| 
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Finally, you can manage your Google Docs, uploads, and email attachments (plus Dropbox and Slack files) in one convenient place. Claim a free account, and in less than 2 minutes, Dokkio (from the makers of PBworks) can automatically organize your content for you.

View
 

WORM drives

Page history last edited by Andrew Alder 4 days, 21 hours ago

a page of technology, maybe one of my good ideas  but in that case one of my professional failures

 


 

Preamble

Years ago, before CD-R, there were optical drives known as WORM ('Write Once Read Multiple') drives. They were expensive and I looked at them briefly and longingly as a means of offline storage of images, this in the days when 80MB was a large HDD, USB thumbdrives weren't even on the horizon, image compression was not so well-developed and image storage was a real problem despite small file sizes necessitated by relatively small memory (my 16MB of RAM was in those days greeted by friends with a 'wow').

 

AFAIK they are no longer available, made redundant by CD-R, CD-RW and the various DVD formats. Were I dictator-for-life, that would change. This isn't quite what the Wikipedia article said last time I checked. There's more to WORM than you might think.

 

The beauty of the original WORM drives as opposed to CD-R is that on a true WORM you can't easily change the data once it is written. The firmware in the drive prevents it. This was not a deliberate feature, and nobody seems to have valued it. Again, were I d-f-l I'd not only bring back this feature, I'd strengthen it.

 

Business use

The WORM drive is the right medium for any data that has the following characteristics:

 

  • It needs to be stored for more than a few days.
  • It shouldn't ever be changed once it's written.

 

These are of course the characteristics of nearly all financial data. Errors in a ledger aren't corrected by changing them. They are corrected by reversing them with balancing entries. Or that's what my audit training told me, anyway. A hard disk drive, on the other hand, is about the worst possible storage mechanism for such data.

 

The rejection of my proposal to the EDP Auditor's Association (published in Australia in EDPACS newsletter, I don't have the date to hand) that we should promote the use of WORM drives was, in hindsight, the beginning of my disillusionment with auditing as a profession. WORM drives stood to empower the people, and reduce the overheads of financial auditing. Nobody cared.

 

Again, if I were d-f-l, every ATM, every POS terminal, every place that is capable of offline processing of financial data would have a cheap, mass-produced WORM drive, using cheap mass-produced media not mountable on a CD-R but using similar technology, and with a "printable" top surface which could not only be printed, but also signed with a felt pen. These disks would be kept as permanent archives of the transactions.

 

Possesion of machinery capable of tampering with these records would be a criminal offence similar to counterfeiting. There is no reason for anybody to have such gear unless they are committing fraud.

 

Food for thought? Maybe it's not too late. If we are serious about empowering the little guys, and protecting them from Enron and the like, WORM drives still make a lot of sense to me.

 

Private and general use

Imagine that you could save a file knowing that no virus, ransomware, or error could ever corrupt or delete it.

 

That's what saving a version to a WORM drive does.

 

Attractive? It should be. Files include not just documents and images. They even include programs. Still more attractive? It should be.

 

Why they don't want you to have it

There are obviously issues if you live in a state or territory where you have reason to fear the authorities. These authorities might for example compel all users of computers to keep logs of their emails, and reveal any passwords protecting them. But that's already happening even without WORM drives. Where I live, if the police impound my computer, or even a hard drive or thumb drive etc, and find it's password protected and ask me for the password, I am obliged to give it. If I've honestly forgotten it, I'm a criminal.

 

And that's in a country that calls itself part of the free world.  As Arlo Guthrie said, they'll get anybody.

 

But there are far more sinister reasons for opposing WORM technology. I said above, programs are themselves files. If I had for example saved a complete image of Windows XP Service Pack 3 (oh how I wish I had!) with Office 97 installed (all of which I quite legally installed), I'd be much happier running that than forced to use Windows 10 and go to an online-only version of Office. And that does not fit the business plan of Microsoft one bit!

 

How it could work now

Obviously the previous technology could be rolled out again. But that's not the only way, or even the best way.

 

I'd suggest instead that what is needed now is a WORM thumbdrive. There are several possible hardware implementations. The piledriver approach is for it to be intelligent, but for its own programming to be strictly non-upgradable. Burned into ROM preferably. Its storage can then be RAM or ROM, it doesn't matter.

 

Because for the data storage itself, ROM has neither advantages nor disadvantages over RAM. The data needs to be protected against any form of corruption.

 

And if the programming ever really needs an upgrade, you simply transfer the date to a new thumbdrive and throw the old one away. Any other approach is a compromise and the security can be breached.

 

 

It's still a business opportunity IMO

So watch this space! I disclosed it back in the 1980s so I cannot patent it. But I'd love someone to run with it like any of my other good ideas.

Comments (0)

You don't have permission to comment on this page.