Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > A Truecrypt Trick

Reply
Thread Tools

A Truecrypt Trick

 
 
nemo_outis
Guest
Posts: n/a
 
      09-17-2006
TwistyCreek <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> "nemo_outis" <(E-Mail Removed)> wrote in news:Xns983D52A68669Dabcxyzcom@
> 127.0.0.1:
>
>> anonymous <(E-Mail Removed)> wrote in
>> news:(E-Mail Removed):

>
>>> Dr. EvenMorePedantic is compelled to point out that the gentleman's
>>> name in question is Kerchoffs, so in fact it is "Kerckhoffs'
>>> principle".

>>
>>
>> Reduced to looking for misplaced apostrophes? Your life really must
>> be very empty.

>
> Nemo, I was making a (very) modest joke here, no attack intended. I
> thought a smile or two would be useful in this group in between poor
> traveler66 being given the 'Mr. Bill' treatment everyday and the 'bait
> the psycho' stuff going on with the "FBI sadists' guy.
> Actually I found your your citation interesting and informative.



Sorry, I over-reacted

You see, there are a number of folks here whom I have thoroughly spanked
in the past. They (directly or using a number of sockpuppets) now spend
their lives hoping I will make a misstep or misstatement so that they can
pounce on it. I must then spend the next half-dozen posts playing whack-
a-mole to suppress these morons for a bit while they lick their wounds.
I mistook your reply for one from them.



> BTW I am slightly disappointed in you as you failed to point out my
> misspelling of 'Kerckhoffs' name in my first use of it.


Actually, I let that slide. My prime worry was that the cryptographic
Kerchoffs' principle would be confused with the unrelated electrical
Kirchoff's principle/law.


> PS-If one uses VMWare to run Win98 (or 2000) inside a Truecrypt
> partition in Xp, (in essence a poor man's full disk encryption) are
> you aware of any leaks into the host OS that would suggest this method
> inferior to an actual FDE of XP?


I think it's a good method for a number of reasons, not least that it is
difficult for any acquired viruses to break out of such a sandbox.
(Unless, of course, you network your vmware virtual machine to your real
machines.)

And leakage to the main OS should be very small (I don't know if it's
zero).

There are two remaining points which (depending on your circumstances)
may be vulnerabilities:

1. The fact that you are using vmware (not the activities within vmware)
will be recorded in the containing OS (in the registry, existence of dlls
& services, etc.)

2. You still have considerable exposure to things like software
keyloggers, modified files, etc. in the containing OS recording your
activities. One advantage of true full-disk encryption is that there is
no place to install such malware even with covert access to the machine.

Regards,






 
Reply With Quote
 
 
 
 
TwistyCreek
Guest
Posts: n/a
 
      09-26-2006
"nemo_outis" <(E-Mail Removed)> wrote in
news:Xns9841305E6C5C1abcxyzcom@204.153.244.170:

Snip


> My prime worry was that the cryptographic
> Kerchoffs' principle would be confused with the unrelated electrical
> Kirchoff's principle/law.


I know what you mean. I HATE when the happens. :0)


>> PS-If one uses VMWare to run Win98 (or 2000) inside a Truecrypt
>> partition in Xp, (in essence a poor man's full disk encryption) are
>> you aware of any leaks into the host OS that would suggest this
>> method inferior to an actual FDE of XP?

>
> I think it's a good method for a number of reasons, not least that it
> is difficult for any acquired viruses to break out of such a sandbox.
> (Unless, of course, you network your vmware virtual machine to your
> real machines.)
>
> And leakage to the main OS should be very small (I don't know if it's
> zero).
>
> There are two remaining points which (depending on your circumstances)
> may be vulnerabilities:
>
> 1. The fact that you are using vmware (not the activities within
> vmware) will be recorded in the containing OS (in the registry,
> existence of dlls & services, etc.)
>
> 2. You still have considerable exposure to things like software
> keyloggers, modified files, etc. in the containing OS recording your
> activities. One advantage of true full-disk encryption is that there
> is no place to install such malware even with covert access to the
> machine.
>


Thanks for the reply. I'm not too worried about the key logger as it is
much more likely that, were I to acquire one, it would be via the
network. Glad you generally think my scheme is passable .

And BTW thanks for the various links you pass onto the group. They have
made for much interesting reading.

You can now resume the sparring with your foe(s).










 
Reply With Quote
 
 
 
 
[Anonymous] Persona
Guest
Posts: n/a
 
      09-26-2006
In <(E-Mail Removed)> TwistyCreek <(E-Mail Removed)> wrote:
>"nemo_outis" <(E-Mail Removed)> wrote in
>news:Xns9841305E6C5C1abcxyzcom@204.153.244.170:
>
>Snip
><snip>
>
>>> PS-If one uses VMWare to run Win98 (or 2000) inside a Truecrypt
>>> partition in Xp, (in essence a poor man's full disk encryption) are
>>> you aware of any leaks into the host OS that would suggest this
>>> method inferior to an actual FDE of XP?


Watch out for "Shared memory." In the list of options for the
virtual machine, there is the option to share memory. Shared memory
may then be written to the swap file on the host OS. I forget
exactly how to turn it off - just go through every menu until
you find share memory or isolate memory (or one other that was
even worse).
>>
>> I think it's a good method for a number of reasons, not least that it
>> is difficult for any acquired viruses to break out of such a sandbox.
>> (Unless, of course, you network your vmware virtual machine to your
>> real machines.)
>>
>> And leakage to the main OS should be very small (I don't know if it's
>> zero).
>>
>> There are two remaining points which (depending on your circumstances)
>> may be vulnerabilities:
>>
>> 1. The fact that you are using vmware (not the activities within
>> vmware) will be recorded in the containing OS (in the registry,
>> existence of dlls & services, etc.)


Obfuscation: Use VMware for other OS's - Linux, another windows, etc,
and use the Truecrypt open disk for that, hidden disk for other stuff.
>>
>> 2. You still have considerable exposure to things like software
>> keyloggers, modified files, etc. in the containing OS recording your
>> activities. One advantage of true full-disk encryption is that there
>> is no place to install such malware even with covert access to the
>> machine.
>>

>
>Thanks for the reply. I'm not too worried about the key logger as it is
>much more likely that, were I to acquire one, it would be via the
>network. Glad you generally think my scheme is passable .
>
>And BTW thanks for the various links you pass onto the group. They have
>made for much interesting reading.
>
>You can now resume the sparring with your foe(s).


Persona


 
Reply With Quote
 
incognitoergosum
Guest
Posts: n/a
 
      09-29-2006
"[Anonymous] Persona" <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> Watch out for "Shared memory." In the list of options for the
> virtual machine, there is the option to share memory. Shared memory
> may then be written to the swap file on the host OS. I forget
> exactly how to turn it off - just go through every menu until
> you find share memory or isolate memory (or one other that was
> even worse).


Thanks for the tip. Just the sort of thing I was hoping for.


> Obfuscation: Use VMware for other OS's - Linux, another windows, etc,
> and use the Truecrypt open disk for that, hidden disk for other stuff.


Yes, I was thinking along this line.


> Persona


Thanks for your reply.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Truecrypt 4.1 Borked Pseudo Mailed Computer Security 11 11-30-2005 06:29 AM
Re: Truecrypt 4.1 nemo_outis Computer Security 8 11-30-2005 04:58 AM
Re: Truecrypt 4.1 nemo_outis Computer Security 0 11-26-2005 06:01 AM
Re: Truecrypt 4 Released! Ari Silversteinn Computer Security 1 11-02-2005 06:48 PM
Truecrypt 3.0 has been released nemo outis Computer Security 4 12-11-2004 05:58 PM



Advertisments