Path: utzoo!attcan!uunet!lll-winken!lll-tis!ames!mailrus!tut.cis.ohio-state.edu!bloom-beacon!spdcc!ima!johnl
From: johnl@ima.ima.isc.com (John R. Levine)
Newsgroups: comp.sys.ibm.pc
Subject: Re: Hands Off The Program?
Message-ID: <2660@ima.ima.isc.com>
Date: 19 Sep 88 23:17:28 GMT
References: <36300027@iuvax>
Reply-To: johnl@ima.UUCP (John R. Levine)
Distribution: na
Organization: Not much
Lines: 27

In article <36300027@iuvax> bose@iuvax.cs.indiana.edu writes:
>
>There is a program advertized on the back of PCMag called:
>"hands of the program".  It is a software based system that prevents
>unauthorized access to the hard disk.  Does anyone have any experience with
>this software?

I haven't seen this particular one, but programs like this for DOS are rarely
very useful. Some of them try to wrap code around various software interrupts
to disallow access to files that you aren't supposed to be able to change. If
you boot from your own floppy, though, you can wallop any file you want.
Sometimes they don't even wrap the low-level interrupts so a program like
Norton Utilities that uses the low level calls will bypass the protection.

Perhaps it fiddles the organization of the disk, or somehow scrambles or
encrypts data. In that case, as soon as the disk gets a little bit messed up
you lose, since neither chkdsk nor any of the disk doctor programs know
anything about the fiddled or scrambled format.

A good rule of thumb is that if a user has physical access to the data, he has
logical access. Generally, you have to depend on non-technical means to get
any meaningful protection. You can always use technical schemes to make it
hard to accidentally (or deliberately) tamper with data, but a determined user
with physical access to the hardware can defeat such schemes.
-- 
John R. Levine, IECC, PO Box 349, Cambridge MA 02238-0349, +1 617 492 3869
{ bbn | think | decvax | harvard | yale }!ima!johnl, Levine@YALE.something
Rome fell, Babylon fell, Scarsdale will have its turn.  -G. B. Shaw