Paranoia..Paranoia..Am I on the right track?.. any help please?

Paranoia..Paranoia..Am I on the right track?.. any help please?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Computer Software Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Paranoia..Paranoia..Am I on the right track?.. any help please? tomas 10-22-2006
Posted by tomas on October 22, 2006, 4:12 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
So much of what a computer does can never be fully hidden unless one
fully and completely wipes a drive, that I was wondering if my latest
methods might be useful.

I do not have a real current machine, but still powerful enough to pull
this off - my config is:

768MB memory - P4/2400 - ATI Radeon 128MB Video Card - 7200 RPM drives,
etc.

I find that Virtual PC if one uses nLite to create a custom install of XP
runs close to a P3 level for XP. I would say it feels somewhere between
the P2 I had at 450mHz and the P3 at 733mHz. Even DirectX works in
software mode (as long as it is a program needing DX7 and under) fairly
close to a 486 w/32 MB memory. Games are not my need, but Microsoft
Baseball does work OK in software mode with nLite setting XP to run at
about 60MB of memory needed for internet access, Word 7, newsgroups,
media player (if file SVCD size and under). Overall - livable, when
using the setup for security.

I am using TrueCrypt to create an encrypted container, and then having
VPC create a virtual disk within the encrypted container to run XP. VPC
is running in the open, but the virtual machine is running from the
encrypted disk. I installed TrueCrypt on the virtual machine, and
created a container over the network on an open drive to send the info I
wish to keep via shared folders - and then shred the virtual machine
using a system wiper with a 35-pass routine on the encrpted drive.

When I am ready to start again, I bring a clone of the original back into
the container.

I have looked and looked on the Host machine for any signs of any
activity and I can find only a logfile of internet activity, which I have
set to auto shred.

Am I missing something? Is the Host machine (remember the Host and Guest
are the same machine - just made to look different) keeping track of any
activities of the Virtual Machine? I cannot see that it is happening,
but I would wonder if folks other than myself could see a glaring hole
here.

thankx,


any input welcome

Posted by Anne & Lynn Wheeler on October 22, 2006, 5:29 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> When I am ready to start again, I bring a clone of the original back into
> the container.

virtual machines are the new 40yr old thing ... starting with cp40
at the cambridge science center
http://www.garlic.com/~lynn/subtopic.html#545tec

with custom modified 360/40 with virtual memory hardware ... and then
when standard 360/67 (w/virtual memory) became available in 1967 ...
cp40 morphed into cp67.

the term comingly used in the 60s and 70s for this technique was
padded cell (for isolating any possible bad behavior).

some of the padded cell terminology shows up periodically in the vmshare
archives ...
http://vm.marist.edu/~vmshare/

online computer conferencing provided by tymshare to the SHARE
orginization starting in the mid-70s ... on their virtual machine
based commercial timesharing offering platform
http://www.garlic.com/~lynn/subtopic.html#timeshare

Posted by tomas on October 22, 2006, 6:21 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

>
>> When I am ready to start again, I bring a clone of the original back
>> into the container.
>
> virtual machines are the new 40yr old thing ... starting with cp40
> at the cambridge science center
> http://www.garlic.com/~lynn/subtopic.html#545tec
>
> with custom modified 360/40 with virtual memory hardware ... and then
> when standard 360/67 (w/virtual memory) became available in 1967 ...
> cp40 morphed into cp67.
>
> the term comingly used in the 60s and 70s for this technique was
> padded cell (for isolating any possible bad behavior).
>
> some of the padded cell terminology shows up periodically in the
> vmshare archives ...
> http://vm.marist.edu/~vmshare/
>
> online computer conferencing provided by tymshare to the SHARE
> orginization starting in the mid-70s ... on their virtual machine
> based commercial timesharing offering platform
> http://www.garlic.com/~lynn/subtopic.html#timeshare
>

thank you for answering - but I am not exactly certain what you said, but
by a leap I believe you meant my activity is referred to as "Padded
Cell" - which would be a coined phrase of folks who knew what they were
coining - not necesarily a phrase folks not in the loop would have
thoughts of.

A delving into the theoretical would be cool ( a sixties phrase - I am 52
) - much along the lines as to why Hard Drives can hold more magnetic
data with same platter size - I receive tech magazines weekly explaining
this theory in just such a detail - I am not interested as practical
results are more important than theory, in what pays for my home.

I would like to explore your answer if I can ask questions not 100% on
target as my education is a tech. I can see by your answer you could
help fill my mind with answers if I ask correct, and at same time expand
my learning if you are not against being a teacher. All people need a
teacher to learn.

In my mind, my basic question was not answered. Using this technique -
am I safer than not?

thanx..

hope me being 52 not against you teaching - no matter your age.


bye now.

I have to close every message a very single way and sometimes new folks
find it offensive - it is just a way to let folks know who I hold dear
besides my wife, so I am going to end this way, and never an Arab, nor
ever a Jew - ever said -

In Jesus I Bless You Today and Hope God Watches You and Yours,


In Jesus

Bill

I hope you are not offended - you have a brilliant mind. bye

Posted by Sebastian Gottschalk on October 22, 2006, 6:23 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
tomas wrote:

> and then shred the virtual machine using a system wiper with a 35-pass
> routine on the encrpted drive.

You really want to kill that drive, don't you?

> Am I missing something?

What about some malware breaking out of your VM and modifying the host OS?
At least for Virtual PC this shouldn't be quite hard, as it doesn't trap
various relevant CPU instructions like LGDT.

Posted by tomas on October 22, 2006, 10:50 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> tomas wrote:
>
>> and then shred the virtual machine using a system wiper with a
>> 35-pass routine on the encrpted drive.
>
> You really want to kill that drive, don't you?
>
>> Am I missing something?
>
> What about some malware breaking out of your VM and modifying the host
> OS? At least for Virtual PC this shouldn't be quite hard, as it
> doesn't trap various relevant CPU instructions like LGDT.
>

As for killing a drive - everything has a life. HD's usually last myself
about 3 times the life of a computer OS. The last drive I purchased was
a 300GB IDE Seagate Ultra ATA 133. The next computer I am looking at has
no support for IDE - but rather SATA only. I figure a new computer every
three years saving $1.00 to $1.50 per day for it - not bad. $1200 -
$1800 to spend.

I forgot to add the other point - which I have been doing since learning
of Ghost. The entire partition with the OS of the Host is Ghosted every
single day. With two HD's - I use the 40GB that came with the computer
as the main OS drive, and once weekly run a DOS wipe of the drive -
Jetico's PDwipe utility under DOS which is freeware from BCwipe, just
using a seven wipe DoD pass - then Ghost the drive back to life. Been
doing that for years until I learned of encryption in the 2000 days.

I burn DVD's holding encrypted data as backup - BestCrypt which while
trialware allows one to continue reading data - until TrueCrypt which is
freeware.

But if a computer cannot handle three years of being on 24 hours per day,
seven days per week - then I chose a wrong computer. DELL workstations
found in the business section of the website, have never let me down yet
since the 486 days. A few bucks more - but industrial strength.

I just never turn them off - and they last and last. They are not gaming
machines - but they can handle games all but the highest end new ones,
and they last and last - until I decide a new one in order.

Best let you go. With a DELL workstation, lasting is not an issue, as
they carry a one-year standard warranty for free with purchase and for
$60 more - a three year complete warranty.

thanx,

Bill

Similar ThreadsPosted
Paranoia - Windows Update causing scan of all mapped network drives upon Internet connection? August 7, 2005, 4:47 pm
Call for Papers: June 26 - 29 - Special Track on Wireless Technologies and Digital Cities - SAM'06 December 29, 2005, 1:13 pm

The site map in XML format XML site map

Contact Us | Privacy Policy