Educause Security Discussion mailing list archives
Re: Virus/Trojan/Worm in the Dorms
From: Dennis Meharchand <dennis () VALTX COM>
Date: Sat, 3 Sep 2011 00:53:49 -0400
I'll bite - how does it deal with disks that have only one partition
defined, so user files are on C: as well? We do need a separate Data partition in which the My Documents/User Folders are stored. So our system is using unallocated space to create a hidden "Change" partition which is temporarily superimposed/combined with the secure partition to form the C: Drive - it also uses any unallocated space to create a hidden Data Drive which is not visible to the OS until opened with a password or USB authentication key.
That's *always* been the tough part with "lock it down", especially for
student machines, and other machines not owned by the university/corporation/etc - if you don't have the political clout to say "This Machine WIll Be Locked Down", the users tend to get irritated with lockdown schemes when they interfere with what the user wants to do with the machine, even when it's "for their own good". We will be addressing this in marketing to end users - in test market retail stores 95% of customers chose to install
I seem to recall that the first iteration of UAC was a *lot* more secure,
but Microsoft had to tone it down a bunch due to user complaints... Microsoft were test marketing a competitive XP solution in Asia - we believe they withdrew when they became aware that Valt.X had the patents in this area - our thinking is that they did not want to risk a patent fight over Windows 7 Dennis Meharchand CEO, Valt.X Technologies Inc. Cell: 416-618-4622 Email: dennis () valtx com Web: www.valtx.com -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valdis Kletnieks Sent: September 2, 2011 11:23 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Virus/Trojan/Worm in the Dorms On Fri, 02 Sep 2011 20:35:27 EDT, Dennis Meharchand said:
It locks down the C: Drive so any attempted malware infection gets deflected and eliminated with a simple reboot.
I'll bite - how does it deal with disks that have only one partition defined, so user files are on C: as well? The tricky part is when the user manages to drop an executable into their "My Documents" folder - it's *really* hard to tell the difference between a binary a user wanted to install and one they accidentally install... That's *always* been the tough part with "lock it down", especially for student machines, and other machines not owned by the university/corporation/etc - if you don't have the political clout to say "This Machine WIll Be Locked Down", the users tend to get irritated with lockdown schemes when they interfere with what the user wants to do with the machine, even when it's "for their own good". I seem to recall that the first iteration of UAC was a *lot* more secure, but Microsoft had to tone it down a bunch due to user complaints...
Current thread:
- Re: Virus/Trojan/Worm in the Dorms Hendra Hendrawan (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Dennis Meharchand (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Jacobson, Dick (Sep 05)
- <Possible follow-ups>
- Virus/Trojan/Worm in the Dorms Allen Wood (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Nick Kartsioukas (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Dennis Meharchand (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Valdis Kletnieks (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Dennis Meharchand (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Kris Monroe (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Flynn, Gary - flynngn (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Flynn, Gary - flynngn (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Renaud, Robert (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Kevin Wilcox (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms Dennis Meharchand (Sep 05)
- Re: Virus/Trojan/Worm in the Dorms James R. Pardonek (Sep 06)
- Re: Virus/Trojan/Worm in the Dorms Eric C. Lukens (Sep 06)
- Re: Virus/Trojan/Worm in the Dorms Jeff Kell (Sep 06)