Portable Apps on USB -- for PI era machines

Discussion in 'other software & services' started by Sully, Sep 20, 2009.

Thread Status:
Not open for further replies.
  1. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    So I have this little pet project now. The 'why would you do this' aside, I find the need to create a USB pendrive, to be used on an older machine, rarely a 486, not likely a PI 66-133mhz, likely a PII or PIII 233-733mhz, not likely P4 or above machines. This might be considered the HOME location. The USB drive has of course portable apps, because the HOME machines do not have internet.

    The USB drives will be taken to an internet cafe, where emails etc will be downloaded. These cafe machines will be considered to have PIII's or greater, likely running XP but perhaps a few may see *nix. They will be restricted, so Admin mode is strictly out.

    The USB drives must have portable apps. Browsers, email clients, office solutions, some other 'basic' stuff. The users of these USB drives should be considered 80 year old noobs, thus it must be simple.

    Locking down tampering of Autorun.inf or other autorun methods must be first in line. Doing this while also leaving the autorun that exists is vital, as the autorun will start a USB menu for portable apps. It is just that we shall consider the internet cafe machines to be infected in all liklihood, so we don't want a conficker going back to the HOME computer.

    Antivirus, the only option I see will be ClamAV. The menu on the pendrive will ask "are you just returning from the internet cafe?", so that a scripted AV run can begin. The user will have to execute some scripted method to get the latest AV updates when they are at the internet cafe.

    The user, being a prescribed 80 year old noob, will only know how to click a button, and not know anything about configs etc.

    Any ideas are welcome, but right now I am seeking alternatives to Portable Apps, as they are mostly very large apps for modern machines. If some of these HOME machines are hand-me-downs, the portable apps need to be pretty small and also capable of running on 9x machines as well as nt kernel ones.

    Anyone have any links to some good sites? I have found a few that are very similar to PortableApps, that have pre-compiled a set of software titles with free licsensing.

    This project is for a good cause, but with the age of computers and the total lack of experience on the intended user, it poses some rather unique problems to solve.

    And above all, since there is no admin rights available, things, especially security (virii and malware) are very tricky. Also, it is out of the question to use a liveCD or any form of rebooting the internet cafe machine to do such thing. Also, while a puppylinux or DSL distro in QEMU can be easily achieved from the USB drive, the age of the machines at HOME rule out this method as well.

    Oh, the USB drives will likely be v1, so nice and slow, but cheap enough to give away to those who need them.

    Any takers?

    Sul.
     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Hi Sul,

    I've always assumed the "other" computer is infected with a USB virus!

    It's just a matter of checking the contents of the drive for any funny stuff when returning home from wherever. I assume the user has secure USB autorun policies/procedures in place at home to prevent any autorun exploit from executing.

    That was my procedure when teaching and accessing computers elsewhere.

    ----
    rich
     
  3. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    In this case, the user is very lucky to have a computer at all, much less a USB drive. The drives will be donated. The HOME computer may or may not be free of infections. I cannot help that. My goal is to make sure the USB drive is not infected with an autorun virii when it is taken to a computer that has internet access. The users in this case know absolutely nothing. If something is not very easy, it will be turned off because the user is not capable of fixing it because the computer is a box full of magic in the first place. Literally.

    So the goal is to help a user who does know how to email and browse, and use word or similar, but is unversed in really even what a processor or harddrive or for that matter a context menu is. This will of course vary I am sure. The point presented to me was, these users are way way way behind in technology and knowledge of computers, but still find they need to use email etc, but have no internet at home. Indeed they have to go somewhere and pay for it by the hour, on dialup likely.

    I expressed interest in finding a solution. How to protect the autorun of the USB. Finding a good set of free applications that are both small in file size as well as resource footprint. Since there is no knowledge, malware scanners and HIPS etc are out. It will rely totally on an AV I am afraid. Once an autorun is in place on the USB, my goal is to make sure it cannot be modified. I have read of various ways, so I am looking for one that is sure-fire, but that also keeps the existing autorun.inf intact. I plan to use or create a menu.exe that the autorun will start. This way I can modify what the menu.exe does, but the autorun.inf will always start the menu.exe.

    There is no one way to handle this situation properly. But in looking at what is being accomplished, it offers at least some improvement for the user to take a program to the internet cafe that is small enough to run on the HOME computer that also works on the cafe computer.

    It is rife with holes and flaws, but there is a distinct need for it. Besides, I enjoy mental challenges.

    Sul.
     
  4. 1boss1

    1boss1 Registered Member

    Joined:
    Jun 26, 2009
    Posts:
    401
    Location:
    Australia
    I find this site http://www.portablefreeware.com has quite a bit of free, portable apps that are somewhat old school and will likely run on lower spec machines. Also there may be some nuggets on the portables section at Softpedia, which may provide some variety to the PortableApps.com offerings.

    If you are up for a challenge, you could always convert existing freeware to portable versions yourself.

    As for Autorun, i think the better solution is to just disable it completely and teach them to open the pen drive and execute their menu.exe manually. Or you could name the menu something unusual, then use a Batch/AutoIt that will traverse through the drives from A-Z looking for SullyMenu.exe in the root dir and execute it when found.

    This way they can leave an icon on their desktop to double click to launch their menu, what drive letter the USB pops up on doesn't matter, and an unusual name will ensure it doesn't launch something else.

    As far as i'm aware, if the autorun is present and functional it can be modified regardless of the lock down method used by Windows unless a third party program was used to watch over it... I think anyhow, unless you have discovered otherwise?
     
  5. softtouch

    softtouch Registered Member

    Joined:
    Jan 31, 2006
    Posts:
    415
    This is a quiet difficult task you want to accomplish, protecting the autorun.inf, but having no admin rights.

    The virus or whatever malware would modify the autorun.inf before anything else would be able to stop it (considering the AV on the PC is outdated or does not detect the virus, what I see here all the time in internet cafe's).

    You cannot really write protect just the autorun.inf to prevent modification without having any *special* software running to prevent modification (because before this *special* software could run, the autorun.inf would be modified already by the malware, maybe just deleted and a new created...)

    The user might not have a PC at home, so no way to do a check.

    This is a real challenge...
     
  6. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
  7. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    In this case, it seems to me, you are doing them a disservice by having them use the U3 type of pen drive. It's like giving someone water skies when they can't swim very well.

    You mentioned:

    Several suggestions:

    1) they can use the browser on the cafe machine

    2) email - set them up with a web-based email acct. No need for an email program on the drive

    3) What do they need office solutions for? If the computer doesn't have MSWord, Wordpad will suffice for writing letters and other simple stuff.

    EDIT: You say they have a home computer. Just set up MSWord and they don't have to go to the cafe for that.

    Giving them a non-U3 type pen drive that won't execute autorun.inf, they can save their emails and Wordpad stuff to the drive and take it home.

    I know students that existed this way during their college years when using the Computer Labs.

    Otherwise, you do have a challenge.

    -rich
     
  8. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Thanks for the comments thus far.

    I was told of a situation where in a country that has very few computers, and fewer internet locations yet, that users who do need to recieve emails and check internet for information only have access to internet when they travel some distance to get to it. The need is such that they have been given old computers at HOME, and use them for administrative purposes on a very small scale. At HOME they might use word or some equivilent, perhaps take photos or make rudementary drawings with paint or the like, then need to communicate these things across email. So they are at HOME, creating these things, and need to take them with them to the internet cafe to send out.

    The age of the machines, with no funds to upgrade or for that matter repair, mean that there is a need for free small programs so they can familiarize themselves with one program. The USB portion comes in so that they can use the same program at the internet cafe, transport files to and from the cafe.

    The trick here is that I was told most of the cafe computers would likely be infected. So if the HOME computer is setup for the user, and no internet is available, it is likely that it will be slow but infection free. The need for USB to transport programs to the HOME computer for initial use, for transporting data back and forth between the cafe, and to be sure when the USB is put into the HOME computer after the cafe, that it does not introduce infection that way.

    It is complex because as we think of computers, and the speed of them, of privelages and rights, of curing a problem by looking at program options etc, evidentily the utter lack of knowledge on the users part is just that, utterly none. I presume that they have been shown how to type a letter in word, how to make and recieve emails. I have been told that they do understand what a folder and file is. I think the problem stems from the fact that someone who does know computers gives it to them, sets it up, sort of trains them to a degree, and then leaves. I heard there could be 10 older computer set up, and that if something happens they just sit for a very long time until someone who knows something actually happens through.

    I was told that if there were a USB stick with small programs for older machines, those programs could be housed on the HOME machine, and that the portability of the same programs on a USB stick (not U3) would be of great use to these users. I was told how much they pay for thier internet access, things of that nature, and agreed, USB and it's portability would be the ideal soltuion. So long as you can both find small applications and come up with something to keep a possibly infected USB stick from infecting the HOME computer.

    Now we know that using something like ClamAV you can script. So they could get the updates when they go to the cafe, and when putting USB stick in the HOME computer they can scan first thing. We know this is only a partial solution. Downloading an infected executabe, that is just residing on the USB stick, waiting for the user to execute it is likely. I don't know how to get around that. I was told that a PII would be the most common, that means somewhere between 233-500mhz. Much to slow for many current releases. Memory, you can guess, will be pretty low too.

    The thing is, because of the lack of knowledge, I will have to script or build tools for this. They really need a menu to work from, something easy or they will just not use it. The menu could also ask them simple things like
    1. Are you at a cafe?
    2. Are you at home?
    3. Are you at home, just returning from a cafe?

    And then perform routines based on thier answer. Even the first time they plug in the USB at HOME it would be easy to make a backup of the USB drive, so that if a problem ever developed, they could 'restore' it the way it was when they recieved it.

    It is not an easy solution, not an ideal solution. But when you mention it is doing them a dis-service, consider that without a USB stick they will have to pay much more at the cafe computer to type out the emails, as they have no way to have it prepared before hand. I think the goal is to give them a way to have some portability to save much $$. I guess even giving a cheap USB stick would be a very big deal.

    I am not sure if there really is a great solution. But after I was told of the problem, I thought with all that I know, maybe I can help someone who really knows nothing. I suppose I could waste time on more trivial things, but it is quite a challenge.

    Sul.
     
  9. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Now I'm confused. If not the U3 smart drive type, how can you have an autorun.inf file to launch a menu?

    I was referring to the U3 type, and I suggested a regular USB drive, not none at all!

    I think it's very doable as long as you can work around having to use an autorun.inf file! I applaud your efforts.

    ----
    rich
     
  10. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,952
    Location:
    U.S.A.
  11. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    There are freeware ones available, or you can 'roll your own' if needed. The important part is that autorun.inf starts some executable that is the menu. For example, here is one
    http://www.pegtop.de/start/

    Yes, I understand. I was both assuring that U3 really was not an option and reinforcing that what we might see as not so great may in fact be very great in other circumstances.

    Yes, it may come to a very different ending than what the original idea laid out was. It is rife with holes, but eh, I would never have been asked to help if it was easy to do.

    Sul.
     
  12. Pinga

    Pinga Registered Member

    Joined:
    Aug 31, 2006
    Posts:
    1,420
    Location:
    Europe
    Oh yes, PStart is awesome.

    Why don't you start a new topic on the portablefreeware.com forum and discuss this there, too?
     
  13. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    That is a good idea, but first I was checking into all the different repositories of these sort of portable apps, and to get an idea of what directions might be taken in regards to plugging as many holes in the security to this approach as possible.

    Sul.
     
  14. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    Sully: As I read through this thread, I notice that I haven't read of a software method around the autorun.inf issue. (If there is a way, I'm very interested in seeing it!) I imagine we all agree there are ways to lock down autorun.inf files. But we also know the files are no longer of use at that point (for any legit purpose.)

    One thing that comes to mind is that there are still some USB flash drives available with write protect switches. These might do the trick for some things but not all, as some programs need to keep a local cache of history, activity, settings, etc. (I have also read that some PCs may ignore the write protect switch. I have no idea if this is true and may be pure FUD.)

    Beyond that, you mention you are looking for low PC resource apps. By that, do you also mean things that will run on Win 98? Or are we talking about XP and beyond. If you mean 98, then your project will likely never get off the ground. I am not aware of any major brand of USB flash drive that still supports Win 98 with drivers (or if there are some, they won't be around much longer.)

    I agree this is an interesting project and if it comes to fruition, I would definitely be interested in seeing how it all goes together. But I certainly see some bumps in the road ahead... :(
     
  15. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Bumps in the road, indeed! Yes, Win98 era will exist, even the remote possibility of Win95. I cannot handle 95 well, just not enough support. And you are correct, the 98 issue of drivers exists. I was told that there was some sort of universal USB driver that was installed on many of these machines by the group that outfits them, so there are fair chances it might work on them.

    The age of the machines dictates that apps of the era are needed, at least in resource usage. For example, OpenOffice is not going to work at all. But I have found (thanks in part to the links provided here) two different office type suites which each component uses perhaps 10mb. I have yet to try them on an older machine to see if they dynamically reduce thier footprint.

    I had a few ideas for the autorun.inf, primary being create a partition with only enough room for autorun.inf, and have the autorun.inf point to the next drive letter. I don't see that happening for many reasons, but my thoughts were if you could make it so that there is only 1k available, no way a virii could be placed on the drive.

    What does work is creating a DIRECTORY named Autorun.inf. This of course stops autorun, but does also stop any way of actually creating/modifying autorun.inf. Unless of course the autorun directory were to be deleted lol.

    I have a growing collection of apps that are very small and portable, and I have found a menu that uses low resources and is pretty easy to maniuplate. I also found some new programs that I really like, one being Q-dir. I have used directory opus and file commander etc before, but always found myself using win explorer again. This one though is super. Also I started messing with QTweb browser, a really small browser I had never tried.

    I don't know that those with 9x machines in this case will find any benefit, but I will make something anyway.

    Sul.
     
  16. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    Well If the users need to move files between the USB and the Net PC, they would have to understand folders structure...

    So set up a folder on the USB with the Apps you want them to run.
    They can navigate to it.
    No need for a popup menus etc.

    Then block the autorun file whatever way you wish.

    Dont underestimate the users. If the PC is important to them , as I think it would be in this senario , they will
    learn how to use it. And propably one person in each group that has a HOME pc will have develop good IT knowledge over time.
     
  17. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Here I use Flash Disinfector by Subs.
    Article

    Some code below that could help find and delete usb worms manually?
    Code:
    dir /s /b /ah *.exe (list only hidden .exes)
    
    dir /s /b /ah *autorun.inf (hidden)
    
    dir /s /b /a *autorun.inf  (all)
    
    dir /s /b /ah *.inf (list all hidden .inf)
    
    attrib -h -r -s c:\path\to\the\executable.exe or .inf
    
    del c:\path\to\the\executable.exe or .inf
     
  18. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Thanks for the replies.

    First, I have been told to forget about the way I think about computers. I live in the US, and if I have a problem I just start clicking until I figure it out. But the users who I am trying to help, if they have a problem, they are likely to just turn it off. I was told that if the user goes around clicking options, and it does not work, they reboot a few times, if it still does not work, they go do something else. It is somewhat hard for me to comprehend, but then I don't live in a place where 1 in 10,000 have a computer, or whatever it is.

    So yes, you are right, undoubtedly some bright person is fascinated with it and plays with it and begins to understand it. I believe the problem is that geographically that 'learned' person is not going to walk 40 miles to help some other 'unlearned' person very often. I don't know the full scope other than this example was presented to me as a stumgling block for me to KISS. ;)

    Currently, I have found no better way to lock the drive down that the Autorun.inf directory with a hidden file named Lpt1 inside it, and that file containing the text 'caacaacaacaa', which is what Panda Vaccine does. There are likely other 'reserved' names, but I don't see the point in looking for them and making somethign myself when the Panda tool is already done and easy to use. So for now, unless I find some trick later, it looks like autorun will be off completely, which mitigates one threat.

    The other threat will now reside from something in the portable browsers cache or a downloaded file. I see only two legitimate options, ClamAV and DrWeb Cureit. Both are free manual scanners. So I have to make some sort of script or program to scan the USB drive. I am still working on how I am going to do that.

    Right now I have a decent setup. Many of the PortaleApps.com programs are huge in terms of resource usage. Regardless of 9x support, older machines running 2k/Xp will be severly bogged down. So I have found many other lightweight alternatives. Examples would be OpenOffice and Firefox as huge, and AbiWord and QTweb as small.

    I have found a way to manipulate the menus for the portable apps. I am currently using Portable Apps Menu, Cody Safe Menu and Lupo Pen Suite Menu. I have built two directories, PA-Fast and PA-Slow. Heavy programs go into the Fast directory and lightweight programs go into the Slow directory. Through directory and .ini manipulation I am able to have all three menus work to build program lists individually for the Fast and Slow directories. I then coded some quick executables that reside on the root of the USB stick, titled appropriately such as PortableAppsFAST.exe and PortableAppsSLOW.exe. Thier sole job is to start the launcher or menu for each of the 3 menus I am using. Each menu has its own pros and cons. The most notable is that some menus are consuming more resources but are sluggish, in the case of PortableApps menu. Others, like CodySafe are consuming a little more memory but are much more responsive.

    I have then made a program called A_Start.exe. This program is a small GUI that has two options, 1. 'have you just been on the internet' and 2. 'are you going to go to the internet'. Obviously if they choose 1 some scripted tool will start the AV or something. Maybe an option to for 'Are you now at the internet' to automatically get virus defintions or something.

    Then, after they have taken care of the whole virus issue or whatever, there are two option groups.
    Option 1
    Start one of the 3 menus on a FAST computer - each menu will allow them to use the 'heavier' set of applications.

    Option 2
    Start one of the 3 menus on a SLOW computer - each menu will allow them to use the 'lighter' set of applications.

    The lack of autorun is disappointing. But what I did to overcome this is in the A_Start.exe program, have it check for the existence of a program called USB_Menu.exe on the users desktop. If this file is not found, it is copied from the USB stick to the desktop.

    This USB_Menu.exe program does nothing more than put all 'removable drives' into an array and then step through the array, looking for the drive letter\A_Start.exe. If it is found it starts my GUI, otherwise it tells them to open windows explorer and find it themselves. This way they can have a simple icon on the desktop to double click, and under normal circumstances it will find and start my little GUI which then hopefully makes it easy for them get going.

    I believe I will make it multi-lingual through an .ini file as well.

    It is a good start, but far from perfected.

    Sul.
     
  19. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    Maybe try to create a script the deletes all unknown exe's on the USB key at
    either start or finish.
    That should take care of a lot of virii.
    Like the earlier poster suggested.
     
  20. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Good idea but that will not work. As portable apps have executables as well as the executables I need to make to get this all to work in a simplistic fashion. I am guessing that it would not be prudent to make a list of known and acceptible exes either because one goal is to let the user go to portable apps and get a new app and install it. Most of the menus I have seen all have some sort of feature to allow this easily.

    I wish it were that easy. If the drive was simply a storage drive that idea would work. But since the users don't have software other than what came with thier computer, this is a way to get them software and also let them go to the internet cafe and get new portable apps that they may need.

    I have no idea if the users will actually ever do this, but with how much software I will be providing on the USB stick initally, maybe there is enough for them to explore they might learn a bit more. At the very least, a portable version of Pong exists, so they can play games :D

    Sul.
     
Loading...
Thread Status:
Not open for further replies.