TwistyCreek <anon@comments.header> wrote in
news:LAJQLL7D38977.2445949074@twistycreek.com:
> "nemo_outis" <abc@xyz.com> wrote in news:Xns983D52A68669Dabcxyzcom@
> 127.0.0.1:
>
>> anonymous <anon@comments.header> wrote in
>> news:XOUCGODB38973.2769791667@twistycreek.com:
>
>>> Dr. EvenMorePedantic is compelled to point out that the gentleman's
>>> name in question is Kerchoffs, so in fact it is "Kerckhoffs'
>>> principle".
>>
>>
>> Reduced to looking for misplaced apostrophes? Your life really must
>> be very empty.
>
> Nemo, I was making a (very) modest joke here, no attack intended. I
> thought a smile or two would be useful in this group in between poor
> traveler66 being given the 'Mr. Bill' treatment everyday and the 'bait
> the psycho' stuff going on with the "FBI sadists' guy.
> Actually I found your your citation interesting and informative.
Sorry, I over-reacted :-)
You see, there are a number of folks here whom I have thoroughly spanked
in the past. They (directly or using a number of sockpuppets) now spend
their lives hoping I will make a misstep or misstatement so that they can
pounce on it. I must then spend the next half-dozen posts playing whack-
a-mole to suppress these morons for a bit while they lick their wounds.
I mistook your reply for one from them.
> BTW I am slightly disappointed in you as you failed to point out my
> misspelling of 'Kerckhoffs' name in my first use of it.
Actually, I let that slide. My prime worry was that the cryptographic
Kerchoffs' principle would be confused with the unrelated electrical
Kirchoff's principle/law.
> PS-If one uses VMWare to run Win98 (or 2000) inside a Truecrypt
> partition in Xp, (in essence a poor man's full disk encryption) are
> you aware of any leaks into the host OS that would suggest this method
> inferior to an actual FDE of XP?
I think it's a good method for a number of reasons, not least that it is
difficult for any acquired viruses to break out of such a sandbox.
(Unless, of course, you network your vmware virtual machine to your real
machines.)
And leakage to the main OS should be very small (I don't know if it's
zero).
There are two remaining points which (depending on your circumstances)
may be vulnerabilities:
1. The fact that you are using vmware (not the activities within vmware)
will be recorded in the containing OS (in the registry, existence of dlls
& services, etc.)
2. You still have considerable exposure to things like software
keyloggers, modified files, etc. in the containing OS recording your
activities. One advantage of true full-disk encryption is that there is
no place to install such malware even with covert access to the machine.
"nemo_outis" <abc@xyz.com> wrote in
news:Xns9841305E6C5C1abcxyzcom@204.153.244.170:
Snip
> My prime worry was that the cryptographic
> Kerchoffs' principle would be confused with the unrelated electrical
> Kirchoff's principle/law.
I know what you mean. I HATE when the happens. :0)
>> PS-If one uses VMWare to run Win98 (or 2000) inside a Truecrypt
>> partition in Xp, (in essence a poor man's full disk encryption) are
>> you aware of any leaks into the host OS that would suggest this
>> method inferior to an actual FDE of XP?
>
> I think it's a good method for a number of reasons, not least that it
> is difficult for any acquired viruses to break out of such a sandbox.
> (Unless, of course, you network your vmware virtual machine to your
> real machines.)
>
> And leakage to the main OS should be very small (I don't know if it's
> zero).
>
> There are two remaining points which (depending on your circumstances)
> may be vulnerabilities:
>
> 1. The fact that you are using vmware (not the activities within
> vmware) will be recorded in the containing OS (in the registry,
> existence of dlls & services, etc.)
>
> 2. You still have considerable exposure to things like software
> keyloggers, modified files, etc. in the containing OS recording your
> activities. One advantage of true full-disk encryption is that there
> is no place to install such malware even with covert access to the
> machine.
>
Thanks for the reply. I'm not too worried about the key logger as it is
much more likely that, were I to acquire one, it would be via the
network. Glad you generally think my scheme is passable .
And BTW thanks for the various links you pass onto the group. They have
made for much interesting reading.
In <9XKWWGHW38986.5094560185@twistycreek.com> TwistyCreek <anon@comments.header> wrote:
>"nemo_outis" <abc@xyz.com> wrote in
>news:Xns9841305E6C5C1abcxyzcom@204.153.244.170:
>
>Snip
><snip>
>
>>> PS-If one uses VMWare to run Win98 (or 2000) inside a Truecrypt
>>> partition in Xp, (in essence a poor man's full disk encryption) are
>>> you aware of any leaks into the host OS that would suggest this
>>> method inferior to an actual FDE of XP?
Watch out for "Shared memory." In the list of options for the
virtual machine, there is the option to share memory. Shared memory
may then be written to the swap file on the host OS. I forget
exactly how to turn it off - just go through every menu until
you find share memory or isolate memory (or one other that was
even worse).
>>
>> I think it's a good method for a number of reasons, not least that it
>> is difficult for any acquired viruses to break out of such a sandbox.
>> (Unless, of course, you network your vmware virtual machine to your
>> real machines.)
>>
>> And leakage to the main OS should be very small (I don't know if it's
>> zero).
>>
>> There are two remaining points which (depending on your circumstances)
>> may be vulnerabilities:
>>
>> 1. The fact that you are using vmware (not the activities within
>> vmware) will be recorded in the containing OS (in the registry,
>> existence of dlls & services, etc.)
Obfuscation: Use VMware for other OS's - Linux, another windows, etc,
and use the Truecrypt open disk for that, hidden disk for other stuff.
>>
>> 2. You still have considerable exposure to things like software
>> keyloggers, modified files, etc. in the containing OS recording your
>> activities. One advantage of true full-disk encryption is that there
>> is no place to install such malware even with covert access to the
>> machine.
>>
>
>Thanks for the reply. I'm not too worried about the key logger as it is
>much more likely that, were I to acquire one, it would be via the
>network. Glad you generally think my scheme is passable .
>
>And BTW thanks for the various links you pass onto the group. They have
>made for much interesting reading.
>
>You can now resume the sparring with your foe(s).
"[Anonymous] Persona" <anonymous@bigappleremailer.com> wrote in
news:1159296417_2512@bigapple.yi.org:
> Watch out for "Shared memory." In the list of options for the
> virtual machine, there is the option to share memory. Shared memory
> may then be written to the swap file on the host OS. I forget
> exactly how to turn it off - just go through every menu until
> you find share memory or isolate memory (or one other that was
> even worse).
Thanks for the tip. Just the sort of thing I was hoping for.
> Obfuscation: Use VMware for other OS's - Linux, another windows, etc,
> and use the Truecrypt open disk for that, hidden disk for other stuff.
Re: A Truecrypt Trick 
Linear Mode
