBdeview tool is more suited to selectively remove unused devices: http://www.nirsoft.net/utils/usb_devices_view.html jaclaz
  11. And - for the usual OT , but not much what about US $ 450 for replacing a battery on a one year (or a little more) old Surface 3? http://winsupersite.com/hardware/batteries-certain-surface-pro-3-models-are-degrading-quickly-no-response-microsoft http://winsupersite.com/hardware/surface-pro-3-battery-gate-piecing-it-together On average a US$ 450 over 1 and a half years corresponds to a flat 1 US $/day of repair costs, and it is not like the device is/was actually "cheap". jaclaz
  12. Have a quick look at it in DMDE: http://dmde.com/ And report what you see when you open the device as "PhysicalDrive". Please note how DMDE unlike most "recovery tools" is a professional tool,, so it misses the "I know what is best for you, just click this button" approach of many "automated" recovery tools, you will need to take some time reading its help/documentation in order to begin using it. IF the disk is accessible, next step would be to make an image of it (dd-like, or "forensic sound"), and if such image is created successfully then following attempts to repair/recover should be taken from this image (actually, if possible form a second copy of this image). jaclaz
  13. It should, but there is no way to know for sure, unless you provide a (decent) datasheet for the specific device. Usually (but not necessarily ) USB to TTL adapters that support both +3.3 V and +5 V (that is VCC) devices also support +3.3 V TTL (since they are compatible with +5 V TTL/CMOS levels): http://www.interfacebus.com/voltage_threshold.html But besides the READ-ME-FIRST: the relevant part is titled "SERIAL Voltage and TTL levels" check the actual chip manufacturer (that also produces some cables/adapters) page: http://www.ftdichip.com/Products/Cables/USBTTLSerial.htm it is easy to get by mistake a non-compatible adapter. For that kind of money (I understand that 13.99 US$ are just loose change nowadays, but you can find similar converters for anything between 3 and 8 US$) you can actually DEMAND such information from the vendor, this seems like the exact same one: http://www.dx.com/p/ft232bl-module-usb-to-ttl-board-module-support-5v-3-3v-421177#.V5EREewQVzo but not any added (meaningful) info on the TTL levels. You want the vendor to state that the adapter has 3.3 V TTL level (or both - selectable - 3.3V and 5V TTL levels), like (example): http://www.ebay.com/itm/USB-to-TTL-Serial-Cable-FTDI-3-3V-TTL-for-Arduino-ProMini-Pro-mini-168-328-/281529780316?hash=item418c7b885c:g:jf8AAOxyMxpRqqlM jaclaz
  14. Maye related (or may be not), say bye-bye to peer-to-peer SkyPe: http://www.theregister.co.uk/2016/07/21/cloud_upgrade_for_skype_will_kill_os_x_linux_clients/ jaclaz
  15. Maybe useful, maybe not: http://reboot.pro/topic/9461-page-file-in-usb-hard-disk/ jaclaz