[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Announcing SecureDrive 1.3A

To: Cypherpunks <[email protected]>
Subject: Announcing SecureDrive 1.3A
From: [email protected] (Edgar W. Swank)
Date: Fri, 04 Feb 94 09:49:37 PST
Comments: Liberty!
Organization: SPECTROX SYSTEMS (408)252-1005 Cupertino, Ca, USA
-----BEGIN PGP SIGNED MESSAGE-----

This is to announce the availability of Version 1.3A of SecureDrive.

This is a maintenance release of SecureDrive 1.3.  It mainly fixes
reported problems and has minimal new function.  See file BUGS13.DOC.
The only visible functional change from 1.3 is the appearance of
msg

   Check bytes in Disk x: Boot Sector need updating from 1.3 to
   1.1/1.3A. Proceed?

which will be issued by both LOGIN and CRYPTDSK when they attempt to
verify a passphrase on a hard disk or diskette encrypted by version
1.3 CRYPTDSK operating in version 1.1 compatability mode.  This
corrects the error in computing the check bytes used to verify the
passphrase and updates the check bytes to the correct 1.1 value and
WRITES back the boot sector. Note that once this update has taken
place, this disk cannot be decrypted by release 1.3 anymore.

Releases 1.3 and 1.3A of Secure Drive are based on releases 1.0 and
1.1, mostly written by

  Mike Ingle <[email protected]>

and version 1.2, with significant new code by myself.

The code which we wrote is not copyrighted, but the program contains GNU
Copylefted code, and therefore may be freely distributed under the terms of
the GNU General Public Licence. See file COPYING for legalese.

Version 1.2 and 1.3 add significant new function.

As of Version 1.2, you may use an operand /PGP with LOGIN, either
by itself, or with other operands. By itself,

  LOGIN /PGP

will prompt for a passphrase and set the PGPPASS environment variable with
whatever is entered. If PGPPASS is already set then

  LOGIN D: /PGP

or

  LOGIN /F /PGP

will use whatever PGPPASS is set to as the passphrase. For the hard
disk partition, LOGIN will test the PGPPASS passphrase. If it is incorrect,
then it will prompt you for another passphrase.

If PGPPASS is NOT set when these forms of LOGIN are used, than a passphrase
is prompted for AND PGPPASS is set to this passphrase. This is more
secure than using the SET command since LOGIN only echoes "*"'s when
entering the passphrase.

As of Version 1.2, typing LOGIN /C /PGP will clear the SecureDrive crypto
keys from memory AND clear the PGPPASS environment variable. This is done
in a manner less likely to leave your passphrase in memory than just using
the DOS SET command.  In addition, Version 1.2 clears all the free memory
it can find, which is likely to include some plaintext.  However, if you
want to be absolutely sure all traces of sensitive data are erased from
memory then turning off the computer is still recommended.

As of version 1.2, if PGPPASS is set before you run CRYPTDSK, CRYPTDSK
will ask to use the value of PGPPASS for the passphrase before
prompting you (for encryption), or try PGPPASS (for decryption).
Obviously, if you encrypt or decrypt a lot of diskettes at once, this
feature can save you a lot of typing.

The purpose of these changes is to allow you to enter a single passphrase
only once per boot IF you choose to use the same passphrase for your PGP
secret key, your SecureDrive encrypted hard disk partition, and SecureDrive
encrypted floppies.

Version 1.3 supports up to four hard drive partitions in "safe" mode,
only one of which may be active at any given time.  One purpose of
having multiple encrypted hard disk partitions is so that up to four
users (perhaps members of a family) can each have their own encrypted
partition with its own unique passphrase.  This allows up to four
users to have privacy from each other, even if they all use the same
PC and physical hard disk(s).

Version 1.3 gives you a choice of whether to use the version 1.1
passphrase digest or to use the (faster but perhaps slightly less
secure) 1.0 version.  If you select 1.0 compatiblity, it's unnecessary
to decrypt and re-encrypt your 1.0-encrypted hard disk partition(s)
and floppies.

If you decide to switch to 1.1 passphrases, Version 1.3 CRYPTDSK will
allow you to convert in one pass with no plaintext stored on disk.

Version 1.3 includes the 1.2 changes for using PGPPASS. There are
additional ehhancements to allow you to use the hard disk passphrase
for the floppy disks without typing it in, even if PGPPASS is not set
or is something different.

Version 1.3 CRYPTDSK will operate on hard drives with SECTSR loaded.
It uses SECTSR to protect the disk during conversion and will leave an
encrypted disk partition in protected mode.

Mike Ingle and I have different opinions on the distribution of
SecureDrive.  Under the GNU General License (copyleft) I do not need
Mike's permission to distribute version 1.3 and I have not asked for
same.  My policy on distribution is in the version 1.3 doc:

    Exporting this program.  Cryptography is export controlled, and
    sending this program outside the country may be illegal.  Don't do
    it.

    The "author" of versions 1.2 and 1.3, Edgar Swank, says that the
    export ban should not prevent you from placing this program on
    public BBS's and anonymous FTP sites in the US and Canada.  If
    individuals outside the US/Canada use the internet or
    international long distance to obtain copies of the program, THEY
    may be breaking US law.

    Any such foreign individuals should be aware that US law
    enforcement may legally (under US law) apprehend individuals who
    break US laws even if such individuals are not on or even have
    never been on US soil.  Such apprehension may remove such
    individuals directly to US jurisdiction without benefit of
    extradition proceedings in such individuals' home country(ies).
    This has actually happened in at least two cases, Mexico --
    suspect in murder of US drug agent, Panama -- Noriega -- indicted
    in absencia for drug smuggling.  As is well known, after a small
    war with Panama, Noriega was brought to the USA, tried and
    convicted.  He is now a guest of the US Government in a Florida
    prison.

SecureDrive Version 1.3A is already available for download on the
following public BBS's as SECDR13A.ZIP:

  Eagle's Nest         (408)223-9821
  Flying Dutchman      (408)294-3065

Also I have a report (unverified so far) that Version 1.3 may now
be obtained from a mailserver. Send mail to

[email protected]

with body text that looks like this

get /files/public/secdr13a.zip
quit

Please attempt to use the mailserver or the two BBS's above before
requesting a copy directly from me.

I will send a FEW more copies via E-mail to persons with a US/Canada
net address who request a copy AND promise to upload it to a
USA/Canada e-mail fileserver or anonymous FTP site.  (I don't have
access to FTP from my account here).

I will announce here as I learn of Version 1.3A availability via
additional automated e-mail or FTP sites.

Here is the contents of SECDR13A.ZIP:

 Length  Method   Size  Ratio   Date    Time    CRC-32  Attr  Name
 ------  ------   ----- -----   ----    ----   -------- ----  ----
  18321  DeflatX   6914  63%  06-14-93  22:27  0767480b --w-  COPYING
   1332  DeflatX    518  62%  01-30-94  09:30  bbb5655c --w-  MAKEFILE
   1632  DeflatX   1260  23%  12-04-93  00:43  980125ec --w-  KEY.ASC
  19664  DeflatX   4183  79%  11-19-93  21:42  22c2502c --w-  CRYPT2.ASM
   1355  DeflatX    629  54%  01-21-94  08:44  db63ade4 --w-  RLDBIOS.ASM
  24652  DeflatX   7740  69%  01-29-94  14:51  d0f5feaf --w-  SECTSR.ASM
   7507  DeflatX   2581  66%  12-29-93  21:15  ceda9b20 --w-  SETENV.ASM
     33  Stored      33   0%  07-16-93  06:09  aa6151a5 --w-  M.BAT
  16175  DeflatX   3949  76%  01-29-94  17:57  88215957 --w-  CRYPTDSK.C
  12260  DeflatX   3167  75%  01-29-94  18:27  7b10d96f --w-  LOGIN.C
  11557  DeflatX   3277  72%  05-09-93  19:38  e71f3eea --w-  MD5.C
  10860  DeflatX   2878  74%  01-29-94  18:07  3a9154c0 --w-  SDCOMMON.C
   1778  DeflatX   1160  35%  01-30-94  09:31  48688ff7 --w-  SECTSR.COM
   1152  DeflatX    586  50%  01-30-94  10:15  e44c593f --w-  BUGS13.DOC
  31425  DeflatX  10610  67%  01-30-94  09:59  235f457a --w-  SECDRV.DOC
  35024  DeflatX  16598  53%  01-30-94  09:31  99417b77 --w-  CRYPTDSK.EXE
  34072  DeflatX  16021  53%  01-30-94  09:31  26a2fb82 --w-  LOGIN.EXE
   3407  DeflatX   1097  68%  05-11-93  12:49  f1f58517 --w-  MD5.H
   3020  DeflatX    909  70%  01-24-94  03:32  8ee1c1f6 --w-  SECDRV.H
   1254  DeflatX    541  57%  05-09-93  19:39  182978aa --w-  USUALS.H
    152  Stored     152   0%  01-30-94  10:03  68a2560c --w-  SECTSR.SIG
    152  Stored     152   0%  01-30-94  10:04  a1d33655 --w-  LOGIN.SIG
    152  Stored     152   0%  01-30-94  10:04  845de45f --w-  CRYPTDSK.SIG
 ------          ------  ---                                  -------
 236936           85107  65%                                       23


Also note that the ZIP file contains PGP detached signatures (*.SIG)
for the executable files.  Finally here is my public key, also
available on many public keyservers; note who has signed it.

Type bits/keyID   Date       User ID
pub  1024/87C0C7 1992/10/17  Edgar W. Swank <[email protected]>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3a

mQCNAirfypkAAAEEAKe2jziPeFw6hY19clR2GtQ4gtGCSSVOTgPKEJzHfuC74Scf
9PEuu1kebLhHk43A9wo1vr52o4jpH/P/tnFmRtBQOMzLUzAt5rMucswtSVviMQS2
hBuc9yGJKWHVcyfA79EARKEYTdhx+2qKI+hFJcPE+rmD8wVoF94nNf3ah8DHAAUR
tClFZGdhciBXLiBTd2FuayA8ZWRnYXJAc3BlY3RyeC5zYWlnb24uY29tPokAlQIF
ECwAALo04ip/MkW/XQEBmNQD/0jUVqT0LMoVvw7Zz2FXyWrdBn6bRlyGxeqQWhig
DXRipZ824/fHbA2vkbAczEayw8ZpwRVmhWNsxxWhjYFIi92KYJbAP/XIbr+rEuTI
hPKKKKhuuGLUWhfXhCFluHjs3CA6ZQwnT4jnu1NlCkcnWLbL4ktqub2zLwrHCPUe
31L1iQCUAgUQK9Y50xgzoWUItwfFAQHPrAPzBbf6lQyzwbUwdxayzLDoh3Hygnun
Looi+yzziEVQchOgSt3sLe2I108DLxTgp+26lJYTAZB+Gg8HGyB+Nz6263D0XlVU
XQi9/7CSRyd8bhYFeuFPwFzHPWZlyLDAIsuaEfBsmp2DBLgffvhUCqiiWYmP9oa+
rOA+5IHS+xN8tIkAVQIFECu5dYOzvL/Jh3qmYQEBYDICAI5KdaTiPr2Y1OtRCTi6
xMG6hnRNalvK9C5d/bxrKnUYqsfSpKayX+Ts9psmq6a6doOrX3AAtgcZuTCYUfQk
d22JAJUCBRArlzITocE4X0qvAOUBAahdA/4rRoSVp3G+Ki0wvkcAvpnwt7vSEYpH
XSkyoC8LdAqs9bft5NDTOykgw5H1qFG1Doqk6oR0yxY0k91eVoBVclLWDb94sNO3
JjHJKO/QdODik5DpmXEnQhBfLlujuYkCtJjoBv1+QdImnnv9aNidGuLAneNvZ+UN
NqfE3IRShzNw3IkAlQIFECtj5iw2VpfGMt2Y2QEBDEYD/2iMMml65eFaNWrNP7ab
Yh8QW3+Mnjyl5CNpAjGkxejmIm4nZKqUHN5DuGzpJDnstRwbz6daXK15XcoM1m8g
uhu6UzIwHs9+hbKE6inTCz4C0mE55PSmvF/ejjexnGzsiFpuFnjN/sRrSHc57flO
IUWBCZD8Hizz3aYBxmvwJ863iQCVAgUQKxEXHOJ13g7/Z/cLAQGyYgP/apcv9V2M
bHFgU0hl0D4MLqGjBReUfDroxQCsgsTb/0nr1W9yltBMqYPgD7ThLAf2rxIPNbGy
D7VUA27LTwQTS6n2mbtkHOvGQVw7J2GwTA6319Gf0Qne0M1h7VJWjFX0Vzjuh/nk
6btxM2uTLSF2nUsDXe5/9N5XeesFhrbXNrM=
=4fGE
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLVFwE94nNf3ah8DHAQEkVQP/QzHZ0oqDW3XYrpYANTfeA7hIMgweKz8N
7/UpkV5XHhePwEfJA3fFn2Gs/BwF6Oy0xsJOk16AIE5JtAWqp5x3jzQ6BuJhkhhk
RcVrmtqqBfj8PMnpm3rdQRUMC9CftxA/m06y3Cw5FHgxvrOXcZfyrsBIR26UejsI
4fOY+JjlglQ=
=sBOp
-----END PGP SIGNATURE-----

--
[email protected] (Edgar W. Swank)
SPECTROX SYSTEMS +1.408.252.1005  Cupertino, Ca
Prev by Date: CERT advisory
Next by Date: STEG: a real-life use for steganography
Prev by thread: Re: CERT advisory
Next by thread: STEG: a real-life use for steganography
Index(es):
- Date
- Thread