The best way to achieve this kind of protection

That should have been an "or".

Yes, I would use a zero-day bug, which NoScript may not be able to block, and it would go right through into your system, and run the code I want it to run, and communicate the results to me by some method.

I would already have had you as a specific target in mind. Then again, having full control of your machine, it wouldn't be too hard to figure it out.

 

Ok gotcha, thanks.

P.S I just love those shades I should get some lol.

 

Hi

What if the browser is sandboxed? Or running under LUA? Will it still work?

If someone was just using their computer to browse the web and had no personal info, could you find out where one lived?

Thanks

 

How about a modified OpenBIOS that includes a stepped single-pass wipe of the memory upon shutdown?

Presumably this BIOS could also be modified to disable all the extraneous ACPI power states too, to ensure that the only way to shut down the machine would be to go through a full shutdown -> wipe -> poweroff.

I haven't looked at OpenBIOS in detail, but it seems like it should be possible. The resources to access the memory, and the code to do the wipe, shouldn't be too demanding, and the result is bound to be faster than the 5 minutes it takes the charge to dissipate completely from the RAM chips.

 

Well, if your going through proper powerdown, then TC Will wipe the RAM on dismount anyways. OpenBIOS (never heard of it before now) still couldn't do anything if someone simply "pulled the plug."

 

What if there is a power outage or someone shuts down their PC without a proper dismount. Would a person then be able to boot the PC up and get the password and keyfiles content from anywhere? Is the password and keyfile "cached" or copied to the hard drive at all, and then wiped as TC is dismounted?

Because if that is the case, if a person gets an outage or just shuts down their PC without properly dismounting, then a person could get their password from somewhere?

 

Password and keyfiles No.

If they have immediate access to the machine upon its shutdown, they Can attempt to recover the Master Key. There is a timelimit. More time = more RAM degradation.

And then yes, they don't need the password or keyfile to access the data in the container. Read the other active thread, I did a nice explanation.

 

Ok thank you KM. So the only way they can get access is from RAM. But if my laptop is turned off for an hour or so, there is no way they can gain access to my TC encrypted container. I got it, thanks.

 

THIS is what Bruce Schneier would call SnakeOil (http://www.schneier.com/crypto-gram-9902.html#snakeoil)... somebody should point this out to him... I am sure he would appreciate it.

The VIP?? HAHAHA Was Paris Hilton there too?

 

Yup. Still works. Breaking out of sandboxes is easy. Sandboxes only prevent software that wasn't designed to leave the sandbox. Kind of like those chain locks on apartment doors, or gated communities: "you ain't gettin in! ... unless you push... with your hand" it only keeps out the honest people.

Depends how much control I have over the machine and it's internet stream. If i just know the IP, which any website would be able to get if you visited it, I can find out what city you live in almost certainly, I might even be able to find out your home address with a little bit of effort from just the IP address. Your ISP knows where you live, and if I have your IP I know who your ISP is.

 

I would be happy for him to take a look at it. I think he would be exceptionally pleased with it, especially considering that he seemed to like the last piece of software I wrote.

 

Are you saying that if a person runs sandboxie, that programs are still made active outside it unless they are written with sandboxie in mind?

If so, then using sandboxie is a waste of time?

 

Hey XeroBank, do you have a webpage explaining your personal system and setup and hints and tips how to make our laptops as secure as possible?

And regarding http://www.schneier.com/blog/archives/2006/09/torpark.html

Is Torpark something you wrote? Is that what it was called before Xerobank?

And is there a Xerobank version that I can run without installing anything?

 

That's exactly the question I was wondering.
Also, XeroBank, will you point to a ling where Schneier (or any other qualified cryptographer/security expert) reviews your service? Thank you.

 

We're toying around with an experimental "best practices" manual, not much is developing in that direction because generic security isn't what we're about, and taking an insecure system and making it secure is a logical impossibility. It would have to start out secure, and work its way down to insecure. We are thinking about it though, and we do have some ideas. This is where xb machine comes in, as we're going to make it a secure OS that you can actually install as your main operating system, once we have some spare time.

Yes, I wrote Torpark. That is what xB Browser used to be called.

I also wrote most of the "XeroBank Installer", but amir deserves most of the credit. It really is unlike other installers. It is modular, no registry keys and other sloppiness. It's just like not installing, as silly as that sounds. You just tell it where you want to "install" and it places the files there and sets up the internal INI files for whatever settings you gave it during "installation". You could just as easily pick up the directory and move it around to any machine or any drive etc, and it will still run all the same. I hate the idea of programs that spider into an operating system, so we wrote it to be totally self-contained.

 

Thanks for the reply.

I can't wait to see the OS you will release in the future. I understand the comment you made about not making an unsecure platform secure, but rather start out secure from the foundation and from the start.

That's why I don't use Vista a lot, and try to make it secure, because the core is unsecure to begin with. I run Linux most of time, but I run it as guest using Virtualbox which then has the underlining of Vista which is unsecure.

So the day you release a secure OS, I will definitely give it a go.

I will watch your future work with interest.

 

How would be Vista's core insecure to begin with? Maybe you are getting confused with Windows 98/Windows ME or something?
Now, I don't wanna start the meaningless discussion about "Linux is more secure than windows or not?", which makes anybody even a bit interested in security puke, but saying that Vista is unsecure by design doesn't make much sense to me.

 

You know, I'm going to side with Markoman on this one. From what I've read it was designed to be the most secure version of Windows yet. Refresh my memory as to why you feel otherwise?