Trying to clean install kubuntu: how can a hard disk be wiped if ATA Secure Erase, DBAN, KillDisk, HP DiskSan ++ zero-filling, shred, bb, rm, diskpart, PXE, WAIK, Windows PE and more...cannot touch the various journals?
Hi yall, I moved into a new apartment 5 months ago. My ISP installed my VDSL connection and didn't turn on NAT or the modem firewall, or change the default admin password. As I have been technically-
But regardless of the source, for four months now I've been under siege. My systems are hacked and then destroyed. My modem, two routers, two desktops, 3 laptops, a mini laptop, two smart phones = all hacked with a yawn and simply freeze, crash and BSOD their way to...actual D.
I am unable to change ISP - I moved into a "high-tech" branded building, a partnership between the largest ISP in the country and the largest property developer, because I wanted faster Internet. Now I just want a life. I cannot really move. I'm pretty much at my wit's end.
My hard drives are UN-WIPEABLE. I have zero-filled for endless 8-18 hour sessions countless times. But when the Canonical-branded ubuntu / kubuntu (which is kind of amazing, really) or Genuine Advantage Win7 disks (I have 5) go in, or if I install booting from a live CD like Bart's Windows PE or rescatux...or from any USB stick (I've formatted brand new USB 2.0 and 3.0 flash drives miles away on clean computers with Windows / kubuntu ISOs - MD5 / SHA hash codes checking out fine)...I even tried PXE booting the Partition Magic ISO...it just doesn't matter.
I simply trigger the installation of various malicious Windows 7 images and corrupted Linux distributions. Nothing is ever wiped. The incredibly INTELLIGENTLY DESIGNED unattended images deployed onto my home computers are not 'corrupted', really. I only use the word to describe operating systems and entire file-systems on my drives which I absolutely never installed, and - in some cases - file-systems I've never even heard of - like, it would seem, the Atheros File System - now existing on all my computers.
No matter what I do or how I do it....everything, every time, is reinstalled and active when my 'new' OS has been installed. I think 80 or so OS installation attempts in a row have merely triggered a silent reimage (or restore) of the very impressively malicious OS imaging - the log files of which are often left behind, their millions of lines of log data comprehensively recording the fact.
Until today, I was quite certain it was a USN Journal exploit. And it would be a bit much to expect the Linux kernel to erase the Microsoft preinstallation environment (+ recovery, backup, caching, etc; all conveniently thrown up into the same virtual cloud). But last night, from either a rescatux or Parted Magic live CD, I ran this command on one of my virtually-dead laptops:
~# shred -fuvz --iterations=12 /dev/sda
That took a REALLY long time. When it completed a short time ago, I used GParted to format it with an Ext4 partition table as I'd really like to never think of DOS and Windows and USN Journals - or any journals - ever again.
GParted 0.8.0
Libparted 2.3
Create Primary Partition #1 (ext4, 465.76 GiB) on /dev/sda 00:00:14 ( SUCCESS )
create empty partition 00:00:00 ( SUCCESS )
path: /dev/sda1
start: 63
end: 976768064
size: 976768002 (465.76 GiB)
set partition type on /dev/sda1 00:00:01 ( SUCCESS )
new partition type: ext4
create new ext4 file system 00:00:13 ( SUCCESS )
mkfs.ext4 -j -O extent -L "Shred1Time" /dev/sda1
Filesystem label=Shred1Time
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
30531584 inodes, 122096000 blocks
6104800 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=0
3727 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968,
102400000
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 25 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
mke2fs 1.41.14 (22-Dec-2010)
-----
Um...wut..? More journals to be exploited?
My system time is 01 June, 2011. But Busybox (which I've never heard of, except for my modem and router logs clearly stating its been used to hijack both) is popping up in my terminal after seemingly unrelated commands...with a fixed date of 22 Dec 2010.
Consistencies:
- Atheros Ethernet controllers silently installed onto deactivated, disconnected systems
- Dozens of USB Controllers installed silently on every hard drive; mostly Intel and Microsoft but others I've never heard of
- Bluetooth drivers, lots and lots of Bluetooth drivers, adapters, enumerators...which install themselves by themselves in front of my eyes - even when Windows has been ordered to NEVER do that...it does that, and it does it on systems which don't even have Bluetooth ffs (and the same on Linux):
http://
- /dev/hda was turned into /dev/sda a few times, I think the other is turned into a hidden mirror
- IP6 protocols and sub-protocols are everywhere - I think I have over 20 Microsoft hidden IP6 and other tunnels (usually) silently re-installed onto every drive
- cmd and terminal command lines routinely reporting false info and occasionally a cmd command will do the opposite
- netstat -ano output that is just...??
- numerous filesystems and hundreds of non-default virtual / bluetooth / and other drivers remain in persistence on every drive, no matter how comprehensively they are 'wiped' by ATA Secure Erase or a zero-fill utility.
This is the output of ~# lsof using a live CD on the laptop I just shredded with 13 iterations.
https:/
------------
I would burn everything electronic in my apartment if I thought it would be the solution. But I don't see how it could be. I bought a brand new $500 MSI mini notebook because it had XP (no filthy WinPE is a +) and a F3 Factory Recovery boot option. In the taxi, I installed XP, deactivated its single network adapter (WLAN) before my street, took it upstairs and never - in its existence - has it been online. Within 5 minutes of walking into my apartment...XP crashed with a BSOD.
This is the result of the F3 Recovery (and the dozen F3 Recovery attempts since) - it's a write-off:
http://
Yeah, I really need help. Please help me.
Question information
- Language:
- English Edit question
- Status:
- Expired
- For:
- Ubuntu ubiquity Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply: