Today I Learned
What did you learn today? Share it with us!
We learn something new every day. This is a community dedicated to informing each other and helping to spread knowledge.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rules (interactive)
Rule 1- All posts must begin with TIL. Linking to a source of info is optional, but highly recommended as it helps to spark discussion.
** Posts must be about an actual fact that you have learned, but it doesn't matter if you learned it today. See Rule 6 for all exceptions.**
Rule 2- Your post subject cannot be illegal or NSFW material.
Your post subject cannot be illegal or NSFW material. You will be warned first, banned second.
Rule 3- Do not seek mental, medical and professional help here.
Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.
Rule 4- No self promotion or upvote-farming of any kind.
That's it.
Rule 5- No baiting or sealioning or promoting an agenda.
Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.
Rule 6- Regarding non-TIL posts.
Provided it is about the community itself, you may post non-TIL posts using the [META] tag on your post title.
Rule 7- You can't harass or disturb other members.
If you vocally harass or discriminate against any individual member, you will be removed.
Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.
For further explanation, clarification and feedback about this rule, you may follow this link.
Rule 8- All comments should try to stay relevant to their parent content.
Rule 9- Reposts from other platforms are not allowed.
Let everyone have their own content.
Rule 10- Majority of bots aren't allowed to participate here.
Unless included in our Whitelist for Bots, your bot will not be allowed to participate in this community. To have your bot whitelisted, please contact the moderators for a short review.
Partnered Communities
You can view our partnered communities list by following this link. To partner with our community and be included, you are free to message the moderators or comment on a pinned post.
Community Moderation
For inquiry on becoming a moderator of this community, you may comment on the pinned post of the time, or simply shoot a message to the current moderators.
view the rest of the comments
Imagine if you were a malicious actor and you wanted a copy of all photos someone plugged into a computer that were not things like browser cache, just good honest to god OC.
All you have to do is listen on drive letters D, E, F, G and when one is plugged in with a DCIM directory... silently upload the data contents to a server over the internet when a drive is detected with that subdirectory.
Have you ever wondered why you couldn't eject a drive without rebooting? It's not like it's going to tell you what process is keeping it locked... Encryption wouldn't even matter, because you're gonna need to decrypt/unlock it to access it, and windows doesn't care what service or application is trying to access it, it is glad to allow any kind of file action without even admin rights.
Anywho, actor has your photo, AI trivially builds facial recognition models, pulls in timestamps, geolocation metadata, camera metadata... and now those photos you never intended to upload anywhere are in a database of PII that will be shared to god-knows-who.
If someone else has the ability to upload any of your files then the name of your folders is completely unimportant.
How do you know that the latest version of a piece of software that auto updated on your computer doesn't have anything snooping on your hard drive and uploading whatever it wants somewhere?
Think about it. How would you know? Let's assume it's not using a bug, exploit or vulnerability.
I'm not sure how that's relevant? If the default folder was "Camera" or "Pictures" or whatever else your malware would just scan those directories and any real attack likely already does. You've only described how having malware on your machine compromises your machine, not exactly a groundbreaking revelation.
Windows hasn't been my main os for a while but I'm fairly certain you can mount/unmount drives without rebooting. That's certainly the case on Linux, and my distro definitely tells me what processes are locking drives when applicable.
I work in IT for a living. Sometimes something keeps your drive locked. Windows does not confess. I wasn't talking about linux user experience because most people don't use linux like we do.
try making the disk offline and online again using diskmgmt.msc, always worked for me
you also can usually find which process is using the disk. sometimes it's a windows system process which is very stupid tho
Hmm something does not add up to me very well
What companies have you worked for that provide linux laptops and linux desktops to common users? Not developers, not as servers.
I've worked in multiple industries. Macs are not rare, but they aren't prevalent. Windows still has ultramajority market share.
On the server side, tons of things run linux. Maybe if you work for a tech company or are on a development team you use linux day to day, but this is generally a small subset of people at a company. This is not a forum for "developers" but for everybody. Someone in HR, Finance, Sales, R&D, etc is not going to be familiar with linux at work typically.
I don't doubt that there are companies out there that have linux workstations for normal users, I just doubt it's more than 2% of the workforce in the western world. It's probably way less than that.
Windows PowerToys has had this as a function for a long as I can remember. Before that there were programs which existed only to tell you what process was keeping a folder or drive open. On Linux
lsofcan do this for you.On top of this, it’s usually because the local cache hasn’t actually written all the data to the drive and if you go yanking the drive in this state, your most recent chunk of data would be missing or corrupt. The eject button forces your OS to clear its write cache before unmounting the file system.
But that’s a lot less of an exciting answer.
Hm, the way I remember it is that the cache being flushed showed a spinner before ejecting the drive. GP is referring to an actual error being shown.
It also happens from image preview caches created by explorer. I see this get hung up for some time with SMB shares and the like that have images.
Something is still interacting with the photos on your device, and although it may be mundane... do you really know every single service and process running on your device, all the time? Could we ever know? Just takes one dependency for one thing you installed to be bogus... it could even be from a rootkit installed in bios that installs whatever software on bootup so even if you wipe your system it's there, ever monitoring, ever feeding your data away.
There's just no user friendly tooling on windows that's built-in which would ever pick this stuff up. AV doesn't know what is desired or undesired behavior when it comes to stuff like this either. Sure, it won't send up stuff protected by UAC from a non-admin request... but thumb drives, CF cards, SD cards etc all have no restrictions.
Powertoys should be installed by default. Its a testament to how out of touch MS is that they leave all these great features as a little known optional install. Almost every single thing in power tools should be in windows outright.
I use it on any machine that I have to use windows on, and tell everyone I can about it. Just feels like such a miss to leave those features out of the OS
Yeah, File Locksmith from Power toys is great!
I have power toys... well on my windows dual boot anyway. Do normal users? Probably not.
I've used unlocker tools in the past as well, but this is not something provided in the OS and as such not something a typical user is even aware of, let alone has available.
You can just install it if you do need it to debug something on their pc though. There's probably even portable versions you don't have to install at all.
The unmounting needing a reboot seems very much a you problem.
I have managed over 1000 systems since XP days and never came across it.
You've never, ever plugged in a thumbdrive and then used the "safely remove hardware" tray to try and eject... only to receive an error that says "unable to remove, in use" or similar?
I guess i've never seen it happen when I was using a thumb drive to image a machine well over a decade ago.
There are a few people on the internet who seem to have reported this though:
https://www.reddit.com/r/Windows11/comments/12t8pwo/i_cant_eject_any_storage_even_if_nothing_obvious/
https://www.reddit.com/r/WindowsHelp/comments/pnbfcf/this_device_is_currently_in_use_when_trying_to/
https://learn.microsoft.com/en-us/answers/questions/4212072/cant-eject-external-hard-drive
https://www.reddit.com/r/LenovoLegion/comments/uv5uag/cant_safely_eject_usb_drives_on_legion_716achg6/
There are thousands of results of this. I have encountered this dozens of times personally across dozens of different systems.
no, not even with those fake size ones.
can confirm i see this every time on multiple win7 and 10 machines, making the disk offline and online again on diskmgmt.msc always works. right click and eject in explorer also usually works but not always.
Read about magic bytes
You'd be surprised (or maybe not) at how many people name folders or files, "your eyes only"