Paranoia..Paranoia..Am I on the right track?.. any help please?

Discussion in 'Computer Security' started by tomas, Oct 22, 2006.

  1. tomas

    tomas Guest

    So much of what a computer does can never be fully hidden unless one
    fully and completely wipes a drive, that I was wondering if my latest
    methods might be useful.

    I do not have a real current machine, but still powerful enough to pull
    this off - my config is:

    768MB memory - P4/2400 - ATI Radeon 128MB Video Card - 7200 RPM drives,
    etc.

    I find that Virtual PC if one uses nLite to create a custom install of XP
    runs close to a P3 level for XP. I would say it feels somewhere between
    the P2 I had at 450mHz and the P3 at 733mHz. Even DirectX works in
    software mode (as long as it is a program needing DX7 and under) fairly
    close to a 486 w/32 MB memory. Games are not my need, but Microsoft
    Baseball does work OK in software mode with nLite setting XP to run at
    about 60MB of memory needed for internet access, Word 7, newsgroups,
    media player (if file SVCD size and under). Overall - livable, when
    using the setup for security.

    I am using TrueCrypt to create an encrypted container, and then having
    VPC create a virtual disk within the encrypted container to run XP. VPC
    is running in the open, but the virtual machine is running from the
    encrypted disk. I installed TrueCrypt on the virtual machine, and
    created a container over the network on an open drive to send the info I
    wish to keep via shared folders - and then shred the virtual machine
    using a system wiper with a 35-pass routine on the encrpted drive.

    When I am ready to start again, I bring a clone of the original back into
    the container.

    I have looked and looked on the Host machine for any signs of any
    activity and I can find only a logfile of internet activity, which I have
    set to auto shred.

    Am I missing something? Is the Host machine (remember the Host and Guest
    are the same machine - just made to look different) keeping track of any
    activities of the Virtual Machine? I cannot see that it is happening,
    but I would wonder if folks other than myself could see a glaring hole
    here.

    thankx,


    any input welcome
    tomas, Oct 22, 2006
    #1
    1. Advertising

  2. tomas <> writes:
    > When I am ready to start again, I bring a clone of the original back into
    > the container.


    virtual machines are the new 40yr old thing ... starting with cp40
    at the cambridge science center
    http://www.garlic.com/~lynn/subtopic.html#545tec

    with custom modified 360/40 with virtual memory hardware ... and then
    when standard 360/67 (w/virtual memory) became available in 1967 ...
    cp40 morphed into cp67.

    the term comingly used in the 60s and 70s for this technique was
    padded cell (for isolating any possible bad behavior).

    some of the padded cell terminology shows up periodically in the vmshare
    archives ...
    http://vm.marist.edu/~vmshare/

    online computer conferencing provided by tymshare to the SHARE
    orginization starting in the mid-70s ... on their virtual machine
    based commercial timesharing offering platform
    http://www.garlic.com/~lynn/subtopic.html#timeshare
    Anne & Lynn Wheeler, Oct 22, 2006
    #2
    1. Advertising

  3. tomas

    tomas Guest

    Anne & Lynn Wheeler <> wrote in
    news::

    >
    > tomas <> writes:
    >> When I am ready to start again, I bring a clone of the original back
    >> into the container.

    >
    > virtual machines are the new 40yr old thing ... starting with cp40
    > at the cambridge science center
    > http://www.garlic.com/~lynn/subtopic.html#545tec
    >
    > with custom modified 360/40 with virtual memory hardware ... and then
    > when standard 360/67 (w/virtual memory) became available in 1967 ...
    > cp40 morphed into cp67.
    >
    > the term comingly used in the 60s and 70s for this technique was
    > padded cell (for isolating any possible bad behavior).
    >
    > some of the padded cell terminology shows up periodically in the
    > vmshare archives ...
    > http://vm.marist.edu/~vmshare/
    >
    > online computer conferencing provided by tymshare to the SHARE
    > orginization starting in the mid-70s ... on their virtual machine
    > based commercial timesharing offering platform
    > http://www.garlic.com/~lynn/subtopic.html#timeshare
    >


    thank you for answering - but I am not exactly certain what you said, but
    by a leap I believe you meant my activity is referred to as "Padded
    Cell" - which would be a coined phrase of folks who knew what they were
    coining - not necesarily a phrase folks not in the loop would have
    thoughts of.

    A delving into the theoretical would be cool ( a sixties phrase - I am 52
    ) - much along the lines as to why Hard Drives can hold more magnetic
    data with same platter size - I receive tech magazines weekly explaining
    this theory in just such a detail - I am not interested as practical
    results are more important than theory, in what pays for my home.

    I would like to explore your answer if I can ask questions not 100% on
    target as my education is a tech. I can see by your answer you could
    help fill my mind with answers if I ask correct, and at same time expand
    my learning if you are not against being a teacher. All people need a
    teacher to learn.

    In my mind, my basic question was not answered. Using this technique -
    am I safer than not?

    thanx..

    hope me being 52 not against you teaching - no matter your age.


    bye now.

    I have to close every message a very single way and sometimes new folks
    find it offensive - it is just a way to let folks know who I hold dear
    besides my wife, so I am going to end this way, and never an Arab, nor
    ever a Jew - ever said -

    In Jesus I Bless You Today and Hope God Watches You and Yours,


    In Jesus

    Bill

    I hope you are not offended - you have a brilliant mind. bye
    tomas, Oct 22, 2006
    #3
  4. tomas wrote:

    > and then shred the virtual machine using a system wiper with a 35-pass
    > routine on the encrpted drive.


    You really want to kill that drive, don't you?

    > Am I missing something?


    What about some malware breaking out of your VM and modifying the host OS?
    At least for Virtual PC this shouldn't be quite hard, as it doesn't trap
    various relevant CPU instructions like LGDT.
    Sebastian Gottschalk, Oct 22, 2006
    #4
  5. tomas

    tomas Guest

    Sebastian Gottschalk <> wrote in
    news::

    > tomas wrote:
    >
    >> and then shred the virtual machine using a system wiper with a
    >> 35-pass routine on the encrpted drive.

    >
    > You really want to kill that drive, don't you?
    >
    >> Am I missing something?

    >
    > What about some malware breaking out of your VM and modifying the host
    > OS? At least for Virtual PC this shouldn't be quite hard, as it
    > doesn't trap various relevant CPU instructions like LGDT.
    >


    As for killing a drive - everything has a life. HD's usually last myself
    about 3 times the life of a computer OS. The last drive I purchased was
    a 300GB IDE Seagate Ultra ATA 133. The next computer I am looking at has
    no support for IDE - but rather SATA only. I figure a new computer every
    three years saving $1.00 to $1.50 per day for it - not bad. $1200 -
    $1800 to spend.

    I forgot to add the other point - which I have been doing since learning
    of Ghost. The entire partition with the OS of the Host is Ghosted every
    single day. With two HD's - I use the 40GB that came with the computer
    as the main OS drive, and once weekly run a DOS wipe of the drive -
    Jetico's PDwipe utility under DOS which is freeware from BCwipe, just
    using a seven wipe DoD pass - then Ghost the drive back to life. Been
    doing that for years until I learned of encryption in the 2000 days.

    I burn DVD's holding encrypted data as backup - BestCrypt which while
    trialware allows one to continue reading data - until TrueCrypt which is
    freeware.

    But if a computer cannot handle three years of being on 24 hours per day,
    seven days per week - then I chose a wrong computer. DELL workstations
    found in the business section of the website, have never let me down yet
    since the 486 days. A few bucks more - but industrial strength.

    I just never turn them off - and they last and last. They are not gaming
    machines - but they can handle games all but the highest end new ones,
    and they last and last - until I decide a new one in order.

    Best let you go. With a DELL workstation, lasting is not an issue, as
    they carry a one-year standard warranty for free with purchase and for
    $60 more - a three year complete warranty.

    thanx,

    Bill
    tomas, Oct 23, 2006
    #5
  6. tomas wrote:

    >>> and then shred the virtual machine using a system wiper with a
    >>> 35-pass routine on the encrpted drive.

    >>
    >> You really want to kill that drive, don't you?
    >>
    >>> Am I missing something?

    >>
    >> What about some malware breaking out of your VM and modifying the host
    >> OS? At least for Virtual PC this shouldn't be quite hard, as it
    >> doesn't trap various relevant CPU instructions like LGDT.
    >>

    >
    > As for killing a drive - everything has a life.


    Is that an excuse for wasting your time and reducing the life of the drive
    for absolutely no good reason?

    > HD's usually last myself about 3 times the life of a computer OS.


    Huh? Then you have a serious problem. The computer OS should last at least
    as long as the HD, the latter usually being the limited.

    > I forgot to add the other point - which I have been doing since learning
    > of Ghost. The entire partition with the OS of the Host is Ghosted every
    > single day.


    What a nonsense.

    > With two HD's - I use the 40GB that came with the computer
    > as the main OS drive, and once weekly run a DOS wipe of the drive -
    > Jetico's PDwipe utility under DOS which is freeware from BCwipe, just
    > using a seven wipe DoD pass - then Ghost the drive back to life.


    Wow, what a big waste of time.
    Sebastian Gottschalk, Oct 23, 2006
    #6
  7. tomas

    tomas Guest

    Sebastian Gottschalk <> wrote in
    news::

    > tomas wrote:
    >
    >>>> and then shred the virtual machine using a system wiper with a
    >>>> 35-pass routine on the encrpted drive.
    >>>
    >>> You really want to kill that drive, don't you?
    >>>
    >>>> Am I missing something?
    >>>
    >>> What about some malware breaking out of your VM and modifying the
    >>> host OS? At least for Virtual PC this shouldn't be quite hard, as it
    >>> doesn't trap various relevant CPU instructions like LGDT.
    >>>

    >>
    >> As for killing a drive - everything has a life.

    >
    > Is that an excuse for wasting your time and reducing the life of the
    > drive for absolutely no good reason?
    >
    >> HD's usually last myself about 3 times the life of a computer OS.

    >
    > Huh? Then you have a serious problem. The computer OS should last at
    > least as long as the HD, the latter usually being the limited.
    >
    >> I forgot to add the other point - which I have been doing since
    >> learning of Ghost. The entire partition with the OS of the Host is
    >> Ghosted every single day.

    >
    > What a nonsense.
    >
    >> With two HD's - I use the 40GB that came with the computer
    >> as the main OS drive, and once weekly run a DOS wipe of the drive -
    >> Jetico's PDwipe utility under DOS which is freeware from BCwipe, just
    >> using a seven wipe DoD pass - then Ghost the drive back to life.

    >
    > Wow, what a big waste of time.
    >


    Thanks for answering. I guess it seems to be overkill - but not just to
    me.

    You talk about killing a drive - as if 10 cents per day was serious
    money. 3 years at 10 cents per day is $100 give or take a bit - and a
    dime a day for feeling safe - Car insurance for full coverage per month
    on a new car - even with an excellent driving record, costs me that
    amount every two months - give or take. We are talking about a dime per
    day to feel safe.

    You misunderstood because of the way I typed the information that somehow
    a HD was dying soon. HD's die soon for myself as I like video. A Tv-
    card captures at a set rate, but uncompressed AVI the best. Uncompressed
    video takes abot 2GB per minute at 720x480 size - a DVD. The next gen of
    video will be at least 1280x720, but my monitor is 1920x1080i - The next
    HD will need to be in the TB range, which Seagate is now working on in
    order to keep up with video.

    So in my instance - I expect a HD to last less than an OS because video
    is always pressing speed and capacity. When the Bluetooth DVD arrive, I
    will have a way to playback video, but not capture video at High-Def
    rates until I obtain a 1TB drive, which will just be a stopgap until
    larger TB drives come out.

    I have never once put anything illegal on my harddrive, but maybe my wife
    might not like to see the 38 year-old neighbor, me being 52, video
    footage when she laid in the yard in her bikini. Other issues as well.

    As for time - you seem to think it takes a lot of time. If you destroy
    the header of a HD - fat table, etc. through a wipe, and then use a shred
    utility every time you destroy a file, the drive cannot be reconstructed.
    It takes about 2 minutes to destroy the header - and about 7 minutes to
    Ghost the drive back up. Say 15 minutes per day - to feel totally safe.

    15 minutes is nothing compared to almost 30 years of marriage. Some
    folks wear rubbers and others don't, but the folks who think a minute or
    so might interupt the joy - should not be surprised they become pregnant.
    And even then - sometimes it breaks. That is why I was asking about if
    maybe I am missing a point.

    thanx now - your time spent in answering was appreciated ver much.


    cya
    tomas, Oct 23, 2006
    #7
  8. tomas

    Macarro Guest

    > So much of what a computer does can never be fully hidden unless one
    > fully and completely wipes a drive, that I was wondering if my latest
    > methods might be useful.


    I avoid wiping my hard disk by doing a whole disk encryption with PGP
    and after that I just put back the clean OS again, kept it mirrored on
    an external hard disk.

    The theory is that PGP whole disk encryption could have attempts of
    brute force attack but an attacker would need to recover the whole disk
    before trying, and it is unlikely anyone would ever succeed in recovering
    every single byte, recovering just a part would not be of any use.

    By wiping the whole hard disk it is possible that some small bytes of
    data are not deleted properly, but with an AES256 whole disk encrypted
    system all the data an attacker could see if he managed to recover
    somethign is a piece of garbage in AES256.

    It still takes time to encrypt the whole hard disk but as it only writes
    it once
    I believe I extend its life.

    Of course it is possible that some snake oil software does not encrypt the
    whole
    hard disk as advertised, I stick to PGP wich I have tested myself by
    looking into
    the disk with Winhex. Drivecrypt does the same job I just haven't tried
    it.
    Macarro, Oct 24, 2006
    #8
  9. tomas

    tomas Guest

    Macarro <> wrote in news:eek:p.thwfdbkieih28w@localhost:

    >> So much of what a computer does can never be fully hidden unless one
    >> fully and completely wipes a drive, that I was wondering if my latest
    >> methods might be useful.

    >
    > I avoid wiping my hard disk by doing a whole disk encryption with PGP
    > and after that I just put back the clean OS again, kept it mirrored on
    > an external hard disk.
    >
    > The theory is that PGP whole disk encryption could have attempts of
    > brute force attack but an attacker would need to recover the whole
    > disk before trying, and it is unlikely anyone would ever succeed in
    > recovering every single byte, recovering just a part would not be of
    > any use.
    >
    > By wiping the whole hard disk it is possible that some small bytes of
    > data are not deleted properly, but with an AES256 whole disk encrypted
    > system all the data an attacker could see if he managed to recover
    > somethign is a piece of garbage in AES256.
    >
    > It still takes time to encrypt the whole hard disk but as it only
    > writes it once
    > I believe I extend its life.
    >
    > Of course it is possible that some snake oil software does not encrypt
    > the whole
    > hard disk as advertised, I stick to PGP wich I have tested myself by
    > looking into
    > the disk with Winhex. Drivecrypt does the same job I just haven't
    > tried it.
    >


    I will not disagree - but both of us rely on someone else telling us the
    truth. And as for as I can tell - a Hard Drive has roughly eight
    underlying positions - that can be accessed. A drive only erases the
    first level of a file. It places a Zero in the spot.

    That is why HD manufactures have programs to Zero Out a Drive. Meaning
    to place zeros in every available spot. If there eight spots per place
    and every spot is now a zero - then super erase not needed. But Windows
    is not a low-level function. The freeware program from Jetico, included
    with their shareware wipe - really wipes a HD.

    Anything else than pure wipe to zero - something is there. You can zero
    your drive, install your OS - then Ghost your system to a CD-ROM which is
    always clean - and then re-install daily after destroying the header data
    using the Jetico prog - with Ghost who took a snapshot of system clean,
    and remembering computers go eight level deep - Only God would know about
    your system before.

    It takes about 15 minutes daily - and if Ghost set to include all your
    progs - nothing more.

    To use it it you need two drives, or set up one drive to have two
    partitions. If you would like to try, and you only have one partition
    now - you would lose data.

    But then you would feel safe. I think.


    Best let you go. My method does not care how many people know it - it is
    not a secret - it just works.

    cya
    tomas, Oct 28, 2006
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dave Marden

    Which track is right for me?

    Dave Marden, Jan 25, 2004, in forum: Microsoft Certification
    Replies:
    5
    Views:
    436
    Guest
    Feb 6, 2004
  2. Networking Student
    Replies:
    4
    Views:
    1,234
    vreyesii
    Nov 16, 2006
  3. =?ISO-8859-1?Q?R=F4g=EAr?=

    If this isn't the right group, please direct me to the right one

    =?ISO-8859-1?Q?R=F4g=EAr?=, Jul 23, 2007, in forum: Computer Support
    Replies:
    2
    Views:
    424
    Jeff Wisnia
    Jul 23, 2007
  4. D@Z

    insert track reference in mp3 track

    D@Z, May 2, 2008, in forum: Computer Support
    Replies:
    1
    Views:
    815
    Shel-hed
    May 2, 2008
  5. Barkley Hughes
    Replies:
    5
    Views:
    396
    Keyboard
    Nov 12, 2006
Loading...

Share This Page