Murray_Thessman@f170.n771.z3.fidonet.org (Murray Thessman) (05/16/91)
In a message of <May 14 17:03>, Kevin P. Kleinfelter (3:771/170) writes: >KPK: From: kevin@msa3b.UUCP (Kevin P. Kleinfelter) >KPK: Organization: Dun and Bradstreet Software, Inc., Atlanta, GA >KPK: Scenario: I've got lots of stuff on a disk I'd like to keep CONFIDENTIAL. >KPK: I'd like to make sure that NOONE but I can get to the data on >KPK: Proposal: I'd like a device driver, which manages the hard disk, and >KPK: encrypts all data written to the disk. I'd like the Not 100% sure but I think I saw something like that in Norton Utilities 5 regards Murray --- msged 2.05 * Origin: GenBOARD, A genealogy BBS: Wgtn,NZ (64)(4)4990-490 (3:771/160)
tjr@cbnewsc.att.com (thomas.j.roberts) (05/16/91)
From article <1991May15.173908.12999@unlv.edu>, by grover@dawkins.cs.unlv.edu (Kevin Grover): > In article <1642@msa3b.UUCP>, kevin@msa3b.UUCP (Kevin P. Kleinfelter) writes: > ) > ) Scenario: I've got lots of stuff on a disk I'd like to keep CONFIDENTIAL. > ) I'd like to make sure that NOONE but I can get to the data on the > ) entire disk. > ) > ) Proposal: I'd like a device driver, which manages the hard disk, and > ) encrypts all data written to the disk. I'd like the > ) device driver to prompt me to enter the encryption key when > ) the system boots. > > Norton 5.0 has something that sounds exaclty like what you described. You create > virtual disks, any time you try to access files on the virtual disk, you are > prompted for a password. The virtual disk is then 'open' until you close, in > which case you would need to enter the password again to gain access. > (I suppose you could make most of the disk virtual, although I imagine that > the config.sys, autoexec.bat, and system files must be readable for boot, but > I am not sure of the specifics.) This sounds like false security to me. Note - I have not evaluated this product. There is, however, a "theorem" in security that states that there can be no secure computer system without some physical security. This is a "theorem" in that I am not sure it can be rigorously proven, but I am sure it is true to a high degree of confidence. From the above description, I suspect that there is no physical security, and hence no real security. In particular, an attacker could install a Trojan Horse on the boot disk to save all keystrokes; later the attacker reads back the keystrokes and searches for the password used to unlock the "secure" partition(s). It is IMPOSSIBLE for the password routine to ensure that this did not happen. The password routine could make it very difficult, but the systems I have evaluated made no such effort - it was EASY to defeat them. There are no shortcuts to security. The best and simplest method is to use ONLY removeable media, and to keep them all locked up when not in use. This MUST include your boot disk and all application programs. It is also possible to design a system which encrypts the ENTIRE disk, boot-sector and all; you then boot from a floppy which is kept locked up. As soon as you have an unencrypted fixed hard disk, you cannot have any real security, because someone could install Trojan Horses on it. I am assuming that you have no real physical security to control access to the PC - the usual case. If access is controlled, then you probably don't need any security software inside the PC. Note that Department of Defense requirements are more stringent. BEWARE - computer security is a VERY DIFFICULT undertaking. There are several vendors which purport to provide "PC Security Systems" or "PC Security Software", which are useless against a moderately knowledgeable attacker. If you need REAL security, you need to consult an expert. Tom Roberts att!ihlpl!tjrob TJROB@IHLPL.ATT.COM
kevin@msa3b.UUCP (Kevin P. Kleinfelter) (05/18/91)
tjr@cbnewsc.att.com (thomas.j.roberts) writes: >From article <1991May15.173908.12999@unlv.edu>, by grover@dawkins.cs.unlv.edu (Kevin Grover): >> In article <1642@msa3b.UUCP>, kevin@msa3b.UUCP (Kevin P. Kleinfelter) writes: >> ) >> ) Scenario:I've got lots of stuff on a disk I'd like to keep CONFIDENTIAL. >> ) I'd like to make sure that NO ONE but I can get to the data on the >> ) entire disk. >> ) >> ) Proposal:I'd like a device driver, which manages the hard disk, and >> ) encrypts all data written to the disk. I'd like the >> ) device driver to prompt me to enter the encryption key when >> ) the system boots. >> >This sounds like false security to me. Note - I have not evaluated this >product. There is, however, a "theorem" in security that states that >there can be no secure computer system without some physical security. > This is a "theorem" in that I am not sure it can be rigorously > proven, but I am sure it is true to a high degree of confidence. >From the above description, I suspect that there is no physical security, >and hence no real security. In particular, an attacker could install >a Trojan Horse on the boot disk to save all keystrokes; later the >attacker reads back the keystrokes and searches for the password What I am more concerned about is seizure of the computer at a later date. For instance, a newspaper reporter might want to record his sources, and yet not reveal them to the government; he'd like to know that even if the government steals ("seizes") his PC, they won't be able to read it. I don't think that he has to worry about Trojans before he gets into trouble, he just has to worry about someone getting to the data after he already knows he is in trouble. Locking up the diskettes does NOT accomplish the desired security, because if the location is known, the government is going to get them. The reporter can just "forget" the password. -- Kevin Kleinfelter @ DBS, Inc (404) 239-2347 ...gatech!nanoVX!msa3b!kevin English Lesson: THEY'RE at THEIR home, over THERE. YOU'RE sure of YOUR facts? "Its" & "their" are like 'his'. "They're" == "they are." "It's" == "it is." If you can do regular expressions, you can handle a natural language. Syntax!