11/8/2011 – General and Special Election – Seattle, King County, Washington

I can't say any of the candidates really got me all that terribly excited, it was mostly an exercise of picking who I hated least. As for the initiatives the only one that I think is really super critical is City of Seattle Proposition No. 1 which is the school tax levy. Initiative 1183 really annoys the hell out of me and I hate CostCo for putting it out there (I especially like the tax loopholes they put in for themselves and the bans they put against their smaller competitors) but as I explain below our dear government has passed a lovely bill that I think is worse than 1183 so now I have to vote for 1183.

Initiative Measure No. 1125 - No
Initiative Measure No. 1163 - No
Initiative Measure No. 1183 - Yes
Senate Joint Resolution No. 8205 - Approved
Senate Joint Resolution No. 8206 - Rejected
County Directory of Elections - Mark Greene
Port of Seattle - Commissioner Position No. 2 - Gael Tarleton
Port of Seattle - Commissioner Position No. 5 - Dean Willard
City of Seattle - Council Position No. 1 - Bobby Forch
City of Seattle - Council Position No. 3 - Brad Meacham
City of Seattle - Council Position No. 5 - Dale L. Pusey
City of Seattle - Council Position No. 7 - Tim Burgess
City of Seattle - Council Position No. 9 - Sally J. Clark
City of Seattle Proposition No. 1 - Levy, Yes
Seattle Transportation Benefit District - Proposition No. 1 - Yes
Seattle School District No. 1 - Director District No. 1 - Sharon Peaslee
Seattle School District No. 1 - Director District No. 2 - Kate Martin
Seattle School District No. 1 - Director District No. 3 - Harium Martin-Morris
Seattle School District No. 1 - Director District No. 4 - Marty McLaren

Note: For brevity's sake I'm omitting any uncontested races.

Average, percentiles and measuring service performance

Measuring the performance of services is tricky. There is an almost irresistible desire to measure average performance. But measuring service performance using averages is pretty much guaranteed to provide misleading results. The best way (I know of anyway) to get accurate performance results when measuring service performance is to measure percentiles, not averages. So Do Not use averages or standard deviations, Do use percentiles. See below for the details.

Some examples of how Wall Street steals money

There is this idea in America that winners should be rewarded and that the rich are winners. And since the bankers on Wall Street are rich they must therefore be winners. But this is a lie. The bankers in this country aren't winners. They are simply the people who managed to leverage their cash into taking control of our government and using it as their own personal piggy bank and get out of jail free card. I realize this rehtoric sounds extreme but if you read Matt Taibbi's latest article in RollingStone magazine I think you'll finally begin to understand some of the mechanisms of how Wall Street steals from everyone else to make their profits.

Distributed Storage Reading List

My technical wanderings of late at Microsoft have taken me into the realm of massively distributed storage. Of course, I've been here before but this time I need to bring some other folks along. So I was asked to put together suggested readings to help people come up to speed. I thought the list might be of general interest so I'm posting it here.

What do you think? Is this a good list? A bad one? What would you suggest?

How do I securely wipe my hard drive?

Ever since Gutmann published his original paper [3] in 1996 there has been an assumption amongst security types that to 'securely' delete a hard drive one had to overwrite it many times. While it's not entirely clear that this claim was true when Gutmann made it, nevertheless, changes in magnetic hard drive technology appear to have made the need for multiple overwrites completely unnecessary. As explained in gory detail in [1] there is no economical way known to recover data that has been overwritten just once from a modern magnetic hard drive. So a single pass writing zeros should more than handle things.

As explored in the Wikipedia article on data remanence it is possible for bad sectors to potentially be recovered because the zero pass wouldn't touch them. But keep in mind that no matter how many times one wipes a drive those bad sectors won't be written to. So if bad sectors are an issue then one will probably need to degauss, physically destroy the drive or use whole disk encryption.

Where things get more fun is with solid state drives (SSDs). As explained in [2] there are real problems with securely deleting SSDs. Right now there is really no good way for a normal person (e.g. someone who isn't a storage expert) to really know if they have successfully deleted everything off a SSD. Tricks like filling up the drive with data won't work because the drives have more capacity than they advertise and since flash cells fade the drive may have taken cells (with data) offline. The drives do support entire disk delete commands but as [2] points out, those commands aren't always appropriately implemented. Overwriting sometimes works but sometimes not and using a pattern of zeros is particularly problematic because some SSDs compress contents.

So if one wants to securely dispose of a SSD I suspect the only reasonable approach is software based disk encryption. Yes, some SSDs do implement hardware level encryption but given the lack of easy validation of the logic and updates when there are issues I wouldn't personally trust that approach. Of course this reduces the security of a 'wipe' to someone not being able to crack the password on the key file stored in the SSD. Personally I'd still do two wipes, at least one using some kind of random data, before disposing of a SSD just to be especially paranoid. Perhaps the only reasonable alternative with SSDs is physical destruction.

References

[1] Dave Kleiman Craig Wright. Overwriting Hard Drive Data: The Great Wiping Controversy. 2008. URL http://www.vidarholen.net/~vidar/overwriting_hard_drive_data.pdf.

[2] Laura M. Grupp Michael Wei. Reliably Erasing Data From Flash-Based Solid State Drives. 2011. URL http://www.usenix.org/events/fast11/tech/full_papers/Wei.pdf.

[3] Peter Gutmann. Secure Deletion of Data from Magnetic and Solid-State Memory. 1996. URL http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html.

Books I recommend on personal finance

A friend of mine at work asked me to recommend books he could read on personal finance. I decided to publish my list and reasoning for anyone who is interested. I think the first two contain information that everyone needs to know. The rest adds important details but I think can be read based on interest. Continue reading