Security Basics mailing list archives

Re: A question about USB Storage.

From: Florian Streck <streck () papafloh de>
Date: Tue, 2 Aug 2005 18:20:36 +0200

Hello,

I'm not sure if this is really a better solution.
The Problems I see are:
- when the device is used it's the same as with temp/swap files on a
  disk.
- when it's not used someone could find a usb-stick lying around ...

Using Linux I think it's very easy to implement.
And if you delete the data on the usb-device before logoff, you could
also do this to your temporary files or the swap-area. And with an
usb-device you have the complication that you can't be sure that the
data was erased. Perhaps you pulled it out a little to fast ...

I'd prefer to put such important temporary data on an encrypted
filesystem. But the solution I'm using right now has the disadvantage
that after I mounted that filesystem everyone with root-privileges can
read it. My workaround is to only use it on a system were no one but me
has access. But the why encrypt that stuff if I'm the only user?
If someone on this list has a solution for my dilemma I'd be very
thankful.


Florian Streck


On Tue, Aug 02, 2005 at 12:07:54AM -0500, Carlos Manuel de La Concha Canedo wrote:

Dear List Members,

I have been reading threads recently about recovering temporary data such as
swap file, temp files, et al.
If the information in the swap file and other system temporal files its so
important ¿why don?t put it in a usb device?
With a usb capacity of about 4 GB it could be a solution (and an added
complication) for the security of such files.

It?s possible to do it? In windows? In linux? In Freebsd?

I think that the sistem could include a function to erase the usb device at
logoff or shutdown, besides, could you prove that
A specific usb device was used in a specific computer?

Thanks for your attention


Ing. Carlos Manuel De La Concha Canedo
ofeyNET
Clavelinas 257-1 
Colonia Nueva Santa María
02800, Azcapotzalco, Distrito Federal, México

"Cuando se siente herida, la ostra...
hace una perla."
Anónimo

-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.338 / Virus Database: 267.9.7/60 - Release Date: 28/07/2005

Attachment: _bin
Description:

Current thread:

A question about USB Storage. Carlos Manuel de La Concha Canedo (Aug 02)
- Re: A question about USB Storage. Florian Streck (Aug 03)
- RE: A question about USB Storage. Burton Strauss (Aug 03)
- Re: A question about USB Storage. Eugene Nine (Aug 03)
- Re: A question about USB Storage. Alexander Klimov (Aug 03)
- <Possible follow-ups>
- Re: A question about USB Storage. Doug . Janelle (Aug 03)