J Wolfgang Goerlich's thoughts on Information Security
Making and mounting Vss snapsnots in Windows Server 2008

By wolfgang. 25 September 2009 19:04

Tech tip: Volume Shadow Copy Services (Vss) on Window Server 2008 can make a copy of active, open files on the fly. It works on the block level similarly to an open file agent. This works a treat if you need a quick-and-dirty command line backup.


To make a copy of the (C:) volume:

C:\> vssadmin create shadow /for=c:


To view copies of the (C:) volume:

C:\> vssadmin list shadows /for=c:


To mount a shadow copy as a browseable folder:

C:\>mklink /d <folder name> <shadow copy volume from list>

C:\>mklink /d C:\mycopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6


For more information, see:


Business Continuity | Systems Engineering

Food for Thought: Brain Train Smoothie

By wolfgang. 15 September 2009 04:40

Since the work of a technologist is primarily mental, I am always on the look-out for ways to boost mental capacity. One way is thru food. Below is my recipe for a "brain train" smoothie. The drink provides a number of nutrients recognized for improving memory and cognition.

The smoothie weighs in around 500 calories. It equates to two servings of fruit and a half serving of vegetables. Consuming two smoothies daily fulfills the FDA recommended allotment of fruit and veggies.

Feedback is welcome, drop me an email. The drink is very much a work in progress.


1/2 cup or about 12 frozen dark sweet cherries (1/3 frozen package)
2/3 cup frozen blueberries (1/4 frozen package)
1/2 cup frozen chopped spinach (1/2 frozen package)
2 cup low-fat yogurt (1/2 large container)
1 raw egg
2 heaping teaspoons Soy protein powder
1 heaping teaspoon cinnamon
4 shots espresso, or 4 oz strong coffee, chilled


1. Make shots of espresso and chill it.
2. Use the food processor to thoroughly chop the cherries, blueberries, spinach, soy protein, and cinnamon.
3. Use the food processor to mix in the yogurt and egg.
4. Use the food processor to whip in the espresso.

Additional information

Complete nutritional information is available in an Excel spreadsheet.


"University of Redding have shown that eating blueberries may ‘increase powers of concentration by as much as 20 per cent over the day.’"

Caffeine and coffee for boosting focus, energy, and possibly growing neurons.

Smith, A. (2002), Effects of caffeine on human behavior, Food And Chemical Toxicology

Borota, D., and Murray, E. (2014) Post-study caffeine administration enhances memory consolidation in humans

Korkotian, E., and Segal, M. (1999), Release of calcium from stores alters the morphology of dendritic spines in cultured hippocampal neurons, Proceedings of the National Academy of Sciences

Caffeine clue to better memory

Cinnamon extends the effects of the smoothie by leveling out the blood sugar.

Spoonful of cinnamon helps blood sugar stay down
Hlebowicz, J. (2007), American Journal of Clinical Nutrition


The smoothie provides choline from yogurt, spinach, and soy protein. "A new research study done at MIT suggests that a combination of choline, omega-3 fatty acids with the uridine improved memory and learning in gerbils, and may have benefits for Alzheimer patients."


The smoothie provides ample folate from spinach. "Observational studies show that low folate and elevated homocysteine concentrations are associated with poor cognitive performance in the general population."

Excerpted from Alzheimer's Disease, Cognitive Decline and Nutrition Newsletter


Edited January 2014 to add the caffeine and memory study.



TJ Maxx security incident timeline

By wolfgang. 2 September 2009 04:20

Here is an overview of the TJ Maxx security incident, CliffsNotes style.


The Actors

TJX companies
T.J. Maxx, Home Goods, Marshalls
The largest apparel and home fashions department store in the United States
Owns chains in USA, Canada, UK, Ireland, Germany, and Poland
Headquartered in Framingham, MA
Founded in 1956

Hannaford Brothers
Supermarket chain in the United States
Headquartered in Scarborough, Maine
Subsidiary of Belgian Delhaize Group
Founded in 1883

Albert Gonzalez
Role: ringleader (Segvec)
Born 1981
Parents migrated from Cuba in 1970s
High School graduate -- South Miami High School, Florida
Member of a black hat hacker group -- Shadowcrew

Jonathan James
Role: hacker accomplice (c0mrade)
Born in 1983
Father is a computer programmer
High school graduate -- Miami Palmetto High School, Florida
Prior conviction for computer crime -- in 2000 for breaking into the Defense Threat Reduction Agency

Damon Patrick Toey
Role: hacker accomplice
Born in 1985
Born in Virginia, moved to Florida

Aleksandr Suvorov
Role: programmer (Jonny Hell)
From Sillamae, Estonia

Maksym Yastremskiy
Role: the fence
Born in 1984
A Ukrainian vacationing in Turkey

The Timeline

July, 2005
Gonzales and his crew identify a weakness in TJX
Sensitive internal WiFi lan is running WEP
Gonzales, et al, compromise the networks
- Install backdoors
- Begin probing for sensitive data

August, 2005
TJX databases are compromised
- Point of sales
- Credit processing transactions
Gonzales, et al, have access to:
- credit card, debit card, check, and merchandise return transactions
Maksym Yastremskiy begins trading stolen credit cards from TJX and Hartford

September, 2005
TJX upgrades its WiFi for security
- Removes WEP, adds WPA
TJX begins monitoring for suspicious activities
Gonzales, et al, continue collecting and selling credit cards utilizing the backdoors previously installed

December, 2006
TJX detects the intrusion
TJX reports the incident to law enforcement
Gonzales, et al, continue collecting cards

January, 2007
TJX makes a public announcement on the attack
TJX notifies people who may have been affected
TJX engages third parties to overhaul its system security
- Deloitte, General Dynamics, IBM

March, 2007
"By the end of March 2007, the number of affected customers had reached 45.7 million […] In addition to credit card numbers, personal information such as social security numbers and driver's license numbers from 451,000 customers were downloaded by the intruders."

Investigators identify 14 people involved
Investigators identify more targets
- Barnes and Noble
- Dave and Busters
- Heartland Payment Systems
- OfficeMax
- Et cetera ...

May, 2008
Jonathan James’ house is raided and his equipment is seized
James takes his life on May 18

September, 2008
Damon Patrick Toey pleads guilty and prosecutors agree to a plea deal
11 (incl. Gonzales, Toey) arrested
USA contacts Estonia about Aleksandr Suvorov

August, 2009
Gonzales is indicated for the crime
Yastremskiy is arrested in Turkey, and USA seeks extradition

Related Links

Former Teen Hacker’s Suicide Linked to TJX Probe

One year later: Five takeaways from the TJX breach



    Log in