[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ideal secure personal computer system
a locked startup disk is not a good idea, if it is even possible.
Most applications setup scratch space on the startup volume. It would
be a better idea to setup a partition for applications and lock it, if
you feel that is necessary. Norton DiskLock is a nice tool that
provides a startup password protection as well as screensaver
password. It will request a password if the machine sleeps or to
reboot after a crash.
A. Gulkis
-------------------------------------------------------------------
Electronic and Time Based media? whats that?
http://valhalla.res.cmu.edu/vidarr/
President, Screaming Viking Research Labs
Reinventing Perceptions of Reality
pgp key: finger [email protected]
-------------------------------------------------------------------
tom bryce <[email protected]> writes:
> Here's a question: if one were designing for oneself a secure personal
> computer system, for use in, say, word processing, spreadsheet,
> communications, the usuals - what system would one purchase and how would
> one set it up?
>
> For example, on the Mac I would envision this as the ideal system:
>
> (1) Get a power mac
> (2) Partition the hard drive into two partitions:
> install the system folder on one and a copy of CryptDisk
> make this the startup partition and make it READ ONLY with aliases to
> folders you want to be modiyfable (such as Eudora Folder in the sys folder)
> place these folders on the encrypted partition
> (3) Completely fill the other partition with a CryptDisk file so there is no
> room for other stuff to be written. Adjust the partition size if needed.
> (4) Install a screen saver (such as shareware Eclipse) that will password lock
> the screen after a few minutes of inactivity, and set CryptDisk to dismount
> the external partition after a few minutes of inactivity (or longer)
>
> This would be a basic setup. If one had more complex ideas, such as setting
> it up so casual onlookers would not notice the system was protected, you
> could do things like have a decoy normal partition with system folder to
> boot from by default, to be bypassed with an external locked system folder
> disk, after which one could dismount the decoy partition and mount the
> encrypted partition.
>
> If locking the startup volume turns out to be too much of a pain, one could
> install trashguard from Highware software and set it to triple overwrite
> deleted files, and otherwise not lock the startup partition.
>
> How would things work on Windows 95? I imagine most of the old DOS-based
> encryption utilities may have compatibility problems with W95. What would a
> similar ideal system be for a PC?
>
> Tom