I know I haven’t posted in a while, but I hope that “that time” has come to an end. I’ve been bound and determined to rekindle my dedication, but have been lacking that troubled feeling that was oh so necessary. Until now…

The story begins last night as my wife and I were walking through a well-known big-box electronics retailer. I spotted a good deal (rare at this sort of brick and mortar store since the introduction of online retailers, except during the now 6-month-long holiday season) on a rather large external hard drive.

“We should probably get one,” I say to my wife hoping she’d ask “why”.

“Why?”

“Because we should really keep a backup of the… oh… 50,000 pictures we’ve taken since becoming a family. You know, I wouldn’t want to lose ALL of the pictures we’ve taken since the birth of our 4-year-old son,” I anxiously reply, hoping to sway the already-made decision of this beautiful, and again expecting, mother.

Of course, swaying that premade “NO” (but in more words) towards a “yes” would have been seen by some as a statistical impossibility. They would have been right. We left empty-handed (well I did, she did need maternity clothes, just not from the electronics store) and put the thought of all our family pictures back deep down the wells of our brains. I had dropped them so deep, in fact, that I had given them almost no thought when I had a bit of a HD hiccup that night and decided that, at this point, a reinstall would finally be a good thing. Not for any real reason other than I was probably a bit bored as the last install I had actually done on that machine was back when I switched from Gentoo to Ubuntu, circa 2003. Well maybe there was a small reason… and a reason that would make most go out and buy a new hard drive (or even a computer). That’s not really me, though.

I had thought that all of my personal data (music for sure, pictures apparently not) was on an old 80GB secondary drive in the same machine. The drive with the bad SMART status. No worries though, I turned SMART monitoring off in the BIOS so I don’t have to press F1 to continue anymore, but that’s beside the point. THAT drive works, it just didn’t contain any of my pictures. Symbolic links are a great tool in the Linux/Unix/anything but Windows world that can give your home directory a certain coherence when you add a drive for increased storage, but, because of them, I had stopped giving actual location any thought some-time-ago.

So there I was, drinking my coffee (this morning), left with a nice, clean, fast, fresh install of 8.04, recreating the symlinks that made my music and pictures appear to sit cleanly in my home directory. “WAIT! What happened to my pictures!?!” At that exact moment, the cloud of morning cleared within my brain and a sense of clarity (and despair) awakened me to the thought that we actually SHOULD have purchased an external drive for backup! Yes, we should have years ago, I know, but then again, I’m a bit of a maverick. I mean, I am still using a drive with bad SMART status… for a few years.So all of the pictures I think I’ve ever taken of my family were on a drive that had been completely reformatted to ext3 by an old friend, stupidity. How did I go about getting them back? Enter Foremost.

Foremost is, according to its sourceforge entry, “…a console program to recover files based on their headers, footers, and internal data structures.” It was first developed by Special Agent Kris Kendall and Special Agent Jesse Kornblum at the Air Force Office of Special Investigations and has since been made available to the masses. Basically it searches hard disks, or hard disk images, for the structure of particular files and then, copies those files to a specified directory. It works with an assortment of file types ranging from images to videos, documents to executables. So, let’s get down to how to use it:

Install was easy, as I actually installed and used it from the fresh Ubuntu install. Make sure the universe repository is enabled via System>Software Sources, and then in a terminal type:

sudo apt-get install foremost

Once installed I suggest you take a quick look at the man page. Seems easy enough. The command that I used to actually run the utility, once installed, was:

sudo foremost -t jpeg -i /dev/sda1 -o /media/disk/output -T -v

Now, I’ll break that down. The “-t jpeg” is obviously the switch for the type. There are several supported, as indicated by the previously mentioned man page which, at this point is found by typing “man foremost” in a terminal. “-i” is the switch for the input location. In my case, “/dev/sda1″ is the partition on which my lost home directory now resides (yes, I actually just gave Ubuntu’s installer the entire disk this time, another first). The “-o” switch gives the command a place to output the files. I’d suggest a separate partition from the one you’re trying to recover from as you probably don’t want to overwrite any of the data you’re trying to recover. In my case, that good ole 80 Gig with the bad SMART status will do fine, mounted at “/media/disk/”. “output” will actually be the folder name that files are recovered to, and the “-T” adds a time stamp to that folder name. I recommend adding a time stamp in case you want to try again. Then, you can run the exact same command, and have it write to a new folder. Lastly, the “-v” is to provide verbose output. The one thing that makes that switch really nice (though not necessary) is the fact that it gives some indication that you did something useful while it’s running. Without it, I think it was just giving me some “***” feedback, not a good confidence boost. After you hit “Enter”, do yourself a favor, and go do something else for a while. Get some exercise, get some sun (and fix that monitor-tan), take a shower (really how long has it been?), or give your dog one (probably been even longer). This does take quite a while to complete, but trust me, it’ll be done before you know it. I managed to pull about 57,000 jpegs (some good, some corrupted, some as bad as they were before), and I think it took about an hour and a half. I can’t say for sure; I was doing something else.

Now I was left with a folder of about 57k jpegs so what took even longer than the actual recovery was waiting for Nautilus to load 57k thumbnails. What will take even longer than that is removing all of the garbage jpegs (from the small browser cache that I use) and the partially corrupted files in Nautilus’s almost unusable state. That part, I haven’t even begun, but I can tell you, from the many page-downs I have done, that I was able to recover an estimated 90% of the pictures I was aiming for. Not perfect, but definitely a good run. The ones that didn’t make it were either half-gray or a jumbled mess, but that makes it really easy to pick out the ones that didn’t make it, even as thumbnails.

Now, I know many of you probably made it here looking for a simple resolution to the same problem, but I hope you take one thing away from this experience. The moral: BACKUP.