Security Apps

Security Apps

This section contains applications related to security of your information, accounts, browsing, and Internet transactions.

The following are property of Happy Cat Technologies, where applicable and released for public use under the GNU GPL Version 3. Please refer to the license for its terms and conditions. No warranty is made by Happy Cat Technologies or the author as to the fitness, operation, or workability of any application contained here.

AlReaud Mon, 06/06/2011 - 13:03
Tags

Content Management System Backup Scripts

Content Management System Backup Scripts

Your content management system (CMS), and more importantly it's associated database tables, are subject to damage and attack. While most hosting providers provide daily backups, there are other tasks that necessitate tasks similar to backing up a CMS site.

The following set of scripts were adapted from scripts generated by Bristolguy on Drupal.org. Feel free to use or modify the following as required. They are released under the GNU-GPL  Ver. 3, following the original license.

Throughout these pages we will refer to a folder called testing.server. That is a folder in the document root of the testing server which is empty, is read only, and is created for just the purpose of flagging the server as being the testing server.

AlReaud Wed, 01/18/2012 - 19:44

Backing up the CMS Database

Backing up the CMS Database

Revised: 2016-09-12, Al Reaud, Happy Cat Technologies

The CMS database is the heart of any content management system. It's loss or damage will result in the loss and or damage of all of your hard work, and that of your commentators, posters, and contributors. Below, are two scripts that complement each other, one backs up the database into a SQL file, the other restores it from a SQL file.

This script also allows porting between a testing server and the on-line site. In the script is a test for a folder called testing.server, discussed in the first page of this series, which differentiates between the server on-line and the testing server.

The shell script is available here for your convenience, demo.backup_db.sh.txt and demo.restore_db.sh.txt.


backup_db.sh
#! /bin/bash
#
# DATABASE BACKUP SCRIPT V1.2.20160912
# (C) 2010-2016, Happy Cat Technologies, Al Reaud
# Insure that this script IS NOT visible outside of the hosting account as it contains critical security information.

echo ""
echo "DATABASE BACKUP SCRIPT V1.2.20160912"
echo "(C) 2010-2016, Happy Cat Technologies, Al Reaud"
echo ""

# Configuration
_RED=`tput setaf 1`
_GREEN=`tput setaf 2`
_RESET=`tput sgr0`
_dbname='database name, may be the database user name also' # (e.g.: _dbname='drupaldb')
_dbuser='database user name, may be the database name also' # (e.g.: _dbuser='drupaluser')
_dbhostlocal='localhost'    # (domain name of the local database host, or IP address. e.g. _dbhostlocal='localhost')
_dbhostremote='site.db.username.hostingprovider.com' # ( domain name of the remote database host, or IP address. e.g.: _dbremotehost='site.db.username.hostingprovider.com')
_dbpwd='database password'
_docrootlocal='html'     # (e.g.: _docroot=public_html)
_docrootremote='html'
_sitenamelocal='sitename.test_backup-'        # (site names for file name prefixes. e.g.: _sitenamelocal='sitename.test_backup-' for the local site)
_sitenameremote='sitename_backup-'
# Include trailing slash, /, for _wwwbaselocal and _wwwbaseremote.
_wwwbaselocal='/var/www/site.directory/'     # (directory on the local host where the site document root is. e.g.: _wwwbaselocal='/var/www/site.directory/')
_wwwbaseremote='/var/chroot/username/'        # (directory on the remote host where the site document root is. e.g.: _wwwbaseremote='/var/chroot/username/')

# This first test below checks whether we are on the local server or on the production server. In the document root of the local server, one creates an empty file called testing.server, such as with the bash command "touch testing.server" and then locks it read only.
if [ -e $_wwwbaselocal$_docrootlocal/testing.server ]; then
  _dbhost=$_dbhostlocal
  # Default Output File Base Name
  _backupbasename=$_sitenamelocal
else
  _dbhost=$_dbhostremote
  # Default Output File Base Name
  _backupbasename=$_sitenameremote;
fi
# Form rest of name as a time stamp.
_datestamp=`date +'%Y%m%d-%H%M'`
_backupname=$_backupbasename$_datestamp.sql

echo "Backing up $_dbname to $_backupname..."
mysqldump -h $_dbhost -u $_dbuser -p$_dbpwd $_dbname > ./$_backupname
if [ $? -eq 0 ]; then
    echo "${_GREEN}DONE!${_RESET}"
else
    echo "{_RED}FAILED, DATABASE BACKUP DID NOT COMPLETE CORRECTLY!${_RESET}"
fi

 



restore_db.sh
#! /bin/sh
#
# DATABASE RESTORE SCRIPT V1.2.20160912
# (C) 2010-2016, Happy Cat Technologies, Al Reaud
# Insure that this script IS NOT visible outside of the hosting account
# as it contains critical security information.

echo ""
echo "DATABASE RESTORE SCRIPT V1.2.20160912"
echo "(C) 2010-2016, Happy Cat Technologies, Al Reaud"
echo ""

# Configuration
_RED=`tput setaf 1`
_GREEN=`tput setaf 2`
_RESET=`tput sgr0`
_dbname='database name, may be the database user name also' # (e.g.: _dbname='drupaldb')
_dbuser='database user name, may be the database name also' # (e.g.: _dbuser='drupaluser')
_dbhostlocal='localhost'    # (domain name of the local database host, or IP address. e.g. _dbhostlocal='localhost')
_dbhostremote='site.db.username.hostingprovider.com' # ( domain name of the remote database host, or IP address. e.g.: _dbremotehost='site.db.username.hostingprovider.com')
_dbpwd=_dbpwd='database password'
_docrootlocal='html'         # (e.g.: _docroot=public_html)
_docrootremote='html'
# Include trailing slash, /, for _wwwbaselocal and _wwwbaseremote.
_wwwbaselocal='/var/www/site.directory/'     # (directory on the local host where the site document root is. e.g.: _wwwbaselocal='/var/www/site.directory/')
_wwwbaseremote='/var/chroot/username/'        # (directory on the remote host where the site document root is. e.g.: _wwwbaseremote='/var/chroot/username/')

# Make sure a filename was specified!
if [ -z $1 ]; then
    echo "${_RED}Unable to continue, no restore source file specified.${_RESET}"
    echo "Usuage: ./restore_db.sh restore_filename.sql"
    exit 1
fi

# Make sure the file is there and isn't empty, but we can't check that it is actually SQL.
if [ -e $1 ]; then
    if [ ! -s $1 ]; then
        echo "${_RED}Unable to continue, restore source file${_RESET} $1 ${_RED}is empty.${_RESET}"
        echo "Usuage: ./restore_db.sh restore_filename.sql"
        exit 1    
    fi
else
    echo "${_RED}Unable to continue, restore source file${_RESET} $1 ${_RED}doesn't exist.${_RESET}"
    echo "Usuage: ./restore_db.sh restore_filename.sql"
    exit 1
fi

# Make sure we really want to do this!
echo "ARE YOU REALLY SURE YOU WANT TO RESTORE THE DATABASE FROM "$1
echo "Enter 'y' to Continue, anything else to quit."
read _response
if [ "$_response" != "y" ]; then
    echo "${_GREEN}User quit!${_RESET}"
    exit 3
fi
echo ""

# This first test below checks whether we are on the local server or on
# the production server. In the document root of the local server, one
# creates an empty file called testing.server, such as with the bash
# command "touch testing.server" and then locks it read only.
if [ -e $_wwwbaselocal$_docrootlocal/testing.server ]; then
  _dbhost=$_dbhostlocal
  # Default Output File Base Name
  _backupbasename=$_sitenamelocal
else
  _dbhost=$_dbhostremote
  # Default Output File Base Name
  _backupbasename=$_sitenameremote;
fi

echo "RESTORING $_dbname from $1 ..."
# Restore the database.
mysql -u$_dbuser -p$_dbpwd $_dbname < $1
if [ $? -eq 0 ]; then
    echo "${_GREEN}DONE RESTORING DATABASE!${_RESET}"
else
    echo "${_RED}AN ERROR OCCURRED AND THE DATABASE WAS NOT RESTORED!${_RESET}"
fi
AlReaud Wed, 01/18/2012 - 19:51

Backing up the whole site

Backing up the whole site

Revised: 2016-09-03, Al Reaud, Happy Cat Technologies

The following script integrates backing up the database with backing up the site code. Please note that descriptions place-hold for actual values in the script. Those actual values must be edited in, depending on your site configuration, for the script to work.

This script is adapted from the updated fullsitebackup.sh script created by Bristolguy on Drupal.org. This script is currently operational on Ubuntu 16.04, and has not been tested on other versions of Linux.

The shell script is available here for your convenience, demo.full_site_backup.sh.txt.

full_site_backup.sh
#! /bin/bash
#
# Al Reaud, Happy Cat Technologies
# Adapted from https://www.drupal.org/node/129202
# fullsitebackup.sh V1.2.20160903
# Full backup of website files and database content. Insure that this script IS NOT visible outside of the hosting account as it contains critical security information. A number of variables defining file location and database connection information must be set before this script will run. Files are tar'ed from the root directory of the website. All files are saved. The MySQL database tables are dumped without a database name and and with the option to drop and recreate the tables.
#
echo ""

# Configuration
_dbname='database name, may be the database user name also' # (e.g.: _dbname=drupaldb)
_dbuser='database user name, may be the database name also' # (e.g.: _dbuser=drupaluser)
_dbhostlocal='localhost'    # (usually what it is on the local server)
_dbhostremote='localhost'     # (also what it is on the remot server, but may be an IP address)
_dbpwd='database password'    # (don't let this slip away or so will your database...)
_docrootlocal='where the actual website resides on the local server'  # (e.g.: _docroot=html)
_docrootremote='where the actual website resides on the remote server' # (e.g.: _docroot=public_html)
# Include trailing slash, /, for _wwwbaselocal and _wwwbaseremote.
_wwwbaselocal='the full path name to the directory where the document root is on the local server'        # (e.g.: _wwwbaselocal=/var/www/)
_wwwbaseremote='the full path name to the directory where the document root is on the remote server'    # (e.g.: _wwwbaselocal=/chroot/user/)
_sitename='example.com'    # (e.g.: _sitename=example.com)
_tmpbckdir='temp'        # (can be anything but temp or tmp is prefered)

# This first test below checks whether we are on the local server or on the production server. In the document root of the local server, one creates an empty file called testing.server, such as with the bash command "touch testing.server" and then locks it read only.
if [ -e $_wwwbaselocal$_docrootlocal/testing.server ]; then
  echo "fullsitebackup.sh V1.2.20160903-$_sitename.test"
  _dbhost=$_dbhostlocal
  # Website Files
  _webrootdir=$_wwwbaselocal$_docrootlocal  # (e.g.: _webrootdir=/home/user/html)
  _backupdir=$_wwwbaselocal'backup'            # (the suggested name of the backup directory on the local server)
  # Default TAR Output File Base Name
  _tarnamebase=$_sitename'.test_backup-';
else
  echo "fullsitebackup.sh V1.2.20160903-$_sitename"
  _dbhost=$_dbhostremote
  # Website Files
  _webrootdir=$_wwwbaseremote$_docrootremote    # (e.g.: _webrootdir=/chroot/user/public_html)
  _backupdir=$_wwwbaseremote'backup'             # (the suggested name of the backup directory on the remote server)
  # Default TAR Output File Base Name
  _tarnamebase=$_sitename'_backup-';
fi

#
# Variables
#
echo " .. Setup"
# Form rest of name as a time stamp.
_datestamp=`date +'%Y%m%d-%H%M'`

# Get in Execution directory (script start point)
pushd $_backupdir
_startdir=`pwd`
# Temporary Directory
_tempdir=$_tmpbckdir$_datestamp
if [ ! -d $_tmpbckdir$_datestamp ]; then
   # Create temporary working directory
   mkdir $_tempdir
fi

#
# Input Parameter Check
#
if test "$1" = ""
  then
    _tarname=$_tarnamebase$_datestamp.tgz
  else
    _tarname=$1
fi
echo "    done"

#
# TAR website files
#
echo " .. TARing website files in $_webrootdir"
cd $_webrootdir
tar cf $_startdir/$_tempdir/filecontent.tar .
echo "    done"

#
# sqldump database information
#
echo " .. sqldump'ing database:"
echo "    user: $_dbuser; database: $_dbname; host: $_dbhost"
cd $_startdir/$_tempdir
mysqldump -p$_dbpwd --user=$_dbuser --host=$_dbhost --add-drop-table $_dbname > dbcontent.sql
echo "    done"

#
# Create final backup file
#
echo " .. Creating final compressed (tgz) TAR file: $_tarname"
tar czf $_startdir/$_tarname filecontent.tar dbcontent.sql
echo "    done"

#
# Cleanup
#
echo " .. Clean-up"
cd $_startdir'/'$_tempdir
# Make it safer...
if [ $? -eq 0 ]; then
    rm filecontent.tar dbcontent.sql
    cd $_startdir
    rmdir $_tempdir
fi
echo "    done"

#
# Exit banner
#
echo " .. Full site backup complete"
echo ""
popd
AlReaud Wed, 01/18/2012 - 20:52

Spreadsheet Implementation of DiceWare Passphrase Generation

Spreadsheet Implementation of DiceWare Passphrase Generation

DiceWare was developed by Arnold G. Reinhold in 1995 as “a better way to create a strong, yet easy to remember passphrase for use with encryption and security programs.” This form of passphrase generation allows for random pass-phrases that not related to the user in any way. The implementation is a Microsoft Excel (xls) or Oracle Open Office (ods) spread sheet using Visual Basic for Applications and Open Office Basic respectively.

Documentation is included in the file itself. To select a different pass-phrase, change any empty cell. You can change the same cell over and over again to change the pass-phrase. It is recommended that the spread sheet file be saved read only.

Though usable, this application does not use the latest DiceWare word list, and could be improved with the addition of different language versions. Other language versions of the list are available on the DiceWare site.

AlReaud Fri, 06/03/2011 - 16:41

File Cleaner Pro - Version 1.2.0.0

File Cleaner Pro - Version 1.2.0.0

NOTE 10/8/2016: This application is cobwebbed, and is retained for archival purposes. It is only validated in Microsoft® Windows XP. Users on later versions of Windows WILL find this application inoperable without modification. Please use with caution and at your own risk! Happy Cat Technologies will not be updating this application as we do not have Windows platform machines except for Wine and Windows XP. This application is redundant now that the shell command shred is available.

© 2004-2016, Alfred P. Reaud, Happy Cat Technologies

Table of Contents:

  1. Introduction.
  2. Who is this application targeted to.
  3. Who shouldn't use this application.
  4. Why should you use this application.
  5. How it works.
  6. User Interface.
  7. Cautions.
  8. Other Notes.
  9. Random Number Generation.
  10. Known Bugs and Other.
  11. Download FileCleanerPro.
  12. References.

Introduction:

This is the professional version of the original File Cleaner, an application for Windows 98, now named FileCleanerPro.  It is available under the GNU-GPL Ver. 3, and is a much improved, debugged, and memory checked version of the original application.  Primarily developed for the Microsoft® Windows XP platform, it addresses concerns over the security of information on any Microsoft® Windows compatible computer system.  Full documentation is included with the download package.


Who Is This Application Targeted To:

This application is targeted to anybody who requires absolutely secure deletion of information from a hard drive short of physical destruction of the media itself.  Private individuals, legal firms, corporate patent offices, law enforcement agencies, local and county governments, state governments, the federal government, and military clients will get the most use out of this application.  FileCleanerPro will securely overwrite folders and their content, with both the random character generation and wipe patterns designed to permanently erase information from the media.  Both methods employ and are scrambled by long period random number generators that pass all of George Marsaglia's DieHard1 random number generator tests.
 

Who Shouldn't Use This Application:

If you're a pederast, or are engaging in any kind of criminal activity that you wish to erase from your computer, then this application isn't really for you.  Though this application is designed with the idea of secure erasure of information from a computer's hard drive, it actually doesn't erase all of the tracks of your Internet transactions, and wasn't designed to do so.  It will also not erase the tracks of your Internet transactions from your Internet Service Provider (ISP).  Your ISP may record where you visit on the Internet, and what you download, above and beyond any record of your transactions on your machine.  Though this application will erase some of the tracking, and anything you may download off of the Internet, neither Happy Cat Technologies nor this author are responsible for your arrest and subsequent imprisonment if you are visiting child pornography sites or soliciting criminal activity!

If you are intending to securely wipe a whole hard drive, then you probably shouldn't use this application either.  You would find it easier and more secure to physically destroy the drive and buy a new drive. It would be very time intensive to securely wipe a 70 GB hard drive, in example (which were current as of the date of originating this post. Today, 10/2016, drives of 500GB and 1TB are common), as the secure wipe pattern entails 35 separate writes to every file that you wish to securely wipe.  Conservative estimation of the time required to securely wipe a 70 GB hard drive is about 4.9 million seconds, or 56.71 days!  Obviously not for you!

Finally, this application is also not intended for Flash Drives (Lexar, Sony, etc.).  Flash drives operate on the principle of charge tunneling, and are not susceptible to analysis via magnetic force microscopy, nor are the write patterns optimized for Flash type media.  However, FileCleanerPro will work on your Flash Drive, at a reduced speed as compared to a hard drive.

Nor is this application intended to work with hardware cached drives. Hardware caching defeats the secure wipe pattern mechanism, rendering the application useless.
 

Why Should You Use This Application:

It's a relatively fast (for the processing involved), and very efficient piece of code that does something none of the others do, and that is actually wiping the information from your hard drive so that it is unrecoverable via even magnetic force microscopy, at least in theory (The author doesn't have the lab resources to prove it, that's up to you if you're up to the challenge).  There's no extra bells, whistles, or packaging, and it uses some very sophisticated coding to insure that the data you wish to destroy is actually irrevocably denied.  You should use this application if you have critical information that encompasses a folder or set of folders, at most, and you don't wish to physically destroy the hard drive. 
 

How it works:

FileCleanerPro works by insuring that the data is actually erased from your hard disk, rather than just placing it into the Recycle Bin, or just simply deleting it from your directory structure with low level commands.  Further, FileCleanerPro uses proprietary methods to insure that the information is unrecoverable by implementing the methods described in Secure Deletion of Data from Magnetic and Solid-State Memory2 available from SourceForge

FileCleanerPro, with Operate on Temporary Internet Files checked, starting from the folder "C:\Documents and Settings", recursively searches for the following folders:

  1. "Temporary Internet Files",
  2. "History",
  3. "Cookies",
  4. "Content.IE5",
  5. "History.IE5",
  6. "#SharedObjects" if it's a sub-folder of any folders titled "Macromedia",
  7.  "Cache" if it's a sub-folder of any folders titled "Java", "Mozilla", or "FireFox",
  8. "Cache.Trash" if it's a sub-folder of any folders titled "Mozilla", or "FireFox",
  9. "nim" if it's a sub-folder of any folders titled "Mozilla",
  10. "Temp",
  11. "QuickTime", only operating on files "*.qtr" and "*.mov",
  12. "Media Player", only operating on files "*.wmdb", "*.wpl", and "*.bin"

FileCleanerPro further insures that no folder names are duplicated in the search, as in example, "Content.IE5" is a subfolder of "Temporary Internet Files". 

There are four modes of operating to FileCleanerPro:

  1. Scan.  This is the mode of operation used when no Mode Enables are checked.  FileCleanerPro scans either the specified folder or the folders where IE and other application are known to have placed temporary Internet files and counts them, and the files they contain.  No other operations are preformed on these folders and/or files.  It is highly recommended that you first use FileCleanerPro with no enable boxes checked to insure compatibility with the operating system installed on your computer. 
     
  2. Simple Delete.  Simple delete just removes the files and folders in question.  With Operate on Temporary Internet Files checked, FileCleanerPro's operation is very similar to using the Internet Options tool for deleting the content of temporary Internet file folders, however it is significantly faster.  This mode is relatively insecure, and is not recommended for sensitive data, as the data can be recovered by accessing the hard disk at a very low level, i.e. accessing the hard disk sectors and clusters themselves.
     
  3. Simple Wipe.  Simple wipes (scrambles) the files prior to deleting with pseudo-random characters generated by an implementation of The Mother3 random number generator (RNG).  Please read the Random Number Generator section.  Files are individually committed to the hard drive at the end of wiping to insure that you are actually writing to the hard drive and not to a system or media cache.  This form of wiping may be recovered by sophisticated means as described in reference [2] and therefore should not be used for sensitive or critical data.
     
  4. Confidential Wipe.  This is the second level of security provided by FileCleanerPro.  Prior to deleting, the MFM patterns specified in reference [2] are written to the file and then the file is written one final time with pseudo-random characters as in simple wipe above.  Further, the sequence of MFM patterns is scrambled for each file based on an implementation of the Wichman and Hill procedure4.  This mode is not recoverable except possibly by certain technologies that are described in reference [2], such as magnetic force microscopy.  Confidential wiping should be used for any critical or sensitive data that it's important to prevent casual access to.  Files are again committed to the media at the end of each pattern operation.
     
  5. Secure Wipe.  This is the best level of security; however, it is computationally intensive.  Prior to deleting, the file is first overwritten four times by psuedo-random characters based on the Mother RNG.  Then the full suite of 27 patterns specified in reference [2] is written.  Finally, another four overwrites using pseudo-random characters is done.   Again, the sequence of patterns is scrambled using the Wichman and Hill procedure4 implementation.  This mode is very secure, and it is doubtful that the original information will be recoverable even with the means described in the reference [2].  It is recommended for information requiring the highest security, and should defeat even the most determined attempt to recover it.  The drawback to this mode is that any one file is overwritten thirty five times, with the corresponding high processing overhead.  Therefore it should be used only when it is deemed that the security of the information is critical.  Files are also committed to the media at the end of each pattern operation
     

User Interface:

The user interface is straightforward.  Figure 1 shows the user interface as it appears on startup, scanning mode, before processing any folders.  Figure 2 shows the user interface as it appears during operation, with a warning box showing, due to the fact that the user has requested a caution folder, i.e. the root of the C:\ drive.   Figure 3 shows the user interface during an actual Secure wiping operation on the temporary Internet file area on a Dell Optiplex GX280 running Windows XP Professional.  This is a worse case scenario, time-wise, and is used as an example of the processing time required to handle secure wiping. Figure 4 shows the completion of the Secure wipe cycle, showing that out of 451 files found, only 392 files where able to be deleted due to ownership and access errors. Figure 4 also shows the estimated time computation bug mentioned below, with the estimated time being reported as 11 min. 36 seconds, and the actual completion time being ~9 min. 34 sec. The difference between the count of files found vs. the count of files deleted (and securely wiped, which doesn't show on this picture but is reported on the line above the top line) is due to not running under full ownership privileges.  Some of the files and folders operated on where in areas outside of the ownership of the user, or where locked due to IE still being active, hence the 55 ownership errors.  The eight access errors indicated in Figure 4 result from Internet Explorer crashing during execution of this application, for the reasons listed below, and those files where no longer available for wiping with respect to the file list that is generated after the Start button is pressed.  This is an issue resolved by closing all IE windows prior to clicking the Start button on FileCleanerPro.

FileCleanerPro GUI sample.
Figure 1

  FileCleanerPro GUI sample, running, with warning window.
Figure 2

FileCleanerPro GUI sample, running, TIF execution sample
Figure 3

 

FileCleanerPro GUI sample, idle, with status example.
Figure 4

The user interface detailed description is as follows: (all user inputs have tool tips associated with them, and please use the browser Back button to return from following a link.)

  1. Operate on Temporary Internet Files:  With this check box is checked, FileCleanerPro will operate in the IE (and other browser) temporary Internet file area.  Depressing this button disables the controls in the Folder Operations box, described next.  If you don't depress this button then you must enter a valid folder name in the Operate in Folder Text Box or you will get a warning window.
     
  2. Folder Operations:  This box has an input text box for the name of the folder on which you wish to start operations in.  The box also contains a Recursive Folder Operations check box.  No Enter or Return is required.  However, valid Microsoft® Windows folder names are required, and testing is done to insure that the name is valid.  Any syntactical errors in this dialog input text box will result in a warning window popping up explaining the error.  This box is only enabled if the Operate on Temporary Internet Files check box isn't checked.
     
  3. Recursive Folder Operations:  This check box enables recursive search and operation down thought the folder tree of the folder whose name is input into the input text box above it.  It has no effect while in Operate on Temporary Internet Files mode.
     
  4. Mode Enables:  This box of controls enables the different modes that a user may select to operate on files.  These check boxes are interactive.  Un-checking Delete will also un-check Simple Wipe, Confidential Wipe, and Secure Wipe, as all of those operations imply deletion of the file at the end of wiping.  Simple Wipe, Confidential Wipe, and Secure Wipe are also mutually exclusive, with only one capable of being checked at one time.  Checking any of those three will also check the Delete check box as the wiping operations require a delete operation to complete.  The completion status of these options will be displayed in the File Cleaner Status/Results box.  Operation is benign with no Mode Enable boxes checked. 
     
  5. Delete:  Check this box to enable simple file deletion, as described above.  If this box isn't checked, FileCleanerPro just scans the given folder or the Internet browser temporary file area for files on which to operate.  It is highly recommended that you first use FileCleanerPro with no enable boxes checked to insure compatibility with the operating system installed on your computer.  Also use FileCleanerPro with no enable boxes checked on the first instance of use in a named folder before enabling any option.
     
  6. Simple Wipe:  Check this box to enable simple wiping as described above.  Wiping is a non-recoverable process and should be used with caution.  This is why the author recommends that you first use FileCleanerPro with no options enabled.
     
  7. Confidential Wipe:  Check this box to enable wiping using the MFM patterns specified in reference [2].  This wiping is also a non-recoverable process, and again should be used with caution.
     
  8. Secure Wipe:  Check this box to enable secure wiping using the full suite of patterns as described in reference [2].  Secure wiping is also a non-recoverable process and should be used with caution.   Again, this is why the author recommends that you first use FileCleanerPro with no options enabled on first pass.
     
  9. Execution Status:  This progress bar shows that the application is active and working.  As the application may appear locked up during wiping to large files, this progress bar was implemented to show that the application is active.  It is synced to a 500 millisecond timer that increments the bar and then clears it at 8 seconds elapsed time.  If this bar is not active, it shows that the application may be halted or has some other unknown problem.  If this persists for an appreciable length of time, ~1 minute, close the application and restart it.  If the problem persists, contact the application author.
     

  10. Options:  This box of controls shows any options available to the user.  Currently there is only one, Log to File.
     
  11. Log to File: This check box controls whether FileCleanerPro logs its operations to a file in its startup folder named FileCleanerPro.log.  Logging captures the start and ending time and date of the operations, and the folders and files found.  It also indicates whether a folder is to be done, and what where the steps taken on the contents.  The file is overwritten every time that this check box is checked and the Start button is clicked.  A sample log file is available here.
     

  12. Progress Bar:  This bar shows the progress of FileCleanerPro while operating on files and folders.  Its progress depends on the count of files, the mode selected, the speed of your disk drive and computer, and on any system, disk, and processor resources consumed by other applications that are active at the same time. 
     
  13. Start:  This button starts processing of the named folder or the temporary Internet file area respective of the options selected.  Depressing this button disables all other user input except for the ABORT button, as shown in Figure 3.  However the Window Close, Window Close button image., and Window Iconize, Window Iconize button image., buttons are still active, and will do their respective functions.
     
  14. ABORT:  This button aborts any processing that is currently occurring at the end of the current media write.  Depress this button immediately if you change your mind about deleting or wiping the area FileCleanerPro is operating in.  This button also re-enables all user inputs except possibly the Folder Operations input text box depending on the state of the Operate on Temporary Internet Files check box.  However, see the cautions section for further information.
     
  15. Cancel:  This button cancels FileCleanerPro, similar to the Window Close Window Close button image. button.  Use either to terminate the application.
     
  16. File Cleaner Status/Results:  This text box displays the current application status and results of the operations performed on the named folder or the temporary Internet file area.  Items displayed are folder and file counts, read only file counts, access error counts , ownership error counts, and elapsed processing time.  As an example in Figures 3 and 4, it took ~10 minutes to securely wipe and delete 392 files, for an average processing time of 1.46 seconds per file.  Also, please observe that FileCleanerPro reported 345,827,930 characters in these files, which averages out to 1.66 microseconds per character, which corresponds to the timing established for the random number generators plus overhead.  This results from 35 writes to each file, so the actual file character count was ~9.88 megabytes.  Each instance of use may indicate different results in this box, and you should observe these status indicators over time to familiarize yourself with the idiosyncrasies of your system's interactions with FileCleanerPro, which will help in detecting problems, if they occur.


Cautions:

Please be cautious with the use of FileCleanerPro.  At minimum, you could delete data you actually want to keep by careless, negligent, or malicious use.  It is recommended that if you are operating in a folder, that you first view the folder with Windows Explorer (synonymous with the My Computer icon), and right click on the folder name to get the Properties window open.  Observe the count of files reported in the Properties window for the folder, and then use FileCleanerPro in scan mode to verify the count of files.  Any discrepancy in the file counts between the folder Properties window and the count of files found reported in the File Cleaner Status/Results text box probably indicates files with the hidden attribute set.  These hidden files may also be system files and wiping or deleting them could have significant effects on the operation of your computer.  Deleted files sometimes may be recovered, however FileCleanerPro does not use the Windows Recycle Bin, and it will take a low-level file utility to recover deleted files.  That is provided that they haven't been wiped!

Again, I must reiterate that wiping in any mode is an unrecoverable process except possibly by those technologies mentioned reference [2].  Wiping in Secure mode is an absolutely unrecoverable process.  Implementation of file recovery based on the techniques covered in reference [2] will probably not be cheap.  Further, neither this author nor Happy Cat Technologies will be responsible for careless, negligent, and/or malignant use by any individual who uses FileCleanerPro.

Finally, with the above two paragraphs in mind, please be sure that you actually want to do what you configured FileCleanerPro to do before you press that Start button!


Other Notes:

A good way to test the operation of this software is to, first of all, download the package and install the executable in an appropriate folder.   Then go onto a website with images and browse around.  After that select the File -> Work Offline option from the Windows dropdown menu bar on your browser.  Use FileCleanerPro with delete enabled, and then attempt to refresh the page while staying offline, which will give a warning window titled "Web page unavailable while offline."  Select the "Stay Offline" button and you should see significant differences in the web page!  This is because files being used by the webpage have been deleted and when it attempts to refresh the page from the temporary Internet file cache, those files are no longer present.

This author would recommend that Linux/Unix users not attempt to use FileCleanerPro, as it's designed with Microsoft® Windows operating system in mind.  Results of it's use on Linux/Unix systems, are to say the least, unknown!

FileCleanerPro has been verified on the following operating systems and machines:

  1. Windows XP Professional Version 5.1.2600 Service Pack 1 Build 2600
    1. Dell Optiplex GX260
    2. Dell Optiplex GX280
    3. Dell Dimension 8300
       
  2. Windows XP Home Version 5.1.2600 Service Pack 1 Build 2600
    1. Dell Dimension 2400
       
  3. Windows 2000 Professional Version 5.0.2195 Service Pack 4 Build 2195
    1. Dell Optiplex GX240

The un-recoverability of information after using File Cleaner Pro using magnetic force microscopy has not been verified.  Please feel free to test it out for yourself if you have the technical expertise and required equipment.  Though I do have the technical expertise, I lack the required equipment.  If after doing 35 data overwrites the data is still present on your hard drive, then your only option is to physically destroy the media.  Please notify the author in that event.

Timing tests on a test file set of 1000 files containing 996,481 bytes of data, created with Test File Generator, indicate the following average data:

  • Scan - 0.11 seconds, 110 microseconds per file.
  • Delete - 0.546 seconds, 546 microseconds per file
  • Simple Wipe - 21.093 seconds, 21.1 milliseconds per file, 21.2 microseconds per file character.
  • Confidential Wipe - 194.219 seconds, 194 milliseconds per file, 195 microseconds per file character.
  • Secure Wipe - 16 minutes, 20.1 seconds (~980 seconds), 980 milliseconds per file, 984 microseconds per file character.  (This is while doing other things such as checking e-mail, composing this page, browsing the Internet, etc.)
     

Random Number Generation:

Random number generation is a complex topic, with many references and papers available on the subject.  There is no such thing as a truly random number generator, at least with respect to computer applications not dealing with quantum computation.  Therefore, all random number generators are actually pseudo-random number generators.

Research into random number generation using standard library functions showed that while the library random number generator was very fast, it was extremely poor as a pseudo-random number generator, having severe deficiencies in period, spread, etc.  The random number generators used in this application where researched and tested for long period, repeatability, and most importantly, that they pass the Diehard1 tests.  They have both been statistically tested to insure that they fit the criterion for randomness.  However, they are slow, with respect to the standard library random number generator.

A problem with pseudo-random number generators is that if you know the seed value, you can reproduce the random number sequence.  This is a flaw in any pseudo-random number generator due to its very nature, that being that its output is the result of deterministic computations.  Therefore, to insure that the seed value is irreproducible, steps where taken to make the seed value indeterminate.

The primary random number generator used, Mother, is an implementation of the ideas proposed in George Marsaglia, "The Mother of All Random Generators"3  This implementation of it has been significantly tested via Diehard1, and also via Microsoft® Excel (with a reduced size dataset), on data sets of 300,000,000 16-bit integers.  As opposed to the C++ standard library function rand(), it is excellent, albeit rather slow.  It comprises 17 lines of C++ code in integer math, and has an execution time of ~200 nanoseconds per number on a Dell Optiplex GX280.  Statistics are available on request (Excel file: ~6.6MB, Diehard results: 49KB text file.), as well as the code used to generate the data files.  On a given sample run (~300MB data file size), it's overall p-value after applying KStest on 269 p-values is 0.321958, with an average p-value of 0.490444.  The exact results of the Diehard tests appear to be seed dependent, and do vary, however the values are always within acceptable ranges for both Mother and Secure I, below.

The secondary random number generator, named Secure I, is used to scramble the wipe pattern sequence, and is an implementation of the Wichman and Hill procedure4.  It comprises 11 lines of C++ code in integer and double precision math.  Secure I has been tested in the same fashion as Mother, and has an execution time of ~975 nanoseconds (i.e. very slow, on the same machine as above).  The statistics information and generating code is also available on request (Excel file: same as above, ~6.6MB, Diehard results: 49KB text file).  Secure I's (with an ~300MB data file size) overall p-value after applying KStest on 269 p-values is 0.771651, with an average p-value of 0.494344.

Finally, as an example, the C++ standard library random number generator, rand(), has an overall p-value after applying KStest on 269 p-values of 0.000000, with an average p-value of 0.561792.  This is a significant failure of randomness!  With respect to Diehard, George Marsaglia's DIEHARD Test Suite is very complete and has been used by companies such as RSA to evaluate their cryptography products.  The test suite includes around 14 tests.  A description is included with the program and makes an amusing read: not only because of the funny names (e.g., the Parking Lot test) they have but also because they seem surprisingly convoluted. Most of them return a p-value that should be in the range [0,1].  Occasional values could be near 0 or 1.  For a very bad sequence you might see a p-value like 1.000000 or .00000."5 (authors italics and underline)  The best possible p-value is 0.500000.  An example is a DNA test from the Diehard test suite for the Mother implementation, using an ~350MB data file.  The test line identified that it was using bits 9 to 10, where the expected mean number of missing words is 141909, and Mother came up in this instance with a value of 141910.  The z-score that resulted was 0.0020, with a p-value of 0.500789.

Further documentation on random number generators is available by Googling for them, and from references [6] and [7].
 

Known Bugs and Other:

  1. The estimated time to completion is incorrect for numerous reasons.  One is that the statistics used to determine the time per character where taken on a previous version of the product using a different graphical user interface and algorithm.  Another is that there is no way to actually predict, in advance, system overhead.  New statistics will be taken and new time computation parameters will be generated thereof.
     
  2. Though not a bug, processing in Secure Wipe mode is time intensive.  A further issue is releasing processing tasks for pending system events, which causes more processing overhead.  This is due to the fact that this is a cleanly written application which will not hog system resources.

As of the time this release FileCleanerPro has no other bugs known to the author.  Please contact the author if you find a bug.  The beta version will have free debugging for its lifespan.  Also, if you wish to see this application updated for previous versions of Microsoft® Windows that is inoperable on (if that is the case), please again contact me with the issue, and I'll modify the software to suit that operating system version.

If you experience any type of memory error warnings from Internet Explorer (IE) or other browser during any operation of the browser after using FileCleanerPro in Operate on Temporary Internet Folders mode, or your browser crashes, this is not a bug in FileCleanerPro.  What has occurred is that a file necessary to the browser has been overwritten with random data and/or deleted.  It could be annoying, in that the browser crashing will cause all open browser windows to close.  Therefore, if you experience this kind of error, please close all browser windows before using FileCleanerPro.  So far, it's only an issue with Internet Explorer, and depends on the web page code, such as JavaScript's and Java applications.
 


Download File Cleaner Pro:

This demo version of File Cleaner Pro is freeware, and is unrestricted.  It is released under the GNU General Public License, Version 3 as the source code is now included in the release.

Download FileCleanerPro 1.2.0.0-20060320.zip (~1,107KB) now.  The executable CRC-32 (WinZip) is FF10FF34, the size 2,509,824 bytes.
 

FileCleanerPro took approximately 150 hours to develop.  Hopefully, you found or will find FileCleanerPro useful. However, use at your own risk!

References:

  1. The Diehard Battery is available from:
    Diehard Battery of Tests of Randomness v0.2 beta and
    The Marsaglia Random Number CD-ROM including the Diehard Battery of Tests of Randomness
     
  2. Secure Deletion of Data from Magnetic and Solid-State Memory.
     
  3. George Marsaglia, "The Mother of All Random Generators": Posted by Bob Wheeler to sci.stat.consult and sci.math.num-analysis on behalf of George Marsaglia on October 28, 1994.
    ⇒ The code is available at ftp.taygeta.com.
    George Marsaglia, "Multiply-With-Carry Generators": File "mwc1.ps" on Marsaglia's Diehard CD-ROM, available online at ftp.csis.hku.hk.
     
  4. See Microsoft's Description of the RAND function in Excel 2003 for a short blurb implementation. Further references are:
    ⇒ Wichman, B.A. and I.D. Hill, Algorithm AS 183: An Efficient and Portable Pseudo-Random Number Generator, Applied Statistics, 31, 188-190, 1982.
    ⇒ Wichman, B.A. and I.D. Hill, Building a Random-Number Generator, BYTE, pp. 127-128, March 1987.
    ⇒ Rotz, W. and E. Falk, D. Wood, and J. Mulrow, A Comparison of Random Number Generators Used in Business, presented at Joint Statistical Meetings, Atlanta, GA, 2001.
     
  5. "Secure Random Numbers", Ernesto Guisado, material originally appearing in Windows Developer Magazine, 2002, CMP Media.
     
  6. "Random Number Generator Recommendation", Charles N. Zeeb and Patrick J. Burns, Colorado State University, 1999, on-line PDF document.
    ⇒  P. J. Burns and D. V. Pryor, "Surface radiative transport at large scale via Monte Carlo," Annual Review of Heat Transfer, C. L. Tien (ed.), pp. 79-158, Begell House, New York, 1998.
     
  7. "The WWW Virtual Library: Random Numbers And Monte Carlo Methods, Random Number Generators"
AlReaud Sun, 06/05/2011 - 12:20