Re: Virus/Trojan/Worm in the Dorms

[Dennis Meharchand <dennis () VALTX COM>]

> I'll bite - how does it deal with disks that have only one partition
defined, so user files are on C: as well?

We do need a separate Data partition in which the My Documents/User Folders
are stored. So our system is using unallocated space to create a hidden
"Change" partition which is temporarily superimposed/combined with the
secure partition to form the C: Drive - it also uses any unallocated space
to create a hidden Data Drive which is not visible to the OS until opened
with a password or USB authentication key.

> That's *always* been the tough part with "lock it down", especially for
student machines, and other machines not owned by the
university/corporation/etc - if you don't have the political clout to say
"This Machine WIll Be Locked Down", the users tend to get irritated with
lockdown schemes when they interfere with what the user wants to do with the
machine, even when it's "for their own good". 

We will be addressing this in marketing to end users - in test market retail
stores 95% of customers chose to install 

> I seem to recall that the first iteration of UAC was a *lot* more secure,
but Microsoft had to tone it down a bunch due to user complaints...

Microsoft were test marketing a competitive XP solution in Asia - we believe
they withdrew when they became aware that Valt.X had the patents in this
area - our thinking is that they did not want to risk a patent fight over
Windows 7

Dennis Meharchand
CEO, Valt.X Technologies Inc.
Cell: 416-618-4622
Email: dennis () valtx com
Web: www.valtx.com 

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valdis Kletnieks
Sent: September 2, 2011 11:23 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Virus/Trojan/Worm in the Dorms

On Fri, 02 Sep 2011 20:35:27 EDT, Dennis Meharchand said:

> It locks down the C: Drive so any attempted malware infection gets 
> deflected and eliminated with a simple reboot.

I'll bite - how does it deal with disks that have only one partition
defined, so user files are on C: as well? The tricky part is when the user
manages to drop an executable into their "My Documents" folder - it's
*really* hard to tell the difference between a binary a user wanted to
install and one they accidentally install...

That's *always* been the tough part with "lock it down", especially for
student machines, and other machines not owned by the
university/corporation/etc - if you don't have the political clout to say
"This Machine WIll Be Locked Down", the users tend to get irritated with
lockdown schemes when they interfere with what the user wants to do with the
machine, even when it's "for their own good". I seem to recall that the
first iteration of UAC was a *lot* more secure, but Microsoft had to tone it
down a bunch due to user complaints...