From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,FREEMAIL_FROM, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,85034d1ac78a66eb X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2002-03-01 20:05:11 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!elk.ncren.net!nntp.upenn.edu!msunews!not-for-mail From: "Chad R. Meiners" Newsgroups: comp.lang.ada Subject: Re: Ada Operating System Date: Fri, 1 Mar 2002 23:01:17 -0500 Organization: Michigan State University Message-ID: References: <3C7CC36F.FF6848C8@disca.upv.es> <3C7E3C70.665A2687@despammed.com> <3C7E4DE6.F184C408@cfmu.eurocontrol.be> <3C7E6E48.2000402@users.sf.net> Reply-To: "Chad R. Meiners" NNTP-Posting-Host: arctic.cse.msu.edu X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Xref: archiver1.google.com comp.lang.ada:20687 Date: 2002-03-01T23:01:17-05:00 List-Id: NTFS supports encrypting sensitive files. So of course MS does not believe that a propriety disk format is inherently secure! "Dave Poirier" wrote in message news:3C7E6E48.2000402@users.sf.net... > chris.danx wrote: > > "Ian Wild" wrote in message > > news:3C7E4DE6.F184C408@cfmu.eurocontrol.be... > > > >>"chris.danx" wrote: > >> > >> > >>>Joking aside... you could violate NTFS integrity and its security model, > >>> > > so > > > >>>it's probably not a good idea especially if the program was boot from a > >>>floppy. > >>> > >>What sort of "security model" is predicated on the > >>bad guys not having a bootable floppy? > >> > > > > I don't understand exactly what your asking, but if you mean what security > > model does NTFS have when someone boots from a floppy, then none -- it's > > just a bunch of ones and zeros on a disk. NTFS security model has to be > > enforced by the operating system in some manner, so an OS has to be present > > to ensure the 'correctness' of the FS and enforce security. The point was > > that NTFS and windows have a security model which would be circumvented by > > such a program, hence it's probably not a good idea to write such a program. > > The integrity of the NTFS volume could be compromised and the users' data no > > longer secure (as secure as the OS allows). > > > > > > Chris.0 > > 00000 > > This seems to be the only technique Microsoft knows, Security by > obstruction. They seriously believe that by hiding the "how" you do it, > you will make your file system secure. If they would even give it some > serious thought they would know the only way to be secure on the long > run is to use encryption. Using a proper algorithm they could give away > the algorithm as well as the exact details of how the files are stored > on disk, after all it would just make it easier to create recovery tools. > >