briantr@sunnet.EBay.Sun.COM (Brian Tran) (11/16/90)
Hi there, We have a Wyse386 which are being shared by other users. Unfortunately, I have other private programs/data that I don't want other users to read or delete. How can I protect my directory in MS-DOS (mine is 3.3) ? Thanks, brian
16012_3045@uwovax.uwo.ca (Paul Gomme) (11/19/90)
In article <3920@male.EBay.Sun.COM>, briantr@sunnet.EBay.Sun.COM (Brian Tran) writes: > Hi there, > > We have a Wyse386 which are being shared by other users. > > Unfortunately, I have other private programs/data that I don't > want other users to read or delete. > > How can I protect my directory in MS-DOS (mine is 3.3) ? You can hide the directory or files. You can write protect (i.e. read only)the files (perhaps the directory as well). You could encrypt the files. -------------------------------------------------------------------------- Bitnet: gomme@uwovax.bitnet gomme@uwovax.uwo.ca Internet: gomme@uwo.ca
bkd3019@rouge.usl.edu (Dore Brian K) (11/20/90)
Probably the easiest way to hide something on a pc is to not hide it at all. Just rename 'game.exe' to 'epson.drv' or something and keep it in a subdirectory called 'install' under the directory for your favorite software. Just rename it when you want to play. And don't forget to change it back when you're done. If you need a nasty filename that nobody will look at, just take a look at Wordperfect program/data files, or Microsoft language program/data files. Brian
mvolo@uncecs.edu (Michael R. Volow) (11/20/90)
One can hide, but not write-protect, directories in MS/PC-DOS... unless, one obtains a separate security program; or unless one uses instead DR DOS 5.0, an MS-DOS clone. -- Michael Volow, Psychiatry, Durham VA Med Center, Durham NC 27712 919 286 0411 Ext 6933 mvolo@ecsvax.edu
rudolf@curano.acadch.com (Rudolf Kuenzli) (11/28/90)
In article <3920@male.EBay.Sun.COM> briantr@sunnet.EBay.Sun.COM (Brian Tran) writes: >Hi there, > > We have a Wyse386 which are being shared by other users. > > Unfortunately, I have other private programs/data that I don't > want other users to read or delete. > > How can I protect my directory in MS-DOS (mine is 3.3) ? > >Thanks, >brian Try with 'Secret-Disk' from Lattice. It will take a part of your hard disk partition (you will decide how much) and create a logical partition. The whole partition will be encrypted that means empty tracks too. If you have let's say a drive C: before, you will have addtionnallyy a drive D:. You may turn on/off that disk as you like. Turning on the disk means that you will have to enter the passsword you did use for the encyption of the partition. There is a resident module load from 'config.sys' when you boot the system. You may work on your secret drive like on a normal drive. I am using 'Secret Disk' for years now and don't have one complaint. Rudolf
devolder@matt.ksu.ksu.edu (Eric DeVolder) (11/30/90)
In article <6@curano.acadch.com> rudolf@curano.acadch.com (Rudolf Kuenzli) writes: >In article <3920@male.EBay.Sun.COM> briantr@sunnet.EBay.Sun.COM (Brian Tran) writes: >>Hi there, >> >> We have a Wyse386 which are being shared by other users. >> >> Unfortunately, I have other private programs/data that I don't >> want other users to read or delete. >> >> How can I protect my directory in MS-DOS (mine is 3.3) ? >> >>Thanks, >>brian > >Try with 'Secret-Disk' from Lattice. It will take a part of your hard >disk partition (you will decide how much) and create a logical >partition. The whole partition will be encrypted that means empty tracks >too. If you have let's say a drive C: before, you will have >addtionnallyy a drive D:. You may turn on/off that disk as you like. >Turning on the disk means that you will have to enter the passsword you >did use for the encyption of the partition. There is a resident module >load from 'config.sys' when you boot the system. You may work on your >secret drive like on a normal drive. >I am using 'Secret Disk' for years now and don't have one complaint. > >Rudolf I just wrote a program that will disable any drive. So, for instance, if you have a partition D: with your private info on it, you could simply run this program and it will disable it. This is not as drastic as altering the FAT. For more information, send me a note. Eric DeVolder devolder@ksuvm.ksu.edu
tjr@cbnewsc.att.com (thomas.j.roberts) (11/30/90)
From article <1990Nov29.184157.25548@maverick.ksu.ksu.edu>, by devolder@matt.ksu.ksu.edu (Eric DeVolder): > In article <6@curano.acadch.com> rudolf@curano.acadch.com (Rudolf Kuenzli) writes: >>In article <3920@male.EBay.Sun.COM> briantr@sunnet.EBay.Sun.COM (Brian Tran) writes: >>>Hi there, >>> >>> We have a Wyse386 which are being shared by other users. >>> >>> Unfortunately, I have other private programs/data that I don't >>> want other users to read or delete. >>> >>> How can I protect my directory in MS-DOS (mine is 3.3) ? >>> >>>Thanks, >>>brian >> >>Try with 'Secret-Disk' from Lattice. It will take a part of your hard >>disk partition (you will decide how much) and create a logical >>partition. The whole partition will be encrypted that means empty tracks >>too. If you have let's say a drive C: before, you will have >>addtionnallyy a drive D:. You may turn on/off that disk as you like. >>Turning on the disk means that you will have to enter the passsword you >>did use for the encyption of the partition. There is a resident module >>load from 'config.sys' when you boot the system. You may work on your >>secret drive like on a normal drive. >>I am using 'Secret Disk' for years now and don't have one complaint. >> >>Rudolf BEWARE! If someone really wants your data, Secret-Disk can be broken easily by a knowledgeable person (I evaluated it for possible use, but abandoned it after I broke its protection in less than an hour). Strong computer security is a difficult problem - the Department of Defense Computer Security Center has levels of trust for computer systems, but NO useful systems have been evaluated at the higher levels of trust (B2 and up). In particular, PCs have special problems because of their usual lack of physical security. IT IS IMPOSSIBLE TO HAVE STRONG COMPUTER SECURITY WITHOUT EQUALLY STRONG PHYSICAL SECURITY. It may not be necessary to lock up the entire PC, but some PHYSICAL device must be locked up in order to obtain strong security. In this sense, Secret-Disk is attempting the impossible, and predictably fails. For many users, programs such as Secret-Disk may be sufficient, for those of us interested in the theoretical aspects of computer security, and those interested in REAL security, such naive approaches are a joke. Beware, however, of approaches which seem to provide security, but in fact don't. To repeat: ANY SECURITY SYSTEM WHICH DOES NOT HAVE A PHYSICAL DEVICE UNDER PHYSICAL PROTECTION CANNOT PROVIDE REAL SECURITY. The usual approach is to use PCs with only removeable media, and to lock them up when not in use, and to keep the (media-less) PC in a controlled environment where nobody can change EPROMs or other hardware without being observed. For many users, such efforts are not warranted. Tom Roberts att!ihlpl!tjrob TJROB@IHLPL.ATT.COM
swh@hpcupt1.cup.hp.com (Steve Harrold) (11/30/90)
>>> To repeat: ANY SECURITY SYSTEM WHICH DOES NOT HAVE A PHYSICAL DEVICE >>> UNDER PHYSICAL PROTECTION CANNOT PROVIDE REAL SECURITY. >>> --- Tom Roberts ---------- How would you classify schemes such as DES or the public key encryption schemes. Surely, given enough time they can be decoded, and by such time it is assumed that the data is no longer useful. But, given enough time one can also remove the physical device without damage to the data.
mlord@bwdls58.bnr.ca (Mark Lord) (12/05/90)
In article <51060001@hpcupt1.cup.hp.com> swh@hpcupt1.cup.hp.com (Steve Harrold) writes: <>>> To repeat: ANY SECURITY SYSTEM WHICH DOES NOT HAVE A PHYSICAL DEVICE <>>> UNDER PHYSICAL PROTECTION CANNOT PROVIDE REAL SECURITY. <>>> --- Tom Roberts <---------- <How would you classify schemes such as DES or the public key encryption <schemes. Surely, given enough time they can be decoded, and by such time <it is assumed that the data is no longer useful. But, given enough time <one can also remove the physical device without damage to the data. Err.. my understanding of the current DES is that it can actually be "broken" very quickly on existing FAST computers, owned by say, the US gvt. -- ___Mark S. Lord__________________________________________ | ..uunet!bnrgate!mlord%bmerh724 | Climb Free Or Die (NH) | | MLORD@BNR.CA Ottawa, Ontario | Personal views only. | |________________________________|________________________|
cjwein@watcgl.waterloo.edu (Chris J. Wein) (12/05/90)
In article <5034@bwdls58.UUCP> mlord@bwdls58.bnr.ca (Mark Lord) writes: >Err.. my understanding of the current DES is that it can actually be "broken" >very quickly on existing FAST computers, owned by say, the US gvt. Yup, DES just doesn't cut it any more. In fact, new encryption algorithms are sometimes measured in DES units where a single DES unit represents the amount of computation time required to break DES (and the ratings are always greater than 1!). The newest algorithms are several orders of magnitude more difficult to break than DES. -- ============================================================================== Chris Wein | cjwein@watcgl.waterloo.edu Computer Graphics Lab, CS Dept. | cjwein@watcgl.uwaterloo.ca University of Waterloo | (519) 888-4548
rtaylor@tron.UUCP (Randy Taylor) (12/16/90)
In article <5034@bwdls58.UUCP> mlord@bwdls58.bnr.ca (Mark Lord) writes: >In article <51060001@hpcupt1.cup.hp.com> swh@hpcupt1.cup.hp.com (Steve Harrold) writes: ><>>> To repeat: ANY SECURITY SYSTEM WHICH DOES NOT HAVE A PHYSICAL DEVICE ><>>> UNDER PHYSICAL PROTECTION CANNOT PROVIDE REAL SECURITY. ><>>> --- Tom Roberts ><---------- ><How would you classify schemes such as DES or the public key encryption ><schemes. Surely, given enough time they can be decoded, and by such time ><it is assumed that the data is no longer useful. But, given enough time ><one can also remove the physical device without damage to the data. > >Err.. my understanding of the current DES is that it can actually be "broken" >very quickly on existing FAST computers, owned by say, the US gvt. >-- > ___Mark S. Lord__________________________________________ >| ..uunet!bnrgate!mlord%bmerh724 | Climb Free Or Die (NH) | >| MLORD@BNR.CA Ottawa, Ontario | Personal views only. | >|________________________________|________________________| Hi all ! There is a PC-employable algorithm for data encryption called MPJ. I picked up info on this from CompuServe in the IBMSYS forum. There is a Master's Thesis called THESIS.DOC and a ZIP file with a menu-driven program that uses the MPJ routine on the file you specify. MPJ goes beyond DES (apparently WAY BEYOND). The key is a series of 16 individual hex digits ranging from 00 to FF. According to the thesis, it would take a string of supercomputers 10,000+ years to break the encoded data. I did some rough calculations and figured that, with the available number of keys and a computer running at 1 picosecond per key try, it would take about 1 x 10^19 years to break the code ! :-() The problems with MPJ (in my opinion) are : 1) Remembering the key. There are 256^16 of them, which is good, but each is 16 digits wide, which is bad on the brain ! 2) It is in the public domain which means the guys at the "Puzzle Palace", (just down the road from where I work) are busily working on cracking it, if they haven't already done so. DES was "tamed" somewhat by this same group so that they could get the encoded data no matter what and we couldn't (unless we had the key). The thesis has the source code (in Turbo Pascal) included. I wish I could remember the name of the author so I could properly credit him, but it escapes me. Randy Taylor Westinghouse Electric Corp. Electronic Systems Group PS - Please e-mail comments or questions to the addresses listed below. I don't make it to this forum very often. Thanks :-) ! RT -- rtaylor@sky00.bwi.wec.com from an Internet site (preferred) rtaylor@tron.bwi.wec.com from an Internet site (alternate) "...you know I have the greatest enthusiam for the mission." HAL 9000
Greg.Smith@p11.f477.n104.z1.METRONET.ORG (Greg Smith) (12/20/90)
To: rtaylor@sky00.bwi.wec.com
To: rtaylor@tron.UUCP (Randy Taylor)
In a message to All <18 Dec 90 01:40> Randy Taylor wrote:
RT> There is a PC-employable algorithm for data encryption called MPJ.
RT> I picked up info on this from CompuServe in the IBMSYS forum. There
RT> is a Master's Thesis called THESIS.DOC and a ZIP file with a menu-driven
RT> program that uses the MPJ routine on the file you specify.
RT> MPJ goes beyond DES (apparently WAY BEYOND). The key is a series of 16
RT> individual hex digits ranging from 00 to FF. According to the thesis, it
RT> would take a string of supercomputers 10,000+ years to break the encoded
RT> data. I did some rough calculations and figured that, with the available
RT> number of keys and a computer running at 1 picosecond per key try, it
RT> would take about 1 x 10^19 years to break the code ! :-()
RT> The problems with MPJ (in my opinion) are :
RT> 1) Remembering the key. There are
RT> 256^16 of them, which is good, but each is
RT> 16 digits wide, which is bad on the brain !
Write down the code so that someone can come find it and forget about breaking it! :-)
RT> PS - Please e-mail comments or questions to the addresses listed below. I
RT> don't make it to this forum very often. Thanks :-) !
If you're getting this, I did it right... I would like to find out about this MJP encryption, is it possible to send the thesis and pascal source through usenet here?
Greg.Smith@bohemia.uucp
Greg.Smith@bohemia.metronet.org
Fido: Greg.Smith@1:104/120
--- XRS 4.00
* Origin: Greg Makes His Point. (Quick 1:104/477.11)
--
=============================================================================
Greg Smith - via MetroNet node 200:5000/301
The Bohemia BBS System, Boulder Colorado (303)449-8946
UUCP: Greg.Smith@p11.f477.n104.z1.METRONET.ORG
or : ...!boulder!bohemia.METRONET.ORG!1!104!477.11!Greg.Smith
=============================================================================