|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/ap.belleisle/INFOSEC/ |
Upload File : |
<HTML> <HEAD> <TITLE>DATA PRIVACY with Your Windows� Open</TITLE> <META NAME="description" CONTENT="Cerberus Systems, Inc. develops, manufactures and markets Windows� cryptosystems designed to meet or exceed level 1 of FIPS PUB 140-1 with DOD 5220.22-M disk data recovery countermeasures."> <META NAME="keywords" CONTENT="ANSI X9.17, computer security, cryptosystem, data privacy, DOD 5220.22-M, encryption, file wiping, FIPS 140-1, forensic software, INFOSEC, sanitizing, security leaks, secure deletion, security software, triple-DES, zeroizing, Windows�."> </HEAD> <BODY TOPMARGIN="0" LEFTMARGIN="0" MARGINWIDTH="0" MARGINHEIGHT="0" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#009966" ALINK="#FF0000" VLINK="#009966"> <BASEFONT SIZE=2 FACE="Arial,Helv,Helvetica"> <TABLE ALIGN=LEFT BORDER=0 CELLSPACING=0 CELLBORDER=0 CELLPADDING=12 WIDTH=640> <TR> <!-- LEFT MARGIN STRIP --> <TD BGCOLOR="#336666" ALIGN=CENTER VALIGN=TOP> <FONT SIZE=1> <a href="../default.htm"><IMG SRC="images/web_icon.gif" ALT="CERBERUS HOME ICON" WIDTH=72 HEIGHT=72 BORDER=0 VSPACE=2><br><b><i>CERBERUS</i></b></a> <P><a href="index.htm""><IMG SRC="images/needs.gif" ALT="THE NEED" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="privacy.htm"><FONT COLOR="#00CC99">Vulnerabilities</FONT></a> <a href="threats.htm">Threats</a> <a href="forensic.htm">Countermeasures</a> <P><a href="products/index.htm""><IMG SRC="images/products.gif" ALT="PRODUCTS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="products/docusec.htm">Document Security</a> <P><a href="stds/index.htm"><IMG SRC="images/standard.gif" ALT="STANDARDS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="stds/fip140-1.htm">FIPS PUB 140-1</a><br> <a href="stds/sanitize.htm">DOD 5220.22-M</a><br> <a href="stds/ncsctg25.htm">NCSC TG-25</a> <br> <a href="stds/fip81.htm">FIPS PUB 81</a> <br> <a href="stds/fip180-1.htm">FIPS PUB 180-1</a><br> <a href="stds/d520028.htm">DOD 5200.28-STD</a><br> <P><a href="tutorial/index.htm"><IMG SRC="images/tutorial.gif" ALT="TUTORIALS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="tutorial/winfosec.htm">INFOSEC</a><br> <a href="tutorial/keys.htm">Cryptosystems</a><br> <a href="tutorial/phrases.htm">Passphrases</a><br> <a href="tutorial/leaks.htm">Windows� Leaks</a><br> <a href="tutorial/system.htm">System Settings</a> <P><a href="download/index.htm"><IMG SRC="images/download.gif" ALT="DOWNLOADS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <P><HR WIDTH=84> <P><a href="mailto:[email protected]">QUESTIONS? <br><IMG SRC="images/email2.gif" ALT="E-MAIL" WIDTH=61 HEIGHT=31 BORDER=0></a><br> <P><br><IMG SRC="./images/amex_ok.gif" ALT="AMEX WELCOME" WIDTH=51 HEIGHT=68 BORDER=0> </FONT> </TD> <!-- END LEFT MARGIN STRIP --> <!-- MAIN SECTION --> <TD ALIGN=LEFT VALIGN=TOP> <!-- Title Bar --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH=500> <TR><TD> <!-- Right-justified Logotype --> <TABLE ALIGN=RIGHT BORDER=0 CELLSPACING=0 CELLPADDING=0> <TR><TD><FONT COLOR="#006633" SIZE=3><B><I>CERBERUS <FONT SIZE=1>SYSTEMS, INC.</FONT></I></B></FONT></TD></TR><TR><TD ALIGN=CENTER><FONT COLOR="#999933" SIZE=1><B><I> <!--forensic software countermeasures--> <!--INFORMATION SECURITY TOOLS--> <!--INFOSEC for Personal Computers--> <!--INFOSEC Products for Windows®--> <!--INFOSEC Tools for PCs & Laptops--> <!--personal information security tools--> Windows®-compatible encryption </I></B></FONT></TD></TR> </TABLE> <!-- End Logotype --> </TD></TR> <TR ALIGN=CENTER><TD WIDTH=490> <!-- Centered Page-Title --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=10> <TR><TD ALIGN=CENTER><FONT COLOR="#CC3300" SIZE=5><B> <!-- Title Text--> DATA PRIVACY<BR> <FONT COLOR="#999933" SIZE=4><i><FONT SIZE=2>WITH<br></FONT>YOUR WINDOWS<sup>®</sup> OPEN</i> <!-- End Title Text --> </B></FONT></TD></TR> </TABLE> <!-- End Page-Title --> </TD></TR></TABLE> <!-- End Title Bar --> <!-- Content --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=506> <TR><TD><FONT SIZE=2> <P>Windows� PCs are like most of our homes - customizable to our tastes, yet offering the cost benefits of mass production. Unfortunately, the architecture of both makes it fundamentally impossible for add-on products to transform either one into a secure <i>system</i> that automatically protects its contents. You can buy strong safes to secure your valuables; and strong encryption can secure your data, <i>unless it's bypassed.</i> <P>Original equipment door locks are easily defeated, like the "encryption" options in non-export-controlled software. You can add high-security locks, but skilled intruders will bypass them by removing the hinges, crushing your door jamb or just cutting through the wall. You can also buy software to encrypt your data with strong ciphers, but many programs you use to work with that data (and Windows�, itself) will leave un-encrypted copies on your hard disk, and <FONT COLOR="#006633"><B><i>intruders will bypass the encryption</i></B></FONT>. <P>These "temporary" copies of your sensitive data have been <i>deleted</i> and are invisible to Windows� (and to DOS), but can be recovered with <i>forensic software,</i> whether or not you use "access control" software on your PC. (Your <i>disk</i> is "accessed" through a connector that matches the plug on <i>any</i> PC's drive controller cable, not just yours.) <P><HR SIZE=1 WIDTH=50%> <P>Forensic software was developed for computer evidence recovery by law enforcement organizations. It is designed to <BLOCKQUOTE> (1) extract an "image" of an entire hard disk into an evidence file; <BR>(2) allow query-based searching of that evidence file; and <BR>(3) provide an evidentiary custody trail that will withstand court challenges of discovered evidence. </BLOCKQUOTE> <P>These three capabilities are also necessary for <i>electronic discovery</i> in civil litigation. Sued organizations can use it themselves, to control the discovery process. When ordered to turn over relevant computer evidence to a plaintiff, they offer him/her an independently-certified evidence file, to avoid access by outsiders to their systems. <BLOCKQUOTE><FONT SIZE=1 COLOR="#006633"> <B>NOTE: </B> Commercially available examples of such forensic software are <i>DRIVESPY</i> from <a href="http://www.digitalintel.com/"><u>Digital Intelligence</u></a>, <i>EnCase</i> from <a href="http://www.guidancesoftware.com/"><u>Guidance Software</u></a> and <i>Expert Witness</i> from <a href="http://www.asrdata.com"><u>ASR Data</u></a>. Recommended procedural standards for the application of forensic software in law enforcement are published by the International Association of Computer Investigative Specialists ( <a href="http://www.cops.org/procedure.html"><u>IACIS</u></a> ). An overview of the process of lawful <i>Electronic Discovery</i> for civil litigation is available at the U. Buffalo School of Law's <a href="http://wings.buffalo.edu/Complaw/CompLawPapers/printup.html"><u>Computers and Law</u></a> web-site.</FONT></BLOCKQUOTE> <P>The evidentiary custody trail capabilities are of less interest to criminals, but can be useful in proving to clients the authenticity of the fruits of contracted espionage. <P>Some versions include a capture utility diskette, run on a seized computer from the DOS prompt, and using the same kinds of sector-level disk reading functions found in disk utilities software. Others are integrated Windows packages designed to avoid possible "booby traps" on the seized machine by running on an evidence computer that is connected to the disk controller connector of the seized computer's disk. <P>Any professional quality forensic software will include the capability to gather into the evidence file sensitive plaintext from <BLOCKQUOTE> (1) <i>disk slack</i> (unallocated clusters of sectors previously allocated to <i>deleted</i> files, such as <i>TEMP</i> files, and not yet overwritten by new files); <BR>(2) <i>file slack</i> (the tail of the last cluster occupied by a file too short to have overwritten all the sensitive data left by a previous file); <BR>(3) the <i>swapfile</i> used by Windows� virtual memory management; <BR>(4) <i>boot sector slack</i> (the tail of sector zero, the boot sector); and <BR>(5) <i>partition slack</i> (the remainder of track zero beyond sector zero). </BLOCKQUOTE> with the latter two areas being unused by DOS or Windows� applications, but sometimes considered a clever hiding place by naive hackers. <P>Some also include the capability to search the slack space in the compound files of applications such as MS Word� and MS Excel�, although simple text editors such as Notepad� can directly read any sensitive text from <i>deleted</i> files which has been scavanged into such <i>OLE container slack</i>. <P><HR SIZE=1 WIDTH=50%> <P>Commercially available forensic software has spread far beyond the law enforcement community. Consequently, specific countermeasures against software-based disk data recovery attacks are essential to the cryptographic protection of data stored on Windows� PCs and laptops. Misapplying e-mail encryption software in an attempt at file storage security is far worse than no encryption at all - it's an INFOSEC placebo. <P>Whether the combination of strong encryption and forensic software countermeasures is necessary and sufficient for the protection of <i>your</i> data, depends on your particular <FONT COLOR="#999933"><b><i>INFOSEC threat profile</i></b></FONT> <a href="threats.htm"><IMG SRC="images/web_next.gif" BORDER=0></a> </FONT></TD></TR> </TABLE> <!-- End Content ---> <!-- Standard Footer ---> <CENTER> <P><BR> <FONT SIZE=2 COLOR="#006633"><B><i> Cerberus Systems, Inc. develops, manufactures and markets<BR> software cryptosystems designed to level 1 of FIPS PUB 140-1<BR> with DOD 5220.22-M disk data recovery countermeasures. </i></B></FONT> <P><HR SIZE=1> <FONT SIZE=1 COLOR="#CC3300"> The Cerberus logo and the <i>...Security Manager</i> product names are trademarks of Cerberus Systems, Inc.<BR> © Copyright 1997-99, all rights reserved. </FONT> <HR SIZE=1> </CENTER> <!--- End Standard Footer ---> </TD> <!-- END MAIN SECTION --> <!-- PADDING CELL --> <TD> <!-- right margin = 2 x cellpadding --> </TD> <!-- END PADDING CELL --> </TR> </TABLE> </BODY> </HTML>