[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Announcing SecureDrive 1.3A
- To: Cypherpunks <[email protected]>
- Subject: Announcing SecureDrive 1.3A
- From: [email protected] (Edgar W. Swank)
- Date: Fri, 04 Feb 94 09:49:37 PST
- Comments: Liberty!
- Organization: SPECTROX SYSTEMS (408)252-1005 Cupertino, Ca, USA
-----BEGIN PGP SIGNED MESSAGE-----
This is to announce the availability of Version 1.3A of SecureDrive.
This is a maintenance release of SecureDrive 1.3. It mainly fixes
reported problems and has minimal new function. See file BUGS13.DOC.
The only visible functional change from 1.3 is the appearance of
msg
Check bytes in Disk x: Boot Sector need updating from 1.3 to
1.1/1.3A. Proceed?
which will be issued by both LOGIN and CRYPTDSK when they attempt to
verify a passphrase on a hard disk or diskette encrypted by version
1.3 CRYPTDSK operating in version 1.1 compatability mode. This
corrects the error in computing the check bytes used to verify the
passphrase and updates the check bytes to the correct 1.1 value and
WRITES back the boot sector. Note that once this update has taken
place, this disk cannot be decrypted by release 1.3 anymore.
Releases 1.3 and 1.3A of Secure Drive are based on releases 1.0 and
1.1, mostly written by
Mike Ingle <[email protected]>
and version 1.2, with significant new code by myself.
The code which we wrote is not copyrighted, but the program contains GNU
Copylefted code, and therefore may be freely distributed under the terms of
the GNU General Public Licence. See file COPYING for legalese.
Version 1.2 and 1.3 add significant new function.
As of Version 1.2, you may use an operand /PGP with LOGIN, either
by itself, or with other operands. By itself,
LOGIN /PGP
will prompt for a passphrase and set the PGPPASS environment variable with
whatever is entered. If PGPPASS is already set then
LOGIN D: /PGP
or
LOGIN /F /PGP
will use whatever PGPPASS is set to as the passphrase. For the hard
disk partition, LOGIN will test the PGPPASS passphrase. If it is incorrect,
then it will prompt you for another passphrase.
If PGPPASS is NOT set when these forms of LOGIN are used, than a passphrase
is prompted for AND PGPPASS is set to this passphrase. This is more
secure than using the SET command since LOGIN only echoes "*"'s when
entering the passphrase.
As of Version 1.2, typing LOGIN /C /PGP will clear the SecureDrive crypto
keys from memory AND clear the PGPPASS environment variable. This is done
in a manner less likely to leave your passphrase in memory than just using
the DOS SET command. In addition, Version 1.2 clears all the free memory
it can find, which is likely to include some plaintext. However, if you
want to be absolutely sure all traces of sensitive data are erased from
memory then turning off the computer is still recommended.
As of version 1.2, if PGPPASS is set before you run CRYPTDSK, CRYPTDSK
will ask to use the value of PGPPASS for the passphrase before
prompting you (for encryption), or try PGPPASS (for decryption).
Obviously, if you encrypt or decrypt a lot of diskettes at once, this
feature can save you a lot of typing.
The purpose of these changes is to allow you to enter a single passphrase
only once per boot IF you choose to use the same passphrase for your PGP
secret key, your SecureDrive encrypted hard disk partition, and SecureDrive
encrypted floppies.
Version 1.3 supports up to four hard drive partitions in "safe" mode,
only one of which may be active at any given time. One purpose of
having multiple encrypted hard disk partitions is so that up to four
users (perhaps members of a family) can each have their own encrypted
partition with its own unique passphrase. This allows up to four
users to have privacy from each other, even if they all use the same
PC and physical hard disk(s).
Version 1.3 gives you a choice of whether to use the version 1.1
passphrase digest or to use the (faster but perhaps slightly less
secure) 1.0 version. If you select 1.0 compatiblity, it's unnecessary
to decrypt and re-encrypt your 1.0-encrypted hard disk partition(s)
and floppies.
If you decide to switch to 1.1 passphrases, Version 1.3 CRYPTDSK will
allow you to convert in one pass with no plaintext stored on disk.
Version 1.3 includes the 1.2 changes for using PGPPASS. There are
additional ehhancements to allow you to use the hard disk passphrase
for the floppy disks without typing it in, even if PGPPASS is not set
or is something different.
Version 1.3 CRYPTDSK will operate on hard drives with SECTSR loaded.
It uses SECTSR to protect the disk during conversion and will leave an
encrypted disk partition in protected mode.
Mike Ingle and I have different opinions on the distribution of
SecureDrive. Under the GNU General License (copyleft) I do not need
Mike's permission to distribute version 1.3 and I have not asked for
same. My policy on distribution is in the version 1.3 doc:
Exporting this program. Cryptography is export controlled, and
sending this program outside the country may be illegal. Don't do
it.
The "author" of versions 1.2 and 1.3, Edgar Swank, says that the
export ban should not prevent you from placing this program on
public BBS's and anonymous FTP sites in the US and Canada. If
individuals outside the US/Canada use the internet or
international long distance to obtain copies of the program, THEY
may be breaking US law.
Any such foreign individuals should be aware that US law
enforcement may legally (under US law) apprehend individuals who
break US laws even if such individuals are not on or even have
never been on US soil. Such apprehension may remove such
individuals directly to US jurisdiction without benefit of
extradition proceedings in such individuals' home country(ies).
This has actually happened in at least two cases, Mexico --
suspect in murder of US drug agent, Panama -- Noriega -- indicted
in absencia for drug smuggling. As is well known, after a small
war with Panama, Noriega was brought to the USA, tried and
convicted. He is now a guest of the US Government in a Florida
prison.
SecureDrive Version 1.3A is already available for download on the
following public BBS's as SECDR13A.ZIP:
Eagle's Nest (408)223-9821
Flying Dutchman (408)294-3065
Also I have a report (unverified so far) that Version 1.3 may now
be obtained from a mailserver. Send mail to
[email protected]
with body text that looks like this
get /files/public/secdr13a.zip
quit
Please attempt to use the mailserver or the two BBS's above before
requesting a copy directly from me.
I will send a FEW more copies via E-mail to persons with a US/Canada
net address who request a copy AND promise to upload it to a
USA/Canada e-mail fileserver or anonymous FTP site. (I don't have
access to FTP from my account here).
I will announce here as I learn of Version 1.3A availability via
additional automated e-mail or FTP sites.
Here is the contents of SECDR13A.ZIP:
Length Method Size Ratio Date Time CRC-32 Attr Name
------ ------ ----- ----- ---- ---- -------- ---- ----
18321 DeflatX 6914 63% 06-14-93 22:27 0767480b --w- COPYING
1332 DeflatX 518 62% 01-30-94 09:30 bbb5655c --w- MAKEFILE
1632 DeflatX 1260 23% 12-04-93 00:43 980125ec --w- KEY.ASC
19664 DeflatX 4183 79% 11-19-93 21:42 22c2502c --w- CRYPT2.ASM
1355 DeflatX 629 54% 01-21-94 08:44 db63ade4 --w- RLDBIOS.ASM
24652 DeflatX 7740 69% 01-29-94 14:51 d0f5feaf --w- SECTSR.ASM
7507 DeflatX 2581 66% 12-29-93 21:15 ceda9b20 --w- SETENV.ASM
33 Stored 33 0% 07-16-93 06:09 aa6151a5 --w- M.BAT
16175 DeflatX 3949 76% 01-29-94 17:57 88215957 --w- CRYPTDSK.C
12260 DeflatX 3167 75% 01-29-94 18:27 7b10d96f --w- LOGIN.C
11557 DeflatX 3277 72% 05-09-93 19:38 e71f3eea --w- MD5.C
10860 DeflatX 2878 74% 01-29-94 18:07 3a9154c0 --w- SDCOMMON.C
1778 DeflatX 1160 35% 01-30-94 09:31 48688ff7 --w- SECTSR.COM
1152 DeflatX 586 50% 01-30-94 10:15 e44c593f --w- BUGS13.DOC
31425 DeflatX 10610 67% 01-30-94 09:59 235f457a --w- SECDRV.DOC
35024 DeflatX 16598 53% 01-30-94 09:31 99417b77 --w- CRYPTDSK.EXE
34072 DeflatX 16021 53% 01-30-94 09:31 26a2fb82 --w- LOGIN.EXE
3407 DeflatX 1097 68% 05-11-93 12:49 f1f58517 --w- MD5.H
3020 DeflatX 909 70% 01-24-94 03:32 8ee1c1f6 --w- SECDRV.H
1254 DeflatX 541 57% 05-09-93 19:39 182978aa --w- USUALS.H
152 Stored 152 0% 01-30-94 10:03 68a2560c --w- SECTSR.SIG
152 Stored 152 0% 01-30-94 10:04 a1d33655 --w- LOGIN.SIG
152 Stored 152 0% 01-30-94 10:04 845de45f --w- CRYPTDSK.SIG
------ ------ --- -------
236936 85107 65% 23
Also note that the ZIP file contains PGP detached signatures (*.SIG)
for the executable files. Finally here is my public key, also
available on many public keyservers; note who has signed it.
Type bits/keyID Date User ID
pub 1024/87C0C7 1992/10/17 Edgar W. Swank <[email protected]>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3a
mQCNAirfypkAAAEEAKe2jziPeFw6hY19clR2GtQ4gtGCSSVOTgPKEJzHfuC74Scf
9PEuu1kebLhHk43A9wo1vr52o4jpH/P/tnFmRtBQOMzLUzAt5rMucswtSVviMQS2
hBuc9yGJKWHVcyfA79EARKEYTdhx+2qKI+hFJcPE+rmD8wVoF94nNf3ah8DHAAUR
tClFZGdhciBXLiBTd2FuayA8ZWRnYXJAc3BlY3RyeC5zYWlnb24uY29tPokAlQIF
ECwAALo04ip/MkW/XQEBmNQD/0jUVqT0LMoVvw7Zz2FXyWrdBn6bRlyGxeqQWhig
DXRipZ824/fHbA2vkbAczEayw8ZpwRVmhWNsxxWhjYFIi92KYJbAP/XIbr+rEuTI
hPKKKKhuuGLUWhfXhCFluHjs3CA6ZQwnT4jnu1NlCkcnWLbL4ktqub2zLwrHCPUe
31L1iQCUAgUQK9Y50xgzoWUItwfFAQHPrAPzBbf6lQyzwbUwdxayzLDoh3Hygnun
Looi+yzziEVQchOgSt3sLe2I108DLxTgp+26lJYTAZB+Gg8HGyB+Nz6263D0XlVU
XQi9/7CSRyd8bhYFeuFPwFzHPWZlyLDAIsuaEfBsmp2DBLgffvhUCqiiWYmP9oa+
rOA+5IHS+xN8tIkAVQIFECu5dYOzvL/Jh3qmYQEBYDICAI5KdaTiPr2Y1OtRCTi6
xMG6hnRNalvK9C5d/bxrKnUYqsfSpKayX+Ts9psmq6a6doOrX3AAtgcZuTCYUfQk
d22JAJUCBRArlzITocE4X0qvAOUBAahdA/4rRoSVp3G+Ki0wvkcAvpnwt7vSEYpH
XSkyoC8LdAqs9bft5NDTOykgw5H1qFG1Doqk6oR0yxY0k91eVoBVclLWDb94sNO3
JjHJKO/QdODik5DpmXEnQhBfLlujuYkCtJjoBv1+QdImnnv9aNidGuLAneNvZ+UN
NqfE3IRShzNw3IkAlQIFECtj5iw2VpfGMt2Y2QEBDEYD/2iMMml65eFaNWrNP7ab
Yh8QW3+Mnjyl5CNpAjGkxejmIm4nZKqUHN5DuGzpJDnstRwbz6daXK15XcoM1m8g
uhu6UzIwHs9+hbKE6inTCz4C0mE55PSmvF/ejjexnGzsiFpuFnjN/sRrSHc57flO
IUWBCZD8Hizz3aYBxmvwJ863iQCVAgUQKxEXHOJ13g7/Z/cLAQGyYgP/apcv9V2M
bHFgU0hl0D4MLqGjBReUfDroxQCsgsTb/0nr1W9yltBMqYPgD7ThLAf2rxIPNbGy
D7VUA27LTwQTS6n2mbtkHOvGQVw7J2GwTA6319Gf0Qne0M1h7VJWjFX0Vzjuh/nk
6btxM2uTLSF2nUsDXe5/9N5XeesFhrbXNrM=
=4fGE
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.3a
iQCVAgUBLVFwE94nNf3ah8DHAQEkVQP/QzHZ0oqDW3XYrpYANTfeA7hIMgweKz8N
7/UpkV5XHhePwEfJA3fFn2Gs/BwF6Oy0xsJOk16AIE5JtAWqp5x3jzQ6BuJhkhhk
RcVrmtqqBfj8PMnpm3rdQRUMC9CftxA/m06y3Cw5FHgxvrOXcZfyrsBIR26UejsI
4fOY+JjlglQ=
=sBOp
-----END PGP SIGNATURE-----
--
[email protected] (Edgar W. Swank)
SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca