From: tom bryce <tjb@acpub.duke.edu>
Date: Sun, 10 Nov 1996 08:57:18 -0800 (PST)
To: cypherpunks@toad.com
Subject: ideal secure personal computer system
Message-ID: <l03010605aeab7149a687@[152.3.87.2]>
MIME-Version: 1.0
Content-Type: text/plain


Here's a question: if one were designing for oneself a secure personal
computer system, for use in, say, word processing, spreadsheet,
communications, the usuals - what system would one purchase and how would
one set it up?

For example, on the Mac I would envision this as the ideal system:

(1) Get a power mac
(2) Partition the hard drive into two partitions:
    install the system folder on one and a copy of CryptDisk
    make this the startup partition and make it READ ONLY with aliases to
    folders you want to be modiyfable (such as Eudora Folder in the sys folder)
    place these folders on the encrypted partition
(3) Completely fill the other partition with a CryptDisk file so there is no
    room for other stuff to be written. Adjust the partition size if needed.
(4) Install a screen saver (such as shareware Eclipse) that will password lock
    the screen after a few minutes of inactivity, and set CryptDisk to dismount
    the external partition after a few minutes of inactivity (or longer)

This would be a basic setup. If one had more complex ideas, such as setting
it up so casual onlookers would not notice the system was protected, you
could do things like have a decoy normal partition with system folder to
boot from by default, to be bypassed with an external locked system folder
disk, after which one could dismount the decoy partition and mount the
encrypted partition.

If locking the startup volume turns out to be too much of a pain, one could
install trashguard from Highware software and set it to triple overwrite
deleted files, and otherwise not lock the startup partition.

How would things work on Windows 95? I imagine most of the old DOS-based
encryption utilities may have compatibility problems with W95. What would a
similar ideal system be for a PC?

Tom