Re: A question about USB Storage.

From: Eugene Nine (enine_at_ninefamily.com)
Date: 08/03/05

  • Next message: Jared Lyvers: "stop audio streams"
    To: security-basics@securityfocus.com
    Date: Tue, 2 Aug 2005 18:52:23 -0400
    
    

    On Tuesday 02 August 2005 01:07 am, Carlos Manuel de La Concha Canedo wrote:
    > Dear List Members,
    >
    > I have been reading threads recently about recovering temporary data such
    > as swap file, temp files, et al.
    > If the information in the swap file and other system temporal files its so
    > important ¿why don´t put it in a usb device?
    > With a usb capacity of about 4 GB it could be a solution (and an added
    > complication) for the security of such files.
    >
    Listing 4G sounds liek your talking about a flash device. This will cause a
    large performance hit. First of all USB is slower than IDE or SATA so if its
    flash or not it will still be slower than an internal drive. If its flash it
    will be even slower as flash has a longer write time than hard disks. Size
    would be another issue, add up a couple G in swap, then your web browser
    cache and you run out of 4G pretty quick.

    > It´s possible to do it? In windows? In linux? In Freebsd?
    >
    Its possible. Windows wants to write to a lot more than just swap or temp,
    you will have to make a lot of registry modifications and/or use a tool such
    as Windows Embedded to make it work half way decent.
    Linux/BSD its pretty easy to move and symlink.

    > I think that the sistem could include a function to erase the usb device at
    > logoff or shutdown, besides, could you prove that
    > A specific usb device was used in a specific computer?
    >

    Why not flip it the other way around. Run your OS from Read only flash and
    store everything you need in RAM. This is pretty easy with the Linux/BSD
    OS's I hacked together a little system running out of flash in one evening
    with only a few months of ever playing with Linux. Windows you can use an
    embedded tookkit and make it mostly work that way.
    This way when you power off the system all your "history" is lost since it was
    in RAM.

    > Thanks for your attention
    >
    >
    > Ing. Carlos Manuel De La Concha Canedo
    > ofeyNET
    > Clavelinas 257-1
    > Colonia Nueva Santa María
    > 02800, Azcapotzalco, Distrito Federal, México
    >
    > "Cuando se siente herida, la ostra...
    > hace una perla."
    > Anónimo


  • Next message: Jared Lyvers: "stop audio streams"