From: edgar@spectrx.saigon.com (Edgar W. Swank)
To: Cypherpunks <cypherpunks@toad.com>
Message Hash: cca4127d84e6e603100f94bef24123e03b679423fb1142932ae49b16b9b5e028
Message ID: <4Ns7Dc2w165w@spectrx.saigon.com>
Reply To: N/A
UTC Datetime: 1993-12-07 12:30:19 UTC
Raw Date: Tue, 7 Dec 93 04:30:19 PST
From: edgar@spectrx.saigon.com (Edgar W. Swank)
Date: Tue, 7 Dec 93 04:30:19 PST
To: Cypherpunks <cypherpunks@toad.com>
Subject: Security of Secure Drive
Message-ID: <4Ns7Dc2w165w@spectrx.saigon.com>
MIME-Version: 1.0
Content-Type: text/plain
Andrew Loewenstern commented:
> No more Steve Jackson Games cases. I hope this happens. Computer
> theft and unreasonable seizure is a real problem.
As far as I know, a system like SecureDrive, KFS, or CFS, is
really only as secure as the running machine is. Generally, when
a BBS is 'seized' (forfeited? ;), it is running when the feds get
there. Right now, if they have any clue (and from what I hear,
the FBI has much more of a clue than the SS when it comes to this
type of investigation), they usually take pictures of the setup to
make sure they can put the machine back together when they get it
to wherever they are taking it to. If encrypting file-systems
become a problem, a disk could be developed (probably pretty
easily) to retrieve the key from memory before they power it down.
andrew
"Touch that keyboard and die!!"
It's fairly easy to provide a TSR on MSDOS systems to either block
booting from the keyboard or force a memory clear on reboot. I found
these examples on local BBS's:
NOFBOOT.ZIP 2647 08-28-91 Version 1.0 of Padgett Peterson's NOFBOOT.
NoFBoot is a small (500 byte) TSR designed
to prevent inadvertant booting from a
floppy disk. It will intercept warm boot
requests (Ctrl-Alt-Del) and check for a
floppy in drive A: before continuing. If
a floppy is found in drive A, the request
will be aborted with a warning message.
With NoFBoot, a cold start (reset button
or cycle power) will be necessary to boot
from a floppy.
BLK213.ZIP 17931 09-22-93 BootLock 2.13 09/06/93 BootLock allows you to
lock out the use of [CTRL][ALT][DEL],
[CTRL]C, and/or [CTRL][BREAK]. New version
can be loaded as a Device Driver or TSR. You
can also define a "user defined" key to lock
out. BootLock can be unloaded and Loaded into
Hi Memory. Shareware registration form and
manual included. From Foley Hi-Tech Systems
(ASP).
(Files: 6 Newest: 09-06-93 Oldest: 03-05-92)
NOCADEL.ZIP 24234 07-07-93 No Boot on control-alt-delete. Simple util
helps disable key boot sequence. Source
included.
(Files: 6 Newest: 02-07-93 Oldest: 02-06-93)
The BBS program should also be patched to re-boot instead of returning
to MSDOS on exit, and should not provide a DOS Shell. If the FBI
agent is allowed access to an MSDOS command line, he can run a program
which will "fish" out the Secure Drive encryption key from memory.
Note that the pass phrase cannot be reconstructed from the key in
memory and its crypto difficult to reconstruct -any- pass phrase which
would duplicate the key (MD5 is a 1-way function). But it would be
easy to construct an alternate to LOGIN which would insert the key
into SECTSR directly using hex input.
So it would be a good security practice to provide for an "emergency"
power-off in event of a "surprise" raid. A foot switch is good for
situations when the operator is present. This can be activated while
one's hands are in the air. Turning off power upon activation of a
burglar alarm is a good solution for unattended situations.
--
edgar@spectrx.saigon.com (Edgar W. Swank)
SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca
Return to December 1993
Return to “edgar@spectrx.saigon.com (Edgar W. Swank)”
1993-12-07 (Tue, 7 Dec 93 04:30:19 PST) - Security of Secure Drive - edgar@spectrx.saigon.com (Edgar W. Swank)