1996-11-15 - Re: ideal secure personal computer system

Header Data

From: Adam Gulkis <lordvidarr+@CMU.EDU>
To: cypherpunks@toad.com
Message Hash: 610c12f05cc51cdbcf3fb143a2f64048e7fad94884ab83d6dd9adca1cc8f0c4d
Message ID: <0mXAsVG00YUo0KeqY0@andrew.cmu.edu>
Reply To: <l03010605aeab7149a687@[152.3.87.2]>
UTC Datetime: 1996-11-15 20:11:55 UTC
Raw Date: Fri, 15 Nov 1996 12:11:55 -0800 (PST)

Raw message

From: Adam Gulkis <lordvidarr+@CMU.EDU>
Date: Fri, 15 Nov 1996 12:11:55 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: ideal secure personal computer system
In-Reply-To: <l03010605aeab7149a687@[152.3.87.2]>
Message-ID: <0mXAsVG00YUo0KeqY0@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


a locked startup disk is not a good idea, if it is even possible.
Most applications setup scratch space on the startup volume.  It would
be a better idea to setup a partition for applications and lock it, if
you feel that is necessary.  Norton DiskLock is a nice tool that
provides a startup password protection as well as screensaver
password.  It will request a password if the machine sleeps or to
reboot after a crash.

A. Gulkis
-------------------------------------------------------------------
Electronic and Time Based media? whats that?
                                http://valhalla.res.cmu.edu/vidarr/
President, Screaming Viking Research Labs
                                Reinventing Perceptions of Reality
pgp key: finger vidarr@valhalla.res.cmu.edu		
-------------------------------------------------------------------

tom bryce <tjb@acpub.duke.edu> writes:
> Here's a question: if one were designing for oneself a secure personal
> computer system, for use in, say, word processing, spreadsheet,
> communications, the usuals - what system would one purchase and how would
> one set it up?
> 
> For example, on the Mac I would envision this as the ideal system:
> 
> (1) Get a power mac
> (2) Partition the hard drive into two partitions:
>     install the system folder on one and a copy of CryptDisk
>     make this the startup partition and make it READ ONLY with aliases to
>     folders you want to be modiyfable (such as Eudora Folder in the sys folder)
>     place these folders on the encrypted partition
> (3) Completely fill the other partition with a CryptDisk file so there is no
>     room for other stuff to be written. Adjust the partition size if needed.
> (4) Install a screen saver (such as shareware Eclipse) that will password lock
>     the screen after a few minutes of inactivity, and set CryptDisk to dismount
>     the external partition after a few minutes of inactivity (or longer)
> 
> This would be a basic setup. If one had more complex ideas, such as setting
> it up so casual onlookers would not notice the system was protected, you
> could do things like have a decoy normal partition with system folder to
> boot from by default, to be bypassed with an external locked system folder
> disk, after which one could dismount the decoy partition and mount the
> encrypted partition.
> 
> If locking the startup volume turns out to be too much of a pain, one could
> install trashguard from Highware software and set it to triple overwrite
> deleted files, and otherwise not lock the startup partition.
> 
> How would things work on Windows 95? I imagine most of the old DOS-based
> encryption utilities may have compatibility problems with W95. What would a
> similar ideal system be for a PC?
> 
> Tom





Thread