Educause Security Discussion mailing list archives

Re: malware strategy and products used

From: Mark Rogowski <m.rogowski () UWINNIPEG CA>
Date: Wed, 28 Jan 2009 14:33:39 -0600

Dennis Meharchand <dennis () VALTX COM> 01/20/09 1:35 PM >>>

Disclosure - Vendor Response (Valt.X is a security product vendor exiting

development stage)

Desktops: We use the Valt.X S Chip Desktop/Server Ultra Security Controllers

(PCI/PCI-e hardware controllers) on desktops - we do not use any Anti-Virus
or Anti-Spyware on Desktops.

Notebooks: We use the Valt.X Digital Secure Drive with the S Chip - we do

not use any Anti-Virus or Anti-Spyware on Notebooks.

Email Servers: We use the Valt.X S Chip Desktop/Server Ultra Security

Controllers (PCI/PCI-e hardware controllers) on email servers - in addition
we use Symantec Antivirus and Webroot Anti-Spyware to scan incoming emails.

Dennis Meharchand

CEO, Valt.X Technologies Inc.

Cell: 416-618-4622

Tel: 1-800-361-0067, 416-746-6669

Fax: 416-746-2774

Email: dennis () valtx com

Web: www.valtx.com

*******************************

Hi Folks,

This posting caught my attention. I decided to order one of these devices from this company to determine what the
product does and how effective it could be in the real world. Please be aware that I have no affiliation to/with this
firm at all other than possessing the willingness to jump on something that sounds way too good to be true.

The product is basically DeepFreeze on a chip with an added bonus. You can select between 'frozen mode' whereby any
changes made to the system will be lost once it is rebooted, and 'user mode' where changes are saved to the disk but it
is up to you to "backup" these changes once in awhile.

Setup, backup and restore operations are performed through a CLI interface on system boot. You access the interface
using a three key combination and must know a password to perform any function. It also has the ability to backup and
restore your CMOS settings as well.

I can certainly see value here from a time/human resource perspective. Desktop support for malware calls would be
reduced to a pittance provided due diligence was done by end users on backing up their system using the card. To
completely remove all alerting capabilities for known malware is a real stretch however. Without Anti Virus running, a
person could have a Trojan or keylogger on the system and never know it.

Anyway, just thought I'd share my observations.

Mark Rogowski CISSP, CISM
IT Security
Technology Solutions Centre
University of Winnipeg
Ph: (204) 786-9034

Current thread:

Re: malware strategy and products used Kellogg, Brian D. (Jan 20)
- <Possible follow-ups>
- Re: malware strategy and products used Dennis Meharchand (Jan 20)
- Re: malware strategy and products used Mark Rogowski (Jan 28)
- Re: malware strategy and products used Dennis Meharchand (Jan 28)