"nemo_outis" <abc@xyz.com> wrote in
news:Xns9841305E6C5C1abcxyzcom@204.153.244.170:

Snip


> My prime worry was that the cryptographic
> Kerchoffs' principle would be confused with the unrelated electrical
> Kirchoff's principle/law.

I know what you mean. I HATE when the happens. :0)


>> PS-If one uses VMWare to run Win98 (or 2000) inside a Truecrypt
>> partition in Xp, (in essence a poor man's full disk encryption) are
>> you aware of any leaks into the host OS that would suggest this
>> method inferior to an actual FDE of XP?
>
> I think it's a good method for a number of reasons, not least that it
> is difficult for any acquired viruses to break out of such a sandbox.
> (Unless, of course, you network your vmware virtual machine to your
> real machines.)
>
> And leakage to the main OS should be very small (I don't know if it's
> zero).
>
> There are two remaining points which (depending on your circumstances)
> may be vulnerabilities:
>
> 1. The fact that you are using vmware (not the activities within
> vmware) will be recorded in the containing OS (in the registry,
> existence of dlls & services, etc.)
>
> 2. You still have considerable exposure to things like software
> keyloggers, modified files, etc. in the containing OS recording your
> activities. One advantage of true full-disk encryption is that there
> is no place to install such malware even with covert access to the
> machine.
>

Thanks for the reply. I'm not too worried about the key logger as it is
much more likely that, were I to acquire one, it would be via the
network. Glad you generally think my scheme is passable .

And BTW thanks for the various links you pass onto the group. They have
made for much interesting reading.

You can now resume the sparring with your foe(s).