About | Buy | Forum | Industry Watch | Learning Curve | Products | Search | Twitter | Xnews
Home » Products » Reviews » The Good » NetShred X 3.17.0

NetShred X 3.17.0

Mireth Technology (Robert Wiebe)
Rating: @@

Robert Wiebe
8680 Rosehill Drive
Richmond BC V7A2K1
CA


Collateral damage:
$20 ($30 for boxed edition)
eSellerate lurking on your hard drive
3.2 MB disk space (can be reduced to ~600 KB)
Possibility of data recovery if you were trying to hide something

The Company

Mireth Technology offer products for OS X, MacOS, 'MacOS 7' [sic], and Windows. On the Windows side it's 'ShredIt' which is probably the origin of this application. The same prices hold there: $19.95 for a download and $10 more for a box.

The Windows download is significantly leaner, weighing in at a relatively lean 724 KB (740944 bytes). The 'zip' expands to a feared MSI installer at 801280 bytes.

The Mireth blurb claims 'ShredIt software has been sucessfully erasing data for over 10 years', which is quite the trick from several angles.

  • The web page where this claim is made (with a copyright from 2006 at the bottom) was last modified on 16 June 2006 at 19:40:06 GMT. So far so good.
  • The Mireth domain was first registered on 13 June 2000 at 00:09:43 ET. Not so good.
  • Peter Gutmann's paper 'Secure Deletion of Data from Magnetic and Solid-State Memory' was first published at the 6th USENIX Security Symposium Proceedings in San Jose California 22-25 July 1996. So Wiebe must have been using some other shredding technology for at least those first five years.

The Review


The NetShred X install prompt: users are encouraged to place the application in the wrong location.

Both GD and Tracker were used to keep track of what was being done on disk and what attempts there were to phone home. NetShred X came up clean on both accounts.

The downloaded DMG at 2.2 MB (2280745 bytes) expanded to 3.2 MB or 37 items for 3164110 bytes. Seven PDF files were found in a separate directory for 992189 bytes.

A nasty eSellerate engine for 320659 bytes was found embedded in the application package (more on this later).

Universal Binary

The application executable was a universal binary weighing in at 1556840 bytes. If the i386 image is removed the executable is only 1294648 bytes. This image is not stripped; stripping it reduces it to 421284 bytes. Total savings are already over 1 MB.

Flotsam & Jetsam

Other parts of the package can easily be cleaned. ShredIt.tiff weighs in at 80592 bytes but can easily be compressed to 30424 bytes, saving over 50 KB at the drag of the mouse. One instance each of classes.nib and info.nib can be removed. And a curious Photoshop file called TM.psd and weighing in at 2640 bytes was found to contain only the characters 'TM' [sic].

The mode of all files in the package was set to 0755.

Secondary Executable

A secondary executable was found: ESNConvertServer weighed in at 27968; was not universal; but was stripped.

After Cleaning

The total size of the application package after proper cleaning was a mere 15 items weighing in at 899969 or 900 KB. Removing the eSellerate modules would have brought the size down to approximately 600 KB.

Run the App

Launching the app through Tracker reveals two windows, one of which is a purchase nag and presumably is supposed to block the other one, but it doesn't. Just click on the main window and it's gone - for now.

As Safari was running, the main window stated 'a supported browser or email application is running'; when Safari exited NetShred X said 'all supported browser or email application have quit' [sic]. This is not done through the workspace but by polling with regular intervals.

There's a 'hide' button evening out the bottom row on the main window which accomplishes the same thing as ⌘H.

Trying ⌘? to invoke help produced nothing, possibly due to the PDF files not being imported.

Not a Lot to Do

There obviously isn't a lot to do here. It's all automatic. The app handles Camino, iCab, IE, Firefox, Mozilla, Mail, Mailsmith, Netscape, OmniWeb, Opera, Safari, Shiira, Eudora, and Thunderbird. A rather complete collection.

It does this by going after preset directories where the caches are located. (See the appendices.)

The app states 'if an application is running then items cannot be shredded. You must quit the application to shred its items'. Which may be the way the app wants to run, but it's not absolutely necessary: CLIX does it all the time and Unix scripts can do it too.

A log file appeared but was for the moment zero bytes in size: ~/Library/Logs/NetShred X Log.txt.

The preferences in ~/Library/Preferences/com.mireth.netshred.plist were so far the following.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>FirstRun</key>
    <true/>
    <key>NSWindow Frame My Window</key>
    <string>326 314 499 368 0 0 1152 746 </string>
    <key>ProfilesMenu</key>
    <array/>
</dict>
</plist>

The app seemed to want to arbitrarily reposition its windows everytime it regained focus. (More on this later.)

Shredding?

Cleaning up caches is fine; all of this can of course be accomplished by a simple Unix script. (CLIX has one of course.) Automating the process and/or 'wrapping' the targeted applications so the shredding takes place either on a regular basis or as soon as a target exits is of course something that has to be 'programmed'.

 

And although most users will be interested in just 'cleaning' these caches ('purging' and even 'secure removal' are also possible from the command line or with CLIX) the accent here is on 'shredding': protecting your privacy.

Unfortunately there is little evidence any secure shredding will ever take place. Instead, the app offers 'random', 'zeros', 'ones', 'zeros and ones', and 'ones and zeros' [sic]. That this can be repeated up to thirty five times changes nothing: shredding like this is simply not secure.

As many security vendors are wont to do, Mireth use buzzwords in the above context such as 'government standards' and 'NSA'. None of these terms mean anything. Perhaps the most repulsive of these is 'DoD 5220 Sanitize' which is a kindergarten level classification for cleansing computer memory (RAM) and totally inapplicable here.

Linkage

The app's linkage is fairly straightforward although the image itself reveals further dependencies. (See the appendices.)

/System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
/System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
/usr/lib/libcrypto.0.9.dylib
/usr/lib/libSystem.B.dylib

How it Works

NetShred X currently contains data on fourteen applications. Data on the location of files to be targeted are embedded in the executable. (See the appendices.)

SQLite & yacc?

The executable also contains an embedded SQLite and yacc parser.

The following short description of SQLite comes from the SQLite website - whether it qualifies as 'small' is another matter.

'SQLite is a small C library that implements a self-contained, embeddable, zero-configuration SQL database engine.'

yacc (and lex) are of course the Unix 'compiler compiler' tools from Steve Johnson and Mike Lesk of the Bell Laboratories Unix team.

What these modules are doing in the application is also another matter.

BrowserWatch

BrowserWatch is an interesting addition which makes it possible to 'wrap' usage of web applications. The feature waits for targets to exit and then shreds their files. It's much more useful (and less annoying) if the 'confirmation' box is not ticked. Also, NetShred X must of course be launched and kept running for this to work.

2nd Run?

A second attempt to activate NetShred X's shredding failed completely. Perhaps this was part of the 'trial nag' and only one shred is allowed, but the preferences file didn't seen to indicate this: even after the second (failed) run it revealed the same data.

    <key>FirstRun</key>
    <true/>

Bottom Line

NetShred X offers an easy way to clean flotsam and jetsam left by web applications. Although its targets and paths are both static, there's a reasonable assurance these settings will not change immediately and the product will be effective.

Naturally all the above can be easily (and more flexibly) accomplished from a Unix script or with CLIX, and in the event either of the latter two are used adjustments can be made for new targets and new locations for their files.

It's the promise of 'shredding' which is a bit unsettling, as none of the proffered shredding methods do anything close to ensure 100% privacy and security.

But the app looks good, is tastefully organised, and with a little home brew tweaking need not take anywhere near the intended 3.2 MB on disk.

Xstrings: NetShred X 3.17.0
Xstrings: eSellerateEngine_DataFork.rsrc
Xstrings: ESNConvertServer

About | Buy | Forum | Industry Watch | Learning Curve | Products | Search | Twitter | Xnews
Copyright © Rixstep. All rights reserved.