Sooneung

That's even better. I wonder why samsung wouldn't implement that. It's not like it takes more space. The 'Real A/B' takes a lot of space and considering that 64gb was standard for high end phones back in those days, I always thought it was really inefficient and wastful stuff to implement. Now that they have virtual a/b thing, it is kinda stupid for the manufacturers to not implement that feature.

Too tired to fix grammer nor the spreadsheet. Writing this at 5:30 AM in S. Korea. Please keep that in mind. thx!

I read about the recent Galaxy's System Files article, and I wanted to find the reason behind this chaos. I imported all partition information onto my PC and did some calculation. Since I'm no expert at this, some of info may not be correct or represent all devices. My Conclusion in short: As many of you guys have expected/guessed, it's just the storage size unit difference thing. Android (and its root Linux) calculates storage and files in binary(MiB, GiB) but consumers are used to decimal units(MB, GB), so Samsung just decided to calculated in binary then add dummy numbers to hide the difference. I mean if they didn't do that, customers would be angry about smaller storage and complain about it wouldn't they? Even if Samsung and their engineers try their best to explain it, they won't be able to convince them. On my calculation, the whole System Partition"S" are total 10.94GB. This includes system image itself, modem, hw specific libraries, carrier/country specific apps/configs, hw configs etc. Also, I think there are more hidden partitions for KNOX, other more secure things or critical system files. (This sum of partition sizes didn't add up to exactly 256GB. It's missing 2.43GB, but I bet Samsung cheaped out on that. I think it's hidden by KNOX or something.) Here is the list: - System Partitions: 10.94GB - Missing Bytes: 2.43GB - Unit Difference: 17.41 > Total System Files: 30.79GB (Including missing bytes) > Reported System Files: 34.46GB Now you may say that there's still 3.57GB left. I think this one's reserved for system caches and safe buffer. My guess is that Samsung wanted to leave some headrooms so that even if the customer fills up the storage to 100% device can still function, alerting user to delete some files, not locking itself up. OR, it's just cache/tmp files or combination of two. This theory is also somewhat backed up with the fact that actuall /data's usage is 4.74GB bigger than the Samsung's reported used space. Also, Samsung's Reported System Files size changes from time to time. Not because I updated the system. I left the device, calculating this storage thing, but it decided to change the size by itself. If the System partiton ONLY contains the Read-Only ROM, there's no reason for the value to be changed. (Fun fact: /system is ext4 RO, which means read-only. Other system partitions are the same too.) This backs the "Cache/Buffer" theory. I haven't tested this by filling up my device literally 100%, so this is just an assumption. Yes, raw system partitions are 10.94GB (not including those hidden, missing partitions) ARE HUGE for mobile OS. Just like Linus mensioned on WAN show, pixel devices takes up only about 6gigs and even has dual OS partition to seamless update/fallback OS. But on the other side, modern windows takes up about 16-20 gig on fresh install (depending on drivers) and skyrockets if you install pdf viewer, office, etc. I think that applies to macOS too. (Let's not talk about linux. They vary greatly. Though, I think I remember fresh ubuntu being under 10gig. don't quote me on that) Samsung's OS is full of features. Samsung even supports literally 'modding' your device to your likings with Good-Lock app. (Go try it on the Galaxy Store if you haven't. You have been wasting your Galaxy if you didn't use it.) They support Smart-Things or Find your device without installing a seperate app. Whether you like it or not, they have Bixby and Bixby routines included with your phone. You can't find these features on any other phones. At least not with this level of customization, build quality, and features. There's no denying on that Samsung has a lot of bloat preinstalled and the fact that system image is HUGE. But In my opinion, this is justifiable. It just needs a little bit of diet. Here is my spreadsheet: https://docs.google.com/spreadsheets/d/14AlFARcdSbKqaMk8-ntRDCRTq8h7_6HH/edit?usp=sharing&ouid=100210223171289014815&rtpof=true&sd=true Do note that my calculations are based on Korean varient of S21 (SM-G991N) Note: 'changes eveytime' is not actually true. It actually changes 'time to time' but still I saw it change without any reasons. (no reboot, no update etc.)

Do you know what's hilarious? They didn't block some of the adults manga sites which has child pornography contents thing. Also the site admins keep changung urls. Even if its blocked, we can still visit the sites using free vpns, browser integrated vpn(like one in opera), proxys, google data saver and someone even came up with the idea of putting blocked url in google translate! Smart kid lol And it didn't solve the fundemental problems. I mean we all know about tor network and torrents and the fact that there is some sort of propritary protocols used to sell and buy drugs, hire someone etc. lol

Good for you... I agree that government should block illegal drugs, crimes(like assassination) or child pornography but we are blocking even the torrents sharing sites and manga sharing sites. Now I have to wander around bit more to get xp iso.

I already have it on my pc and android phone and tablet. I'm using cloudflare's dns service. (The 1.1.1.1) I've also installed vpn server on aws instance (what a impractical use of aws lol)

Oh speaking of dns, the Korean goverment is now sensoring out illegal contents both over http(using dns) and https(via listening to sni field and packet intercepting). This can't be solved unless we use vpn. This applies to all isp (i think only on consumer ones) and forced by governments. It's hard to explain with my english skills but it's like having a great firewall of china in korea. (Except we don't sensor out the political opinions.....YET)

Yeah i use vpn from time to time because of this. Btw, some said changing the dns didn't work

This is the log. Red box is user, blue box is the isp monitoring server, and green is the original destination (like google.com)

I use the router ap hub combo unit from isp, but this applies even if we use other routers from... say asus, dlink etc

I know! It's normal for them to not be able to see whats connected. Some guy analyzed the packets and he found out isps actually intercepts the webpage, sends the client some code. Client calculates the unique code and sends it to isp (the intercepted server) thinking they are sending data to real server. Then isp uses this info to distinguish clients and redirect client if they exceed the limit of connected devices. This doesn't work on https (i think) , other protocols such as ftp. They allow mobile agents to connect and communicate freely even on http. It's kinda insane to see isp actually intercepting the webpage (this is mitm attack after all) and collecting user data. The data being collected are: - OS information - Browser info - Network (ip address) info using WebRTC vulnerability (to see if user is on private ip or public ip) - GPU info using WebGL (this is just an assumption) - Some other info he couldn't find out https://gist.github.com/HelloKS/6631237f7f8f51bbd8c0b3e31b022854 This is raw data with sensitive info hidden. Does your isp do this to you?

I forgot to mension this. WE ARE BEHIND THE ROUTER. Our devices get private ip addresses from the router(ap hub combo thing) and the router gets one public ip address.

Hope nobody thinks i live in NORTH KOREA

Does your ISP limit the devices connected to the internet? I live in SOUTH Korea, and it's kind of a norm for the isp to block the internet if too many devices are connected simultaneously. They usually allow upto 2-3, but starts to block the device starting from the 3rd or 4th device. This doesn't botter me very much since this usually happens on pc. And even if you are on a pc they only blocks http protocols so you can still surf the web with https protocol or use other protocols to communicate. I think they are intercepting the plain http connection, monitor the mac or user agent or something to distinguish the users and block if they reach certain point. I'm not very angry about them because the internet subscribtions here are sooooo cheap (you can get 10gbe lane for 80bucks a month if you have access to ftth lane or 27 bucks for full gigabit internet. Yes these both are consumer subscribtions) but still annoyed a bit. Do you have some kind of limitations from your isp?

This is what I think. Key management should be the only way to controll complexness of security or recovery process. No backdoors should be enabled. We can't really do much about unintended backdoors (or securoty holes). Instead, we should take a deep look of codes and improve security as fast as possible.

For normal people, standard encryption WOULD be enough. Personal photos, videos etc. Afterall, who cares about my family photos anyway? But you don't use your external drives for only that purpose. You could be carrying some company's top secret documents. (In this case, most of companies provide their own encryption method to secure their properties, though) You could be carrying some exgirlfriend pictures. Even some nasty videos you don't want to be known in public. Whatever it is, I think you should use decent encryption. Store your recovery keys somewhere safe. The flexiblility is up to your key management. That's what sould be controlled, not the backdoors. The moment you enable backdoors, that ata are no longer protected. You mentioned server security. Google and facebook has THE MOST SECURE INFRASTRUCTURE in the world. But it is the BACKDOOR or SECURITY HOLES that's leaking the personal informations and make up the headlines. The possibilities of cracking in should be removed as much as possible. If you want flexible security, than store your keys and backupkeys in multiple locations. Store it on your phone, cloud, stucky notes, whiteboard, you name it. It is up to them. Purpose of recovery keys is to make your life bit more easier when you loose password. You shouldn't compromise the security and make it easier to break into your data. No matter what you are storing, this should be clear. Hardwhere compromise. Sure. This is big thing. Than shut it down. No one except for goverment won't be able to extract password from your ram. Encrypt your hard drive. Enforce selinux. Disable recovery pins. There's so much things you could do to make your data more secure.

Hm... thought trucrypt is safe. Maybe forks aren't safe anymore....

Whoa thats long. Perhaps I really am being too serious about this thing. Maybe I really overlooked the advantages of backdoors.

Yes, the spare keys are the recovery keys. This is something like a recovery key you get when you setup bitlocker or 2factor auth on google. This key HAS to exist. But the thing is that black smith's tools are some software from company, which can leak to public or be abused by one of the employees. Think of an samsung's odin, which is intended to be used in service centers. Many of us uses iPhone because we believe iPhone has one of the most secure phones in the world, where as android phone's data can be leaked. We use truecrypt(or fork of truecrypt) because we believe even the nsa can't crack them. Sure, there might be an hidden backdoors we never knew, but we use those because we feel safe. Sure, we have to have some sort of recovery options because we humans are not perfect. But the thing is process of recoverying keys shouldn't be easy. You gave a example of a blacksmith breaking into security. The problem is that ordinary keys are easy to break into. We change our lockers to digital ones because of this. The process should involve more tight verification of user that's trying to use backdoor. We can't just unlock the thing with a tool without verification. That is no longer secure. For example, when you forget your google password, they ask you to enter your prev passwords, birthdate, what you have done wuth the account etc to ensure you are you before they reset your password. Same for the facebook account. The process of recoverying sould be very tight. When we use bitlocker(one of the most common software we use), they provide a recovery key and they force you to save or print the key. They warn you if you loose it, your data are basically .... gone for good. But we don't have any other options other than recovery key if you loose your password. I believe there's a reason for that. More spare keys, more vulnerable your data are. When you add a backdoor(s), your giving the genius hackers around the world more headrooms to crack the password. But what he said(on the chat session I mensioned on original article) is that you could easily recovery your password fron service center with special tool. I don't know what the mechanisms are, but that frightens me. If it is something like some recovery key or matching up hints you gave to encryption software earlier, pew what a relief. If thats not the case, than the encryption is basically useless because almost anyone on the company can access the tools and can even leak the software or informations of the tools. This is my thoughts. Maybe I'm being too sensitive. Maybe it's because I'm into security things. Maybe ordinary endusers really need an easy recovery options. Maybe they don't need a cutring edge security. But this is what I think. (Sorry for bad English if it disturbed you.)

Btw, I don't know whether the drive he mensioned has the backdoors or not.

On a game cummunity, someone said 'encryption with ability to recover your data in case you forget your password!' I was like 'no that's insane! Having backdoor(s) on encryption is one of the most dummest thing in the world!' And we fought back for quite some time. I really think backdoors shouldn't exist at all. Thats the main goal of security, isn't it? (Also that's what the whole security industry is trying to achive) Well, sure it would be nice to normal users to give an option to recover the data in case you forget your password. But the point is recovery process is not done with not something like bitlocker recovery key. There's an software which unlocks the password automatically for you! That's insane! I wouldn't call it a 'security feature'. Rather, I'd call it 'the illusion of being secure feature'. Long story short, do you guys prefer an external drive which has an backdoor to recover your data? (Remember no recovery keys. Software does it for you without authentication.) Plz share your thoughts. I am really pissed off for being despised by random guy on internet.

I actually have windows server 2016 license (got one from dreamspark.), and I'm planning to build server with i5 (or i3) which's not servergrade. (Xeon just costs too much. I believe xeon 3? 5? - no idea one xeon's naming Performs about the same as i5). I don't want to run two machines for just home server but I want to have Linux(Ubuntu - the one I'm familiar with) server with Windows Server to maximize compatibilities with windows machines at home. And no, I DO NOT plan to open smb out into wild. It's meant for local server. What I meant is that since I'm not really good at serverside thing, I won't be able to secure all the connection. Although I will try to, by following online tutorials, I'm going to setup the most basic security settings. Besides, I won't be opening my personal pictures, documents etc to public. This is where virtualization comes in. I won't seperate server - one for out in the public, and one for local network. Also I have a question. Is gbe enough for 2018? I researched a bit online but those 10gbe switches and all that gears costs.. alot. I mean for student with part-time job, it's not an easy choice to make. I download movies and share projects, musics on network, and they are quite big. (Animes with 1080p bd grade video is big.) Would gbe be enough in 2018?

Thanks!

I believe it's this one: (Note: it's not from linustechtip) Btw i don't really care if it's convenient and secure enough. I often do things in 'linus-way' For setting up VM, what software? I only tried installing linux directly on to disk to setup a server. Also linus said he's using 10gbit network at home. Is he using some kind of add-on card? It's really hard to find boards with 10gbit ethernet. Btw Linus, what setup are you using at home for your server? The pc, and switches etc. Thanks! (Sorry if my words sound bit weird. I'm from Korea and I'm not really used to using forums, so correct me if i'm doing st wrong..)

I wonder what operating system does linus use for his studio server, and what protocol he uses to share disks. I know he uses ZFS filesystem and CentOS on one of his racks, but I see Windows UI on monitor (the one in server room) Also I tried ftp to setup network disk, but there was security, permission issues and.. I just couldn't use it as "drive." I can't save or open documents right away niether saving directly. What kind of protocol can perform what i want? Smb? (I don't think it's smb though.. I saw linus directly accessing files at home with smartphone. I believe smb is for local sharing...) Sorry if this topic is already answered. Btw this is my first post at this forum. Hello!