Thread: Access to drive only with USB stick

  1. #16
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,195
    use a USB dongle for security. much easier to keep users from simply copying the files. Personally I prefer KEYLOK

  2. #17
    Registered User
    Join Date
    Feb 2009
    Posts
    93
    Hi,

    Ive seen these mentioned. Ive read through the website and I dont really understand what this USB drive offers, is it just a standard USB drive with added security?

    My files amount to about 250GB's worth so that rules out USB, instead using the USB to simply unlock access to the storage hd.

  3. #18
    Guest Sebastiani's Avatar
    Join Date
    Aug 2001
    Location
    Waterloo, Texas
    Posts
    5,708
    Just a random thought - couldn't someone simply take the drive and connect it to another computer to access the files?

  4. #19
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,195
    Its not a USB 'drive', its a security dongle. It prevents your software from being run on systems that don't have a dongle installed. They are about $20-30 USD ea, depending on the model, so it's really only for protecting high value software. Like all copy protection it won't stand up to a concerted reverse engineering effort, but its certainly more secure than media based copy protection, and far less intrusive.

  5. #20
    Registered User
    Join Date
    Feb 2009
    Posts
    93
    Hi.

    My computer is locked with a padlock so people wouldnt be able to take out the harddrive without taking a power drill to it. This isnt really designed to be a bulletproof counter measure, just stop people that hop onto my computer from accessing my files without the need for two accounts.

    In regards to the security dongle, it sounds pretty interesting. Ive been looking on the website but I cant see if there is an ability to lock files as well as programs. Are these dongles capable of doing this as well?

    Id still like to make the system myself however, so if anyone can tell me how they would consider making a folder or drive "locked" i would really appreciate it.

  6. #21
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,195
    No basically you add code to your application that checks for the presence of the dongle. Each dongle has a unique serial number and company specific access codes for different access levels (present, read, write). There is a small amount of on dongle NV-RAM for storing critical values. SO basically your application can check that the dongle is present, read data from the dongle, and potentially update the data as well depending on your security needs. 99% of the time you just need to check that the dongle is present. Each level of access requires different company specific codes, so you only have to enable the functionality you desire. i.e. even if they reverse engineer your application they cant get the write codes if your application only uses the present and read codes. The codes are 48 bit, but the dongles have a 250ms timeout after each attempt. There is no warm up period, i.e. the first attempt is nearly instant. I have a commercial (non-free) dongle class that makes it easier to access and improves security over the boilerplate examples.
    Last edited by abachler; 08-18-2009 at 07:53 AM.

  7. #22
    Guest Sebastiani's Avatar
    Join Date
    Aug 2001
    Location
    Waterloo, Texas
    Posts
    5,708
    My computer is locked with a padlock so people wouldnt be able to take out the harddrive without taking a power drill to it. This isnt really designed to be a bulletproof counter measure, just stop people that hop onto my computer from accessing my files without the need for two accounts.
    Sorry, I was confused.

  8. #23
    Registered User
    Join Date
    Apr 2004
    Posts
    210
    Use TrueCrypt and put the keyfile on the stick. It's free, secure and opensource.
    main() { int O[!0<<~-!0]; (!0<<!0)[O]+= ~0 +~(!0|!0<<!0); printf("a function calling "); }

  9. #24
    Registered User
    Join Date
    Feb 2009
    Posts
    93
    Hi.

    Ive looked into truecrypt a little more and it does seem perfect for my application, i think ill work with that.

    I do just have one more note though, ive found a bat script online which actually works quite well at blocking access to a folder under vista. The code is posted below, is it wise to use something like this or is it a very bad way of doing things just out of interest:

    Code:
    cls
    @ECHO OFF
    title Folder Personal
    if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
    if NOT EXIST Personal goto MDLOCKER
    :CONFIRM
    echo Are you sure u want to lock the folder(Y/N)
    set/p "cho=>"
    if %cho%==Y goto LOCK
    if %cho%==y goto LOCK
    if %cho%==n goto END
    if %cho%==N goto END
    echo Invalid choice.
    goto CONFIRM
    :LOCK
    ren Personal "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
    attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
    echo Folder locked
    goto End
    :UNLOCK
    echo Enter password to Unlock folder
    set /p "pass=>"
    if NOT %pass%==password goto FAIL
    attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
    ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Personal
    echo Folder unlocked successfully
    goto End
    :FAIL
    echo Invalid password 
    goto UNLOCK2
    :FAIL2
    echo Invalid password
    goto end
    :MDLOCKER
    md Personal
    echo Folder created successfully
    goto End
    :UNLOCK2
    echo Last chance to enter correct password to unlock folder
    set /p "pass=>"
    if not %pass%==password goto FAIL2
    attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
    ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Personal
    echo Folder unlocked successfully
    :End

  10. #25
    'Allo, 'Allo, Allo
    Join Date
    Apr 2008
    Posts
    639
    Terrible. All it does it stop you clicking into it via explorer. It's not hidden or locked in any way, for instance...

    Code:
    C:\scratch>md test
    
    C:\scratch>ren test "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
    
    C:\scratch>attrib +s +h "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
    
    // folder is hidden, hooray
    C:\scratch>dir
     Volume in drive C has no label.
     Volume Serial Number is 942A-D4F1
    
     Directory of C:\scratch
    
    18/08/2009  20:50       <DIR>          .
    18/08/2009  20:50       <DIR>          ..
                   0 File(s)              0 bytes
                   2 Dir(s)   3,095,744,512 bytes free
    
    C:\scratch>cd "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
    
    // we can still access the directory, and create files too
    C:\scratch\Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}>copy con test.txt
    All up in your hizzle fo'shizzle
    ^Z
            1 file(s) copied.
    
    C:\scratch\Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}>cd ../
    
    // check it's still invisible
    C:\scratch>dir
     Volume in drive C has no label.
     Volume Serial Number is 942A-D4F1
    
     Directory of C:\scratch
    
    18/08/2009  20:50       <DIR>          .
    18/08/2009  20:50       <DIR>          ..
                   0 File(s)              0 bytes
                   2 Dir(s)   3,095,744,512 bytes free
    
    // reading files is also no problem
    C:\scratch>type "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}\test.txt"
    All up in your hizzle fo'shizzle
    
    // and it's visible via dir if you include hidden system files
    C:\scratch>dir /A HS *
     Volume in drive C has no label.
     Volume Serial Number is 942A-D4F1
    
     Directory of C:\scratch
    
    
     Directory of C:\scratch
    
    18/08/2009  20:50       <DIR>          .
    18/08/2009  20:50       <DIR>          ..
    18/08/2009  20:51       <DIR>          Control Panel.{21EC2020-3AEA-1069-A2DD-08
    002B30309D}
                   0 File(s)              0 bytes
                   3 Dir(s)   3,095,744,512 bytes free
    Like most security which is obfuscationally based, it inconveniences users for little or no actual protection. If you want to stop people clicking into the folder then I suppose it'll fool a few people, but you'll have to do it quite far up the directory tree since you can only use it on one folder per level.
    Last edited by adeyblue; 08-18-2009 at 02:19 PM.

  11. #26
    Registered User
    Join Date
    Feb 2009
    Posts
    93
    Thank you for much for explaining that to me. Im going down the truecrypt route now. Thank you again for everyones help.

  12. #27
    Registered User
    Join Date
    Aug 2009
    Posts
    1
    Thanks for the suggestion, I wish it had worked.


    taux demande pret personnel en ligne credit simulation Faire un pret immobilier en ligne avec un bon credittaux demande pret personnel en ligne credit simulation

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Extracting data from a laptop hard drive
    By DavidP in forum Tech Board
    Replies: 6
    Last Post: 06-13-2009, 07:02 AM
  2. Booting through USB sticks
    By kris.c in forum Tech Board
    Replies: 5
    Last Post: 05-27-2007, 01:55 AM
  3. Sounds and Audio Decoding/ Drive Access
    By coldfusion244 in forum Windows Programming
    Replies: 4
    Last Post: 03-03-2005, 02:50 PM
  4. Frequent hard drive access question
    By Xzyx987X in forum Windows Programming
    Replies: 2
    Last Post: 04-27-2004, 10:47 PM
  5. changing drive letter gaining access to a network
    By zornedge in forum A Brief History of Cprogramming.com
    Replies: 2
    Last Post: 11-29-2001, 10:57 AM