this post was submitted on 22 Nov 2024
352 points (98.6% liked)

Technology

59554 readers
3300 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
352
OpenAI accidentally deleted potential evidence in NY Times copyright lawsuit (techcrunch.com)
submitted 10 hours ago* (last edited 10 hours ago) by misk@sopuli.xyz to c/technology@lemmy.world
59 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] tulth@sh.itjust.works 27 points 2 hours ago

it is the 2024 version of the dog ate my homework

[–] fmstrat@lemmy.nowsci.com 34 points 4 hours ago

Important context:

  • Data was recovered
  • Plaintiff does not believe it was purposeful
  • Cost plaintiff a week's work
  • Plaintiff has already spent 150 hours going through data
[–] DoucheBagMcSwag@lemmy.dbzer0.com 16 points 4 hours ago

OopsDidntMeanTo

[–] phoenixz@lemmy.ca 66 points 6 hours ago (1 children)

accidentally

Let a judge be the judge of that...

[–] Imgonnatrythis@sh.itjust.works 3 points 5 hours ago

Perhaps obstructing justice isn't as bad as copyright infringement?

[–] negativenull@lemmy.world 39 points 6 hours ago

[–] elucubra@sopuli.xyz 20 points 5 hours ago (2 children)

In Spain, in a major political corruption trial, a party turned in as evidence some drives that had been erased by Dban 7 times. They argued that it was routine to do seven passes.

[–] Saik0Shinigami@lemmy.saik0.com 19 points 5 hours ago* (last edited 5 hours ago) (1 children)

It is... It's literally a preconfigured option on the dban selection list.
Source: My memory... but if that's not good enough, here's wiki too.

https://en.wikipedia.org/wiki/Darik%27s_Boot_and_Nuke

and DOD 5220.22-M (7 passes) are also included as options to handle data remanence.

[–] mosiacmango@lemm.ee 3 points 5 hours ago* (last edited 5 hours ago) (2 children)

It's an option, but not the default. It takes forever to run, so someone using it is being very intentional.

It's also considered wildly overkill, especially with modern drives and their data density. Even a single pass of zeros, the fastest and default dban option, wipe data at a level that you would need a nation state actor to even try to recover data.

[–] hemko@lemmy.dbzer0.com 2 points 3 hours ago (1 children)

Okay so what you think is wildly overkill, is about 10% of the effort some organizations go through to make sure data is not restoreable.

[–] mosiacmango@lemm.ee 3 points 2 hours ago* (last edited 2 hours ago) (1 children)

My org shreds discs entirely with a mechanical grinder, so I'm well aware of overkill.

Multiple overwrites being unnecessary isnt really an opinion. Here is the company that owns dban agreeing with security orgs like NIST, that anything past 1 write is unnecessary. .

I think the issue comes down to whether the org in question does that 7 passes consistently on all discs, or if it just so happened to start that policy with those that had evidence on them.

[–] Saik0Shinigami@lemmy.saik0.com 2 points 22 minutes ago

I think the issue comes down to whether the org in question does that 7 passes consistently on all discs, or if it just so happened to start that policy with those that had evidence on them.

No? If 1 is sufficient, any additional shouldn't matter in any considerations at all. Could have simply been somebody who hit the preset on accident.

[–] Saik0Shinigami@lemmy.saik0.com 9 points 5 hours ago (1 children)

so someone using it is being very intentional.

Not if you're used to taking DoD requests. It was my default for a very long time because I simply defaulted to it for compliance reasons.

It’s also considered wildly overkill

Absolutely is. Doesn't mean that people like me aren't out there in droves.

But SSDs make this all moot and HDD are being phased out of many environments. SSDs with chucking the key is more than sufficient as well.

[–] mosiacmango@lemm.ee 2 points 2 hours ago* (last edited 2 hours ago) (1 children)

DoD dropped it 7 and 3 pass requirements in 2006.

Later in 2006, the DoD 5220.22-M operating manual removed text mentioning any recommended overwriting method. Instead, it delegated that decision to government oversight agencies (CSAs, or Cognizant Security Agencies), allowing those agencies to determine best practices for data sanitization in most cases.

Meanwhile, the U.S. National Institute of Standards and Technology (NIST), in its Guidelines for Media Sanitization of 2006 (PDF), stated that “for ATA disk drives manufactured after 2001 (over 15 GB) clearing by overwriting the media once is adequate to protect the media.” When NIST revised its guidelines in late 2014, it reaffirmed that stance. NIST 800-88, Rev. 1 (PDF) states, “For storage devices containing magnetic media, a single overwrite pass with a fixed pattern such as binary zeros typically hinders recovery of data even if state of the art laboratory techniques are applied to attempt to retrieve the data.” (It noted, however, that hidden areas of the drive should also be addressed.)

For ATA hard disk drives and SCSI hard disk drives specifically, NIST states, “The Clear pattern should be at least a single write pass with a fixed data value, such as all zeros. Multiple write passes or more complex values may optionally be used.”

[–] Saik0Shinigami@lemmy.saik0.com 2 points 1 hour ago* (last edited 1 hour ago) (1 children)

Congrats? DBAN was made prior to 2006... IT people existed before 2006. What's your point? You think that people just spawned into existence in 2006 with decades of IT knowledge? So like I said... "It WAS my default for a very long time because I simply defaulted to it for COMPLIANCE reasons"... eg. my contracts at the time required it and I ran boatloads of wipes.

Regardless... DOD 5220.22-M now states

The National Industrial Security Program Operating Manual (NISPOM) is now Part 117 of Title 32, Code of Federal Regulations.

So let's go look at the NISPOM stuff which says... NOTHING! So what you end up with is companies referencing the old DOD 5220.22-M because old government contracts will actually say that specific document in contracts as something that must be adhered to for a long long time. So even though it "died" on 2006, contracts may not be renewed for some time after that which still keeps the document alive.

Now DOD 5220.22-M actually specified and defines short wipes (3 pass) and long wipes (7 pass). And in theory, could be superceded by NIST 800-88 (and probably is the default on modern contracts). And regardless of all of that... DoD internally has it's own standards, which after wipe often requires degaussing or outright destruction of the disk, I remember having a dedicated device for it that would document serials and stuff. I'd have to pull up my army documents to remember which specific rules required that type of stuff, but I'm not going to dig out shit from 2010 just to argue with someone on lemmy.

So I guess this boils down to... The world didn't spawn into existence in 2006. People are older than 2006 and are allowed to talk about their experiences from before the "old times".

Edit: And in current contracts... all our shit is NVMe and secure erase. But I'm willing to bet muscle memory would still kick in for me if I saw the DBAN screen.

[–] sugar_in_your_tea@sh.itjust.works 1 points 3 minutes ago* (last edited 3 minutes ago)

And honestly, if you're going to do a single pass, might as well do multiple. It doesn't take any more of my time for 1 pass vs 7, assuming I only have a handful to do. I'll probably just start one before I leave for the day, swap to another when I come in, and repeat until the pile is cleared.

If something is worth doing, and overdoing doesn't take any extra effort, I'll overdo it.

[–] LemmyRefugee@lemmy.world 2 points 4 hours ago* (last edited 4 hours ago)

Were they erased when the investigation started or was it done time before?

[–] gedaliyah@lemmy.world 45 points 7 hours ago (1 children)

[–] criticon@lemmy.ca 8 points 5 hours ago (1 children)

Barely an inconvenience

[–] DoucheBagMcSwag@lemmy.dbzer0.com 4 points 4 hours ago* (last edited 4 hours ago)

I'm gonna need you to get all the way off my back about that missing evidence

[–] HeavyRaptor@lemmy.zip 71 points 8 hours ago

"Accidentally"

[–] HailSeitan@lemmy.world 47 points 8 hours ago (1 children)

Journalistic malpractice to repeat their “accidentally” claim without attribution or quotes

[–] Custodian1623@lemmy.world 3 points 5 hours ago

average tech journalist

[–] GreenSofaBed@lemmy.zip 3 points 4 hours ago

They know they'll get away with it, so why wouldn't they

[–] ASDraptor@lemmy.autism.place 175 points 10 hours ago (2 children)

"Accidentally"

[–] beansbeansbeans@lemmy.world 32 points 8 hours ago (1 children)

Lol how many of us thought this immediately?

[–] ASDraptor@lemmy.autism.place 11 points 6 hours ago

Apparently, everyone 😂

[–] Blubber28@lemmy.world 10 points 6 hours ago (1 children)

About as accidental as falling off the stairs in Russia

[–] Klear@lemmy.world 6 points 5 hours ago* (last edited 5 hours ago) (1 children)

That only happens when they accidentally miss the window.

[–] sugar_in_your_tea@sh.itjust.works 1 points 1 minute ago

That can happen if you're distracted accidentally shooting yourself in the back of the head twice.

[–] Badeendje@lemmy.world 113 points 9 hours ago (1 children)

Then the assumption should be the most damning scenario for open AI that this evidence could provide.

[–] Voroxpete@sh.itjust.works 82 points 9 hours ago (1 children)

AFAIK that is, in fact, how juries are generally instructed to regard destruction of evidence.

[–] GiveMemes@jlai.lu 4 points 6 hours ago (2 children)

Even "accidental" destruction?

[–] chiliedogg@lemmy.world 12 points 6 hours ago (4 children)

Incompetence has a price.

load more comments (4 replies)
[–] NounsAndWords@lemmy.world 2 points 5 hours ago

It depends on the court and the judge/jury instructions but even accidental spoliation (destruction) of evidence can result in an adverse inference.

[–] DarkDarkHouse@lemmy.sdf.org 134 points 10 hours ago

“Accidentally”

[–] jjagaimo@lemmy.ca 91 points 10 hours ago

"Accidentally"

[–] MrWafflesNBacon@lemmy.world 68 points 10 hours ago

"Oopsie woopsie 🤭" - OpenAI

[–] Sabata11792@ani.social 17 points 8 hours ago

"Oh, silly me I seem to have deleted all the evidence. Whoops."

[–] Melatonin@lemmy.dbzer0.com 5 points 6 hours ago

Oops

[–] octopus_ink@lemmy.ml 25 points 9 hours ago

“Accidentally”

[–] RedditRefugee69@lemmynsfw.com 28 points 9 hours ago

"accidentally"

[–] CarbonatedPastaSauce@lemmy.world 5 points 6 hours ago

I sometimes work with lawyers to do discovery for corporate IT. The good news is, this doesn't really fly in court from what my company's legal team has told me. So either the evidence was SO bad that this was a better option for them, or they actually did shoot themselves in the foot.

[–] Mandy@sh.itjust.works 1 points 4 hours ago

Accidentally my butt, get em new York times

[–] Gingerlegs@lemmy.world 21 points 10 hours ago* (last edited 10 hours ago)

It’s not a bug, it’s a feature!

[–] Wild_Mastic@lemmy.world 20 points 10 hours ago

"Upise ahah my bad"

[–] ieatpwns@lemmy.world 13 points 9 hours ago

“My ai ate my homework”

load more comments
view more: next ›