[adn258]

So I am working On a Project that is coming along ok which involves an arming device for my computer which will go well with True Crypt. Being that I use system wide encryption with True Crypt Essentially it encrypts the entire OS automatically on shutdown and un-encrypts it from the boot loader. This all sounds great but I noticed one flaw.

Pretend I need to leave my machine on because I'm at a coffee shop and someone is supposed to be watching it until I get back or pretend I am leaving it on at home because it's downloading etc. etc. The computer is wide open for an attacker to just site down and copy all of your files information etc. and read all your sensitive files and information.

I got this idea. After a certain amount of time based on a timer of no mouse movement etc. the computer goes into arming mode at that point if a user moves the mouse presses a key etc. The computer goes into shutdown mode within like 10 seconds or so unless a pass-code is entered within those 10 seconds the computer shuts down the the information is re encrypted forever. If the code is entered things go back to normal unless the user puts it in armed mode or it can automatically arm itself after like 2 minutes etc.

I would think this would work ok because if you think about it you don't have to worry about someone cracking the password even if it's stored in user settings etc. He or She has 10 seconds to type it in. I'm trying to think of ways hackers might try and bypass this by logging out etc. so I will be working on that. To make it more difficult though it would be nice if there was JUST

a dialog box for a place to enter the pass-code and a confirm pass-code button whereby nothing else could be clicked until the computer either shut down or the user entered the pass-code. IF possible even locking the start menu would would. I could have sworn I have seen dialogs like this that will not let you do ANYTHING like within certain windows programs until you follow the dialog windows. Does anyone have any ideas etc? Is this possible?

[modi123_1]

First off I believe the dialog box you are looking for is "show dialog" and not normal show.. you would also need to over ride the 'lose focus' so it never does.

Second - doesn't locking your computer encompass the same thing as you are asking?
Windows key + L ...
or
start menu -> lock.
or
ctl+alt+delete to the task manager and then lock?

Assuming you have a password and junk already set up..

[tlhIn`toq]

There are numerious USB devices that can do this automatically.
One part is plugged in the computer. The other part on your keychain.
When part b is more than x feet from part a it locks your computer.
It's integrated at the driver/OS level so probably going to be more secure than anything you do in software.

If you are concerned about physical security and anyone just sitting down you need more than just software since that 'anyone' can just reboot your PC. Once they put it in safemode they have your entire system anyway.

[modi123_1]

A free one to dump on a spare flash drive..
http://www.speedapps.com/usbpclock.htm

[adn258]

tlhIn`toq, on 31 October 2011 - 06:46 AM, said:

There are numerious USB devices that can do this automatically.
One part is plugged in the computer. The other part on your keychain.
When part b is more than x feet from part a it locks your computer.
It's integrated at the driver/OS level so probably going to be more secure than anything you do in software.

If you are concerned about physical security and anyone just sitting down you need more than just software since that 'anyone' can just reboot your PC. Once they put it in safemode they have your entire system anyway.

Okay I think a lot of you missed the point; I appreciate the help though. First of all you can't just turn off the computer if you read what I wrote above I'm implementing this with true crypt. Once the machine is shut off everything is encrypted again on then entire hard drive and you CANNOT proceed until the password is typed in at bootup i.e. TC has it's own boot-loader i.e. bootkit; this includes being able to go into safe mode, you need a password for that since EVERYTHING is encrypted and the boot loader key needs to be typed in to start un-encrypting everyone on the the fly in RAM. Locking the computer would be LESS secure in my case when I am using SYSTEM WIDE encryption with True Crypt and all I have to do is have the system shutdown which RE-ENCRYPTS everything. That's why I am working on this. It would be popular with TC users like myself or encryption programs like TC.

This post has been edited by adn258: 31 October 2011 - 01:46 PM

[modi123_1]

Wait.. now I am lost. Does truecrypt currently have this bootloader password and currently encrypts on shut down and reencrypts on start up?

[adn258]

modi123_1, on 31 October 2011 - 01:49 PM, said:

Wait.. now I am lost. Does truecrypt currently have this bootloader password and currently encrypts on shut down and reencrypts on start up?

Yes that's how it works it does this on the fly that's their solution I am implementing sort of my own thing with their program. It's well programmed. There's even an article about how a spy had his laptop seized and not even the FBI has been able to crack his computer; the point is it's very secure I believe and it uses 256 bit AES encryption and if you use system encryption EVERYTHING is encrypted . It's constantly being encrypted and un encrypted through the RAM you'd almost have to go to their site and read up on it. Once you shutdown the computer the small section of memory that was un unencrypted becomes encrypted again and as SOON as you boot up the machine it asks for your password if you don't have it you can't do ANYTHING. The only thing you could do is pop in a windows OS disk and re-install the OS but that wouldn't give you access to the persons old encrypted files. It's open source. The point is all you have to do is make sure the computer shuts down and the "attacker" would have almost a 0 percent chance of ever accessing the data on your system.

So then came my idea. One you type in your password at boot if you get up or anything someone can then use your system obviously: So another program that was designed to shut down the computer if a user didn't know the programs special passcode would work great . In other words I get up to use the restroom and after 2 minutes the computer goes into protection mode if I sit down I have 10 seconds to enter my passcode after I move the mouse or press a key and if I don't it shuts down, if I do then it just exits that window and things are fine. If someone comes to sit down though that shouldn't be using the system it would shut down and True Crypt would handle the rest of the problem.

This post has been edited by adn258: 31 October 2011 - 02:03 PM

[tlhIn`toq]

So if it decrypts the HDD on startup, and you have a large drive it should take quite a long time.

If it decrypts on startup, and I yank the power instead of doing a polite shut down then the HDD is decrypted at that time. I could then remove the drive and install it as a second drive on another system.

[adn258]

tlhIn`toq, on 31 October 2011 - 02:05 PM, said:

So if it decrypts the HDD on startup, and you have a large drive it should take quite a long time.

If it decrypts on startup, and I yank the power instead of doing a polite shut down then the HDD is decrypted at that time. I could then remove the drive and install it as a second drive on another system.

You can read TC's site as soon as power is lost it's also re encrypted too lol, and best as I understand it only a small portion of what's being read currently is un encrypted and kept in memory you can read the science behind it but it works fine. Most of it is done in RAM very quickly and it takes only a small amount of extra time to boot the computer. Otherwise nobody would use TC. Also the encryption keys are kept in memory RAM and removed obviously when you power off. It is true as TC admits that the RAM can be read for the key a SHORT period of time after the computer is shutdown or the power is lost.

You'd need special tools and all kinds of things that are not even worth my time worrying about. I'm worried about my past customers receipts tax returns etc. and the data bug thief that could get my laptop. Once it shuts down I don't think they would have a chance.

This post has been edited by adn258: 31 October 2011 - 06:04 PM

[tlhIn`toq]

Then it is not decrypting the drive on start, and decrypting on shutdown - as you said.

Its important to keep the details straight on complex matters like this.

All drives have a read-ahead buffer, and most OSes do something similar. It sounds like TC might be acting as the hard disc driver and doing its encryption/decription as it reads/writes data.

[adn258]

tlhIn`toq, on 01 November 2011 - 06:08 AM, said:

Then it is not decrypting the drive on start, and decrypting on shutdown - as you said.

Its important to keep the details straight on complex matters like this.

All drives have a read-ahead buffer, and most OSes do something similar. It sounds like TC might be acting as the hard disc driver and doing its encryption/decription as it reads/writes data.

Yes that's correct sorry I'm bad with explaining things like that but yes. As soon as power is cut for practical purposes your information is protected. The question I'm having is making this program correctly to detect user interaction lol and giving the user like 10 seconds to enter a pass code whilst the machine shuts off and you already know what that does. Using something like

using (Form ShowCodeDiag = new Form2())
{
Form2.Showdialog();

}

This works and all that fine stuff but it doesn't LOCK anything the user can click the start menu etc. Perhaps it's NOT possible to lock everything but something that is close would sure help. Any ideas? The only thing that should be running is that password dialog and when the pass is entered everything runs fine but if it isn't entered in 10 seconds the comp is shutdown which as you know with TC protects everything.

[adn258]

So I'm still trying to figure out the schematics of this program and how to implement it lol....hmm

[tlhIn`toq]

Hence the reason the job is called "Software Engineer".

You *must* engineer your software. Create a real design/blueprint/plan... Before you can sit down and type. Coding is relatively easy. Its the engineering that is often the time consuming, but MOST vital part.

This post has been edited by tlhIn`toq: 05 November 2011 - 06:32 AM

[Serendipitus]

adn258, on 03 November 2011 - 05:14 PM, said:

So I'm still trying to figure out the schematics of this program and how to implement it lol....hmm

You could try creating a windows form and removing the border and setting it to fullscreen. This will block the screen, however, you can still use the window key or another shortcut to get out of it. To stop that you would need a keyboard hook and catch those commands to stop them. Just google keyboard hook and you should find one. I used one on an earlier project that worked just fine. I cannot find the source otherwise I would have posted it. Good luck!

[adn258]

Alright yes that's pretty much where the project is aiming from here. Thank You.

This post has been edited by tlhIn`toq: 05 November 2011 - 06:32 AM
Reason for edit:: No need to quote the entire immediately preceding post