SpinRite - hokey or real?

[fearnothing]

Not exactly a hacking question but I figured some of you guys might have had some first-hand experience with this tool. I'm asking because almost everything I've read about this triggers my pseudoscience alarm bells, but someone I work with who is in all other respects very smart and well educated is insisting that it's everything the sales pitch claims.

Honestly, my gut feeling is that Steve Gibson is the techie equivalent of a cult leader, and if I could find any kind of corroboration for this damning dissection of his work, I'd be ready to dismiss SpinRite and associated products completely.

Bonus question: does SecurityNow fall under the same heading? Or does that have some separate worth of its own?

[cooper]

It feels very much like snake oil.

The first thing that crossed my mind was to ask the guy that gave this talk. It would be his job to know and chances are someone's asked him already.

The talk itself was pretty damned interesting to me aswell.

[Mr-Protocol]

My opinion is, back in the early days, it was probably a worth wild tool. Now a days, no.

[cooper]

Had a quick look at that SecurityNow product. Again I call bullshit. The website is almost completely vacant of content and to my eye looks rather unprofessional. There's not a price in sight anywhere. Supposedly it's an automated security tool which basically boils down to the bog-standard scripted tests that *everybody* runs. I wouldn't be at all amazed if it's a repackaged Nessus install.

I think your best bet is to contact any security firm and ask them to do a quick audit of your network. It'll involve anything that SecurityNow product can do and provide you with a list of problems, recommendations and suggestions tailored at your specific setup which is far more valuable than the next tool bitching about an open port. Humans are far better at interpreting context.

[fearnothing]

I think you've picked up on a different SecurityNow than the one I was asking about, which is this podcast.

[cooper]

Heh. I assumed you couldn't have meant that, but now I see that the guy behind the SpinRite product is co-host.

The main thing for me is that I have great respect for Leo Laporte. He may not be the smartest person on the planet but he finds a way to tell a technical story in a way that keeps it accessible to the (more) common man. I think Steve Gibson is effectively sponsoring the show via his own time and probably financially aswell for the opportunity to peddle his product which he's apparently allowed to do during the first 20 minutes of the 90 minute show.

My advice would be to just listen to what they're saying and keep in mind who's saying it and if there's an angle for Steve. I don't think Leo would stand for Steve putting commercial interests above the quality of the show and they've been at it long enough to say it's probably not going on all that much.

Point remains: Judge the show by yourself on its own merit. If Steve's peddling SpinRite, well, of course he is. It's where he makes his cheddar. If it's incessant and/or makes the show crap, the show's crap. If it's more a 'sponsored segment' in an otherwise solid show type situation, just fast-forward when the SpinRite jig is gets played or go get a snack or something for that time, and continue listening when the actual topics get discussed. According to TWiT's own wiki page for that show that point is roughly 20 minutes in.

[Lost In Cyberia]

I really, really don't think Spinrite is a joke, or is hokey. I'm a huge fan of Gibson (no not in a cult.. ) He's very smart, even just listening to him talk, when he gets on a roll, you get the sense that he's put a lot of time into whatever he's speaking about. He wrote Spinrite in Assembly Language...writing anything in assembly already gets respect from me. It's been on the market for over a decade... I'm pretty sure if the thing wasn't real, or a hoax, it'd have disappeared. In fact as we speak he's working on an update for better support for SSD's and some speed increases.

I read the technical details of how it works, and from someone who's still an intermediate IT guy, I can't say for certain, that YES it'll always work, but I think for 90 bucks. it's darn worth a try. Check out the pdf of how it works before passing judgement :

https://www.grc.com/files/technote.pdf

By the way...I think you really have it backwards...Leo Laporte is a jerk. Yes he may know stuff, and able to translate it well, but the guy is rude, arrogant and is very two faced to the public.

Edited May 26, 2014 by Lost In Cyberia

[Mr-Protocol]

He fails to understand one thing, that read/write heads can go bad. Also with a failing disk, the last thing you want to do is read/write data all over the place to try and accommodate bad sectors. This is a simple concept: If a disk is going bad, STOP USING IT! Storage is cheap. Trying to run all these repair/recovery/fix tools do not solve the problem. In my opinion, they make it worse by stressing the disk more as it's failing.

I have been using 2 hard disks for over 6 years, even transplanted them into my new system, and they are still working fine. The auto management of the disk drives are sufficient enough in a modern day world.

SpinRite's new DynaStat data recovery technology has proven surprisingly effective at

recovering unreadable data wherever it occurs on any drive, in any sector, in any file,

anywhere within any DOS hard or floppy disk partition. The DynaStat system's statistical

analysis capability frequently determines a sector's correct data even when the data could

never be read correctly from the mass storage medium.

What magic is this? Brute forcing the CRC (Which you can never see)? If a hard disk cannot read and validate the data, it is not passed through the controller.

Also, most of his points jump back to floppy disks, which the bad sectors are stored in the FAT file system which is stored ON THE FLOPPY DISK itself. If you have a "bad portion of the disk" smack in the middle of your FAT table, bye bye floppy disk. There is no fixing that.

[fearnothing]

OK, let me just say that my degree's in computer forensics, so for one thing I can see that the SpinRite FAQ page is skating around the edges of plausibility and being unnecessarily vague. I'm not familiar with how malleable drive firmware is these days so I can't be certain the stuff about "low level data integrity maintenance" is bullshit, but the language in general is similar to diet pill adverts, faith healing and homeopathy. I assume when you mention the CRC that can't be seen, you're talking about the overhead data that's part of the drive's basic formatting (not the partition/volume format, the disk format itself)? My current understanding is that the controller alone can see this information on modern disks.

[cooper]

Watch the talk I posted. The driver can ask the controller to spit that data out so it can run with it and certain bits of (typically specialised) software do just that. In general, you don't want that sort of software as the primary way of accessing your data. The drive manufacturer tends to hide that information from the driver for a good reason and you're best off leaving that stuff alone.

[Mr-Protocol]

OK, let me just say that my degree's in computer forensics, so for one thing I can see that the SpinRite FAQ page is skating around the edges of plausibility and being unnecessarily vague. I'm not familiar with how malleable drive firmware is these days so I can't be certain the stuff about "low level data integrity maintenance" is bullshit, but the language in general is similar to diet pill adverts, faith healing and homeopathy. I assume when you mention the CRC that can't be seen, you're talking about the overhead data that's part of the drive's basic formatting (not the partition/volume format, the disk format itself)? My current understanding is that the controller alone can see this information on modern disks.

Yes, there is a CRC at the end of each sector which is to represent the data on the sector. So the disk will read the data, create a CRC from what it read, compare it to the CRC on the disk, and if it matches, the controller will pass it to the process that requested it. If it doesn't match, throws error and nothing is passed. I have a degree and work doing computer forensics ;)

If you want to dive deep into some of the inner workings: http://www.research.ibm.com/research/gmr.html

[fearnothing]

OK yeah I knew about using ddrescue; I didn't know that you could gather the exact error, though it doesn't surprise me. But can you actually override the controller's read algorithms to pick up data where the write process has actually failed at the magnetic level to write a good signal? Because that's the part where it starts sounding to me like snake oil. Thanks for reminding me about the talk, I couldn't watch it yesterday and by today I'd forgotten.

[Mr-Protocol]

OK yeah I knew about using ddrescue; I didn't know that you could gather the exact error, though it doesn't surprise me. But can you actually override the controller's read algorithms to pick up data where the write process has actually failed at the magnetic level to write a good signal? Because that's the part where it starts sounding to me like snake oil. Thanks for reminding me about the talk, I couldn't watch it yesterday and by today I'd forgotten.

I prefer dd_rescue opposed to the GNU ddrescue. Mostly for the zero fill on error. You don't get any errors on a bad read, it just doesn't pass the data. The only way to get the data read after the CRC fails is to have complete access/control over the hard disk controller itself, which isn't happening.

http://www.garloff.de/kurt/linux/ddrescue/

[TN.Frank]

Check out the latest Tekzilla, they talk to Steve about SpinRite and it looks like it's a pretty decent tool if you have the $89 bucks to drop on it.

[cooper]

Is it worth the price of a new harddisk?

[Snubs]

Yup, I was curious about it too, so I interviewed Steve Gibson on Tekzilla. It's a pretty cool tool, but it's pricey.

[Lost In Cyberia]

Well Cooper, I'd say it is definitely worth the price if you have really valuable data on the dying drive. My thoughts are this...Steve never says that SpinRite is a magic pancea for a drive. Yes if the heads go bad, or the platters are shot to sh*t then definitely, no amount of spinrite is going to fix that. But there are occasions where a sector or two just won't read right. This is where I think spinrite should be used. I've heard from multiple people that it has actually recovered data. Albeit it could take hours. I think more than anything spinrite is good at just having the drive attempt to read the failed sector so many times, that pure odds is what makes it work.

[Mr-Protocol]

From my forensic understanding of how hard disks work. It's BS. Until he is willing to sit down with me and show me debugging of it actually doing what it says (reading bad data from a sector even though it doesn't pass internal CRC checking and will not pass through the controller to the computer), my opinion will not change.

Listening to the interview - sounds like he is just attempting reads over all the sectors to trigger internal functions to the hard disk controller. Pretty much beating up a potentially failing hard disk / SSD. SSDs translate to "sector" but uses blocks/pages.

Reading: http://www.forensicswiki.org/wiki/Error_Correction_Code

http://www.research.ibm.com/research/gmr.html

[TN.Frank]

Yup, I was curious about it too, so I interviewed Steve Gibson on Tekzilla. It's a pretty cool tool, but it's pricey.

Still, from what I've read if you send your hard drive out for data recovery it can run in the hundreds of dollars to get the data pulled from it so really, $89 isn't too bad to save your data.

I keep all my important stuff on a couple external hard drives and for no more then they're run they should last for quite a while. If I did have a hard drive crash on my one laptop or an SSD failure on one of the other two it's just a matter of getting a new HDD or SSD and doing a reinstall of Manjaro then setting things back up since there's no real data that I'd lose.