secure data export
Orna Agmon Ben-Yehuda
ladypine at gmail.com
Fri Jun 24 00:35:16 IDT 2011
Hello all security experts,
I would like to export data from a machine on a business's internal network
on a safe media, such that only the files I want exported are on the media.
Specifically, I consider the possibility that the machine may already be
infected by a malware which adds business-sensitive data to all outgoing
media, and would like to defend against such a theoretical malware. The
question may be limited to text files.
Things already considered:
*The media is a CD, which will be written and then finalized. No USB
devices.
*An artificial file will be added to the data file, to fill the media as
much as possible. This, however, leaves a part of the disk capacity unused -
the part used for the structure table (what used to be FAT), which is a
place where additional data can hide.
*The CD will be read in two different machines, with two different operating
systems. One of the systems will be a bootable linux disk, to preserve its
(hopefully) initial not-infected status. The listing of files will be
performed including hidden files (ls -la in Linux). The person who wrote the
files will read them, to verify they contain the correct information.
Questions:
What else should I do?
What about a malware compressing the data, using the extra space for
additional data?
If I compress the data to avoid further compression, how can the person
verify it contains exactly what it should?
What can I not defend against?
Are such malware as I imagine known? For Linux? Windows?
Thanks for considering the problem,
--
Orna Agmon Ben-Yehuda.
http://ladypine.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20110624/de7f2bab/attachment.html>
More information about the Linux-il
mailing list