SecureTrayUtil

Contents

• Description
• Features
• Download
• Installation
• Upgrading from a previous version
  
• Notes
• Hardware Self-Destruct Trigger
• Triggering Self Destruct via the Internet
• Command line options
• TODO List
• Known Bugs
• Credits
• Appendix A: Version History
• Appendix B: Securely Deleting Registry Entries
• Appendix C: Details of the Keyboard Entry Dialog for Passwords
• Appendix D: OTFE System Compatibility
• Appendix E: PGP Public Key

Description

Also incorporates self-destruct facilities for sensitive material, triggerable by hotkey, easily-built serial connector or secure Internet connection.

Runs under MS Windows 95/98/Me/NT/2000/XP and has optional shell integration.

Screenshots of SecureTrayUtil are available.

Please email any bug reports, feature requests, comments, etc to me at sdean12@softhome.net

The latest version (as of 17th October 2005) is v3.95.0.

The latest version is always available at: http://www.SDean12.org/SecureTrayUtil.htm

Features

• Support for several On-The-Fly Encryption (OTFE) systems:
• FreeOTFE
• BestCrypt
• CrossCrypt
• E4M
• PGPDisk
• ScramDisk
• TrueCrypt
  
• OTFE support allows user definable programs to be executed on mount/dismount
• Removes BestCrypt's inability to use BestCrypt volume files stored within subdirectories
• Can compute the MD2, MD4, MD5, SHA, SHA-1, SHA-256, SHA-384, SHA-512, RIPEMD-128, RIPEMD-160, RIPEMD-256, RIPEMD-320, Tiger and GOST R 34.11-94 hash digests of any file (can optionally be configured as a shell extension)
• Sits in the tasktray for convenience
• Rapid use of security features by rightclicking a tasktray icon
• Can be used on it's own for hotkey destruction of sensitive files, or used in conjunction with ScramDisk
• Fast access to the most used OTFE functions such as mounting/dismounting volumes and viewing volume info
• Ability to mount volumes (including ScramDisk volumes) as read-only
• Details of encrypted volume files mounted
• Hotkey dismounting of encrypted volumes
• File shredder (Gutmann or pseudorandom passes)
• Ability to shred free space (including slack) on your HDD (Gutmann or pseudorandom passes)
• "Self-destruct" functionality:
• Ability to destroy sensitive files and/or any encrypted volumes mounted upon pressing a user defined hotkey ("self-destruct"!)
• Ability to destroy sensitive files and/or any encrypted volumes mounted upon activation of a trigger switch connected to a serial port
• Ability to destroy sensitive files and/or any encrypted volumes mounted upon receiving a connection via the internet that is authenticated correctly
• Ability to delete registry entries automatically
• On "self-destruct", the system clock is changed for security reasons
• When used under NT, SecureTrayUtil has the capability of enabling NT's pagefile overwrite-on shutdown facility (see Microsoft knowledgebase article Q182086: How to Clear the Windows NT Paging File at Shutdown)
• Keyboard dialog to allow users to enter their passwords by clicking onscreen letters with a mouse instead of using the keyboard (ScramDisk support only; this functionality is available as Delphi Component that can be downloaded with the source code)
• Runs under MS Windows 95/98/Me/NT/2000/XP
• Source code freely available for download
• Does not make any entries in the registry (unless specifically requested to). Configuration is held in an easily destroyed ".ini" file
• Ability to "touch" user selected files date/timestamps on startup/exit/regular intervals
• Search for encrypted volume files functionality
• ...And more!

Download

Download source code for the above stable version (see also SDeanComponents to download the OTFE, etc components required to compile this software)

Hashes and PGP signatures of the SecureTrayUtil software, as downloaded, are available here

A beta version of the development version of SecureTrayUtil (v3.96.0) can also be downloaded. Note: This link may not work. If it doesn't, and you can download the stable version, a beta version of the next version has not yet been released. The beta version is unsupported, but please feel free to email me if you have any comments on it.

Installation

To install SecureTrayUtil, simply unzip the release into a directory of your choosing and create shortcuts (if required) to "SecureTrayUtil.exe".

Then, launch "SecureTrayUtil.exe" to run.

Upgrading from a Previous Version

1. Please launch your old version of SecureTrayUtil and disable all shell extensions
2. Exit SecureTrayUtil
3. Overwrite your existing SecureTrayUtil installation with the files contained in this release
4. Launch the new version of SecureTrayUtil and reenable any shell extensions that you disabled in step 1

Notes

• Please, do read the documentation in this file before emailing me! I know it's not much, and only really covers the basics, but...
• Pretty much everything in SecureTrayUtil works as it seems, so I won't go into too much detail as to how everything works. Besides, who reads manuals anyway? ;) Anything you're not too sure of, just make an educated guess; you'll probably be right!
• To use the OTFE facilities, you must have at least one OTF system installed (BestCrypt, E4M, PGPDisk or ScramDisk). Details of which OTFE systems and versions supported may be found in Appendix D: OTFE System Compatibility
• Internal shredding process:
• Shredding files:
1. For each pass over the file:
1. Create a block of 65536 bytes (64K) (this ensures that under FAT16, where the max cluster size is 32K, all file slack is overwritten) containing random data, or the Gutmann data relevant to the pass if Gutmann shredding is selected.
2. Overwrite file using the block using write-through to get the block onto the disk even through disk caching software. Blocks buffer is also flushed explicitly to disk after each block is written.
2. Rename the file to a garbage filename of equal length, preserving the final ".". This appears to overwrite Windows 95/98 filenames.
3. (NT only) Test if it is possible to rename the file to a one character filename (one of "a." to "z.")
4. (NT only) Rename the file to a filename around 255 chars long (should overwrite any LFN)
5. (NT only) Rename the file to any short filename found in the step above (i.e. truncate the filename)
6. Truncate the file to 0 bytes long
7. (Optional) Set the file's date/time to midnight, 1/1/1980. (Note, this doesn't change the created and last accessed date/timestamps)
8. Finally, delete the file
• Shredding free space:
1. Create a temp directory on the drive to be cleaned
2. Create a file of size "x" bytes
3. Shred file (see above), but don't delete it
4. Repeat steps 1 and 2, until there is less than "x" bytes storage left
5. Create a file containing the remaining storage space
6. Delete all the other files created (using deletion method shown above)
7. Shred (see above) and delete the file just created (using deletion method shown above)
8. Delete the directory created (using deletion method shown above)
9. "x" is 4MB by default, but this can be changed by the Internal Shredder Configuration dialog
• Shredding registry keys/values
1. Registry key values are overwritten with data before keys are deleted
• There is no limitation to the amount of free disk space that can be shredded.
• For a comparative review of many different shredders, check http://www.SDean12.org/Comparison_Shredders.htm. At time of writing, "Eraser" (http://www.students.tut.fi/~stv/eraser/) is (IMHO) the best of the lot.
• From the slot information dialog, doubleclicking on a mounted slot will launch explorer on this drive. Rightclicking brings up a menu
• During self-destruct, the filename of each file shredded is overwritten in memory (Note: it is still possible for these filenames to have been written to swap before this happens)
• SecureTrayUtil creates a file called "SecureTrayUtil.ini" in your Windows directory if you change the options to anything other than the defaults.
• If you enable the "self-destruct" facilities, you may also wish to specify SecureTrayUtil, the ScramDisk app, and their respective .INI files are targetted for destruction, in addition to any registry entries that you might have added when selecting the shell support options.
• The "onscreen keyboard" is only really there for novelty value; see Appendix C for info on how to attack it. (It will give cover against some "hardware" attacks though; such as bugging the cable between your keyboard and computer), but so will using SecureTrayUtil's "keyfile" abilities...
• You can enter your ScramDisk passwords via a keyfile in stead of typing them in at the keyboard. (This avoids the risk of having your password picked up by a keyboard sniffer, but it is still theoretically possible for it to be intercepted.) The format of keyfiles is simple; it's just a text file with 4 or 5 lines, each line holding a ScramDisk password. If you add a 5th line containing the text "KeepDialog", then the password entry dialog will remain onscreen after the passwords have been read in. Note that even this will not protect you against dedicated "attack" software, but it should give cover against some "hardware" attacks, such as bugging the cable between your keyboard and computer).
• The serial port self-destruct tigger is basicly a loopback plug with the TX and RX cables brought out to a switch. When the two wires are connected, the computer's output goes back to it's input. When broken (obviously) this doesn't happen.
• SecureTrayUtil's capabilities of erasing registry entries are limited to just removing whole keys (including their associated value sets and subkeys) from the registry; note that is is possible to recover deleted entries. Removing registry entries so that they cannot be recovered is a little complicated; see Appendix B for details.
• wrt the "ScramDisk Cache Sniffer" program that I wrote (details and download available from here); SecureTrayUtil provides much better protection against this software than the original ScramDisk application does (it clears the password from the ScramDisk cache immediatly after it is used), but it is not 100%. Try setting the poll interval to 1ms and clicking "Automatic/Manual" before mounting a ScramDisk volume, and you should see your password flicker on the display. Aman (author of ScramDisk) is working on a solution to this problem, and this fix should appear in the next release of ScramDisk. Please note that anyone who can write a full stealth implementation of this sniffer and install it on your computer can just as easily write software to attack PGPDisk, BestCrypt, or any other security system. Windows is not a secure OS. ScramDisk/SecureTrayUtil are excellant tools for increasing your security, but don't count on them alone.
• When running under NT, you may find that you get errors relating to writing to the registry. If you do, it's probably because you've got shell support enabled, and don't have the relevant permissions on the computer you're logged onto to set this up. Login as administrator and try again. If you can't login as administrator, you'll have to disable shell support.
• Please note that there is very little error checking done on user input - it's assumed that you know what you're doing. If you don't, just delete this package from your computer; you'll probably screw things up for yourself)
• When touching files, if the file could not be touched (e.g. if it doesn't exist any more), no warning will be given.
• Touching a file will only change it's last modified date/time. The file's creation date/timestamp will remain the same, and the last accessed date/timestamp will be set to the current date/time.
• If you select a directory to be touched, all files within it will be touched, as will any stored in all subdirectories
• The "Buffers" tabsheet on the internal shredder config dialog is only really intended for "advanced users" only to tweak the performance of this part of SecureTrayUtil.
1. 2147483647 is the max value for any of parameters
2. "Block size for shredding free space files:" and "Block size for shredding files:" should be set to at least the largest cluster size (in bytes) used on your HDDs to ensure that slack space is overwritten
3. If you set "Block size used for constructing temp files for shredding free space:" to a value greater than "Size of temp files to create while shredding free space:", then the block size specified will just be ignored, and the size specified for the temp files will be used instead
4. Please note that you can set the size of the files to be created while shredding free space to be larger than the size of the free space on your HDD; if you do so, then only one file will be created to overwrite your free space (which is probably a good thing), but it is important that you set the "Block size for shredding files" to be the cluster size of the HDD that is having it's free space destroyed (it shouldn't be that critical, but I haven't yet tested what effect having a larger block size would be)
• BestCrypt's "Errors in mounting" count is not updated when the user supplies the wrong password. This is intentional; this count should not be relied upon, even when using the BestCrypt Control panel to mount/dismount BestCrypt vvolumes.
• When mounting volume files, SecureTrayUtil determines the type of the file (E4M, PGPDisk, BestCrypt, etc) by looking at the "signature" that these programs store at the start of the volume file. The filename of any given volume file is ignored when determining the type of the file. If no signature can be found, ScramDisk is assumed as this is the only system that cannot be identified by this method (ScramDisk was designed specifically so it's volume files could not be readily identified as ScramDisk volumes).
• When displaying the volume information for a mounted E4M volume, it is not possible to determine the cipher or hash used for the volume unless the volume was mounted using the instance of SecureTrayUtil that was used to mount it. This is due to a limitation in E4M's driver.
• The hash algorithms can be verified by going to the "Calculate file hash" dialog, typing in any of the published test vectors (for example "abc") into the "Filename:" editbox, and then clicking "Test".
• OTFE versions detected by SecureTrayUtil are as reported by the relevant OTFE device driver. As a result of this, the versions reported are not necessarily the same as the version of the OTFE package installed. For example: BestCrypt v6.06 reports as v2.22 (Windows 95/98) or v2.10 (Windows NT).
• In the case of PGPDisk, the version number returned by the driver has no meaning outside the driver (source: NAI), and so is simply displayed by SecureTrayUtil as a hex string.
• Because the ScramDisk component used is designed to clear all cached passwords immediatly after they are used (for obvious security reasons), you cannot mount a volume using this component, and then create an SKF file. This is because in order to create SKF files, you are required not to clear the cached passwords. Instead, you can use ScramDisk to mount the volumes, and then create any SKF files needed.
• Please note that the version numbers of OTFE packages installed are the version numbers that the OTFE drivers identify themselves as. In most cases this is meaningful, but in the case of PGPDisk, this constant should be interpreted as an internal version number only, and has no meaning outside of PGPdisk (source: NAI)
• If CrossCrypt is installed and no CrossCrypt volumes are mounted, SecureTrayUtil will correctly identify that this OTFE system is installed, but will not be able to identify which version of CrossCrypt is installed. This is due to slight weirdness in CrossCrypt that prevents it from reporting which version it is unless it has a volume mounted(!)
  
• I have only verified PGPDisk support for the version that comes with PGP v6.0.2i. Because NAI appear to have changed all the APIs, and don't appear to wanna talk to me about what's changed, the version of PGPDisk supplied with the commercial release of PGP v7.0.x does not work correctly with SecureTrayUtil. In order to prevent screwy things happening (SecureTrayUtil misreporting mounted PGPDisks, etc), it is recommended that you disable PGPDisk support within SecureTrayUtil if you have a later version of PGPDisk installed.
• If you have TrueCrypt v2.1 or v2.1a installed, please check the OTFE options dialog. If the version detected is shown as "v2.1(???)" (i.e. the version number with a bunch of "?" after it), make sure that you set the ensure that correct version on the "TrueCrypt" tab.
  
• Legal stuff:
• I retain all rights to this software
• You are free to distribute this software, although no charge may be made of any kind for doing so (that includes any fees for copying and/or the distribution media)
• If you distribute this software, this file must be included with it, intact and unmodified.
• Any software derived from any part of SecureTrayUtil and/or it's source code is to be released as freeware with full source code
• Blah, blah, blah ... you use this software at your own risk ... blah, blah ... author takes no responsibility ... blah, blah ... (i.e. the usual disclaimers, etc. Do be careful with the self-destruct capabilities of this software though - test them out with junk files before trusting them)

Hardware Self-Destruct Trigger Details

9 pin serial port connector:
Pins 1, 4 and 6 - connect together
Pins 7 and 8 - connect together
Pins 2 and 3 - leadout to switch. When these two pins are connected together, nothing happens. When they are disconnected, SecureTrayUtil's self-destruct system is triggered.

25 pin serial port connector (I haven't tested this myself (I only bothered testing the 9 pin version), but there's no reason why it shouldn't work. Drop me an email at sdean12@softhome.net and let me know how you get on!)
Pins 6, 8 and 20 - connect together
Pins 4 and 5 - connect together
Pins 2 and 3 - leadout to switch. When these two pins are connected together, nothing happens. When they are disconnected, SecureTrayUtil's self-destruct system is triggered.

To test your trigger, use "PortTest.exe".

Note: (This is obvious, but...) SecureTrayUtil must be running for this feature to work.

Triggering Self Destruct via the Internet

Goto the self destruct options screen, Triggers tab. Click "Configure Triggers" and select the "Internet" tab from the dialog displayed.

Specify a port number into which you can connect via the Internet (23 is the default port used for telnet, although you can specify any port; just tell your telnet client to use whatever port you set this to). You may wish to check IP Port Numbers - Full Listing for a list of standard port numbers.

Work out your authentication dialog, and enter the number of challenge/response pairs.

Enter your challenge/response pairs as follows:

1. Set the "Edit pair number" to the pair number you wish to edit (hint: start with 1)
2. Enter the "challenge" (i.e. the text that SecureTrayUtil should send out over the connection)
3. Enter the correct "response" (i.e. the text that you are expected to reply with)
4. Click "Set pair"
5. Repeat steps 1-4 for as many challenge/reponse pairs as you like

^[E

^[[8m

^[[m

See VT100 escape codes for more of these codes.

After this trigger is enabled, just telnet into your computer on the port number you specified. Your telnet client will receive the first challenge, you should respond with the relevant response. If you get this wrong, you will be disconnected. Get it right, and you will go onto the next challenge/response pair. After successfully completing your all challenge/response pairs with SecureTrayUtil, you will be disconnected, the SecureTrayUtil telnet server will go down, and the self destruct sequence will be activated.

Note: Challenge/response pairs are held in plaintext in SecureTrayUtil.ini

Note: (This is obvious, but...) SecureTrayUtil must be running for this feature to work.

Command line options

    SecureTrayUtil [/stayloaded] [/readonly] /mount <volume filename>

Mount OTFE partitions:

    SecureTrayUtil [/stayloaded] /mountpartitions

    SecureTrayUtil [/stayloaded] [/brutal] /dismount <driveletter>

    SecureTrayUtil [/stayloaded] [/brutal] /dismount all

Touch the given file:

    SecureTrayUtil [/stayloaded] [/date <date>] [/time <time>] [/promptdatetime] /touch <file or dir> <file or dir> ...

Calculate and display the hash of the specified file:

    SecureTrayUtil [/stayloaded] /hash <filename>

    SecureTrayUtil [/stayloaded] [/silent] /shred <file or dir> <file or dir> ...

    SecureTrayUtil [/stayloaded] [/silent] /shredfree <driveletter>

    SecureTrayUtil [/stayloaded] /selfdestruct

TODO List

1. Add a "Volume properties" page to the Explorer properties dialog for OTFE drives; giving information like SecureTrayUtil's volume information dialog displays (nice idea, but a very low priority)
2. Remote control self-destruct via modem; by dialling your phone number, connecting to your computer's modem, and entering a coded "self-destruct" command (again, low priority)
   
3. Timeouts
4. The option to turn on/off ScramDisk's "autorun" feature
5. Ability to "self-destruct" if a wrong password is entered more than "n" times (more of a novelty than a serious attempt to stop attackers)
6. The source code could do with a little tidying up...
7. "Purge" capability as well as "self-destruct", i.e.
• Ability to clear the "Documents" menuitem under the "Start" button
• Ability to wipe MRU lists (most recently used file lists; for example, look under WordPad's File menu)
• etc, etc...
8. Support for PhysTechSoft's StrongDisk (currently under development)
9. Extending the self-destruct functionality to include "booby trap" capability - if the computer is shutdown without a certain sequence of keys being pressed, for example. Probably not a good idea to use this idea when running under Windows 9x/Me - they're far too unstable, and crash so often that such self-destruct capabilities may get triggered accidently!

Known Bugs

• None known of at present

Credits

• Aman (scramdisk@hotmail.com) for creating a fantasic program (ScramDisk - though IMHO, the GUI could still do with a little work ;) and releasing the source code (http://www.scramdisk.clara.net/)
• Andy Jeffries at Kwik-Rite Development (enquiry@kwikrite.clara.net) for writing TkrScramDisk and letting me take over development; it is on his work that the TOTFEScramDisk Delphi component (and it's predecessor, TEnhKrScramDisk) is based (http://www.kwikrite.clara.net/)
• Paul Le Roux.(paulca@rocketmail.com or paulc@e4m.net) for creating E4M (http://www.e4m.net/)
• Sergey Frolov (support@jetico.com) of Jetico for his help with the BestCrypt API, and in particular helping me with the bugs in the BestCrypt BDK (http://www.jetico.com)
• Nicholas Ryan (nryan@nryan.com) for confirming that the version number returned by the PGPDisk driver is an internal number only, with no meaning outside PGPDisk (hence why SecureTrayUtil returns a hex number when it reports the version number of PGPDisk if it's installed)
• Peter Johnson (pjohnson@netspace.net.au) for his article on how to use serial ports under Delphi (http://www.innotts.co.uk/~zephyr/serial.html)
• Peter Gutmann (pgut001@cs.auckland.ac.nz) who created the Gutmann method of securely shredding files (see his paper "Secure Deletion of Data from Magnetic and Solid-State Memory")
• And last, but by no means least, a BIG "thankyou" to all the people who have helped in the development of SecureTrayUtil by submitting bug reports, suggesting improvements, and who have downloaded and tried out beta versions of the program - your help has made a very significant difference.

Appendix A: Version History

• v3.95.0 (17th October 2005)
• Updated to support latest FreeOTFE
• Fixed bug with mounting TrueCrypt volumes (previously, some volumes couldn't be mounted correctly)
• Added additional shell notification and corrected bug with existing broadcast message when TrueCrypt volumes are mounted/dismounted
  
• Shredder checks for user cancel more often when overwriting free space, and updates display more often, preventing it from appearing as though SecureTrayUtil has frozen up.
• Corrected exception raised on exiting SecureTrayUtil when the volume information dialog is open.
• Improved support for MS Windows XP Themes
• Switched from Delphi 5 to Delphi 7
• Minor revision letter ("a") now displayed correctly when TrueCrypt v3.xa is installed
• v3.91.0 (6th April 2005)
• Updated URL
  
• v3.90.0 (4th April 2005)
• Added support for TrueCrypt
• Added support for FreeOTFE v00.50.00
  
• Removed bug causing the partition select prompt to be shown once for every OTFE system which supports partition mounting, when attemping to mount a partition.
• SecureTrayUtil will no longer prompt for further filenames when mounting volume files.
• Fixed minor cosmetic bug in "About..." dialog
• Improved handling of partitions.
• Removed support for FreeOTFE v00.00.0x
  
• v3.87.0 (11th October 2004)
• Rebuilt with latest Delphi components to include FreeOTFE volume mounting fix.
• v3.85.0 (10th October 2004)
• Hash options extended to include SHA-256, SHA-384, SHA-512 and Tiger
• Added support for FreeOTFE
• Added support for CrossCrypt
• Added "Icon view" option when viewing mounted OTFE volumes
• User is now prompted to select which OTFE system should be used when mounting a volume which appears to be mountable by more than one OTFE system
• v3.6.1 (7th November 2001)
• Minor bug wrt touching directories from the command line fixed.
• v3.6.0 (5th November 2001)
• Minor bug wrt shredding directories fixed. No code changes, just recompiled with the latest SDeanComponents to include bugfix in that package.
• v3.5.0 (1st August 2001)
• Switched to Delphi 5
• Added full support for Windows NT/2000, including fixing stupid bug that could cause crashing
• Added drag & drop support - you may now drag volume files onto the main SecureTrayUtil window to mount them
• ScramDisk: Faster mounting when mounting ScramDisk volumes
• ScramDisk: Added support for ScramDisk v3 (Windows 9x/Me/NT/2000)
• ScramDisk: Added user option to turn on/off ScramDisk's ".SVL" file support
• E4M: Support for E4M has been improved (SecureTrayUtil no longer hangs the system on shutdown/restart if E4M support is enabled)
• E4M: Usability improvement, if there is no default drive, then neither drive A: nor B: will be selected by default
• BestCrypt: Fixed bug that could cause SecureTrayUtil to crash (stack overflow) if a BestCrypt volume is dismounted while files are still open on the volume
• (Minor, cosmetic) When changing tasktray icon, user is presented with a dialog from which to select the icon required, instead of having to "click through" all the icons available
• The time interval between touching user specified group of files was previously user specified in milliseconds, this has now been changed to a user specified number of seconds
• A new self-destruct option has been added; randomize system clock on self-destruct. This does pretty much what it says; if this option is set, then when a self-destruct trigger fires the system clock is set randomly to within a user specified range. (See Self Destruct Options dialog, "Additional" tab)
• Added new command line option "/mountpartitions"
• Fixed bug wrt the progress bar blowing up when shredding HDDs with large amounts of free space
• Added option to change the default file filter when opening volume files (see OTFE Options dialog)
• User can now specifiy programs to be automatically run on post-mount/pre-dismount/post-dismount of OTFE volumes
• (Cosmetic) the Volume Information dialog's treeview now displays the correct shell icons for drives, instead of using a bunch of hardcoded icons. It looks much nicer now!
• Bugfix wrt displaying UNC filenames
• When shredding registry keys, registry key values are now overwritten before the keys are deleted
• Various other cosmetic, etc enhancements
• v3.0.1 (17th March 2000)
• Added ability to "touch" entire directories, which causes all files in a selected directory and below to be touched
• Minor cosmetic improvements
• Bugfixes:
• Fixed problem with using keyfiles for mounting ScramDisk volumes with ScramDisk/E4M; the 5th line was being used both as the "KeepDialog" line, and the 4th password.
• Fixed minor bug wrt fast shutdown on Windows 98SE
• Excessive refreshes now reduced
• v3.0.0 (19th February 2000) - Note:  v2.1.0 never made it out of beta; check below for the improvements made since v2.0.1 (the previous official release)
• Built with v1.0.0 of the SDeanComponents
• MD2, MD4, MD5, SHA, SHA-1, RIPEMD-128, RIPEMD-160, RIPEMD-256, RIPEMD-320 and GOST R 34.11-94 hash algorithms implemented to calculate the hashes of files (and test vectors)
• Support added for:
• BestCrypt
• E4M
• PGPDisk
• Improves BestCrypt by adding the ability to store BestCrypt volume files within subdirectories
• ScramDisk can now mount WAV files
• Vastly improved mounted volume information dialog
• User can now select which tasktray icon to use
• "Dismount..." shell extension (optional) added, allowing you to easily dismount ScramDisk drives from within Explorer
• /mount and /dismount command line switches superceed /SDmount and /SDdismount
• Hotkey added for displaying volume information
• Changed tasktray icon so that it is now updated whenever a broadcast message stating that a drive has been added/removed. This means that SecureTrayUtil is now "aware" of the activities of applications other than itself mounting & dismounting secure drives
• Added shell support for "touching" files, via the usual interface and by command line argument (/touch)
• Added functionality to search for volume files
• Slightly improved shredding under Windows 95/98 wrt overwriting filenames
• Development of Delphi ScramDisk Component taken over from Any Jeffries at Kwik-Rite Development
• Note for developers, and anyone else who is checking the source: file version comments at the start of each ".pas" file are no longer being maintained. This is because the main SecureTrayUtil development is now under source code control, which is where these comments are now being stored.
• Bugfixes:
• An additional check is made when shredding file slack space; files greater than 4GB are now ignored.
• "Blank shell menuitem" bug fixed when file shred shell extension enabled (but not directory shred), and directory selected, or vice-versa
• The ScramDisk device driver caches the last 8(?) passwords that were passed to it, however previous versions of SecureTrayUtil were only clearing the last one entered after mounting. Although this was much better than what ScramDisk does (i.e. nothing), it did leave a potential security hole in which an attacker could come along after the user has mounted, used and dismounted a ScramDisk volume, and simply remount the volume without being asked for the password. Although this is a arguably a problem in ScramDisk, I have now fixed this in the Delphi ScramDisk component, and therefore SecureTrayUtil as well.
• v2.1.0 - This version was superceeded by v3.0.0 and never made it out of beta
• Gutmann shredding algorithm option added
• Free disk space shredding implemented
• Slack space shredding implemented
• More command line options added
• Trigger self destruct via the internet added - allows you to telnet into SecureTrayUtil over the internet and trigger self-destruct remotely
• New options for action taken on doubleclicking the SecureTrayUtil tasktray icon
• Checkbox to select between masked password entry/passwords displayed while being entered (this can option can be disabled)
• When mounting volumes, user can now select more than one volume file, all of which can be mounted by entering a common password only once
• Added ability to change buffer sizes, etc for the internal shredder
• Added file touching facility - touches the time/date stamps on a user defined set of files on startup/exit/at a regular interval
• All source code placed under source code control. Version information comments will no longer be added to source, but instead entered into the source code control system.
• Bugfixes:
• Keyboard dialog fixed to work properly :)
• Fixed TEnhKrScramDisk Delphi component that was due to a daft bug in the original TkrScramDisk Component relating to GetSlotInfo(slotNo) - TkrScramDisk incorrectly returned "slot not mounted" when reporting slot details for ScramDisk partitions. This fix has the effect of allowing the trayicon to be updated correctly when ScramDisk partitions are mounted, and also enables/disables the dismount controls properly.
• Fixed problem with mounting ScramDisk partitions on some computers running at, say, 300MHz or greater, due to the lack of a delay between entering passwords and trying to mount the partitions
• Fixed problem with Kremlin causing SecureTrayUtil to think it's being shutdown twice when Kremlin is set to intercept system shutdowns
• Fixed TEnhKrScramDisk Delphi component that was due to a bug in the original TkrScramDisk Component relating to calls to Dismount(driveletter, brutal) (The "brutal" parameter was being ignored, and it didn't work correctly if you has slots that weren't mounted!)
• Fixed silly behaviour occuring when running SecureTrayUtil with the /SDmount command line option and "dismount all on exit" enabled (DUH!)
• Fixed bug that could cause SecureTrayUtil to pass garbage directory name when using an external shredder to destroy a directory
• Fixed bug relating to slow menu appearance when rightclicking on the tasktray icon. (This probably only affected you if you had a slower computer)
• v2.0.1 (6th July 1999) - Bugfix for users who do not have "." set as their decimal separator in their regional settings
• v2.00 (4th July 1999) - Numerous significant improvements, including:
• improved shell support
• hardware serial triggering for self-destruct
• test mode for ensuring that your self-destruct triggers are functioning correctly
• directory and registry key destruction on self-destruct, whenever a file/directory is shredded the default shredder is always used (setup via the Options dialog)
• command line options
• internal shredding improved
• ability to enter ScramDisk passwords via a keyfile - completely avoiding the risk of having your password picked up by a keyboard sniffer (and no, although ScramDisk's red screen is good, it's not perfect, and does not provide 100% protection against this sort of attack)
• ability to enter ScramDisk passwords via an "onscreen keyboard" (novelty value only)
• ability to turn on NT's swapfile overwriting security
• added exit after self-destruct, and remove tray icon while self-destructing
• several bugfixes!
• many more significant improvements I can't think of offhand...
Note: When upgrading to v2.00 from an older version, it is recommended that you delete any SecureTrayUtil.ini file in your Windows directory - the layout of this file has changed a fair bit since earlier versions. If you don't, you'll probably find some of your options myseriously revert back to their default values... (Deleting this file means that all your options are defaulted)
• v1.10 (17th May 1999) - Several minor points changed in both software and this file (mainly cosmetic)
• v1.00 (16th May 1999) - Initial release

Appendix B: Securely Deleting Registry Entries

1. Take a backup of your SYSTEM.DAT and USER.DAT files in case anything goes wrong (these files make up your registry)
2. Run

REGEDIT.EXE

and export your whole registry to a file (export everything)
3. Boot to DOS
4. Run:

REGEDIT /c <filename of exported registry>

(this can take awhile; about 20mins on my test system)

This is just a simple summary of the process; if you would like further information, or more detailed instructions (though it is pretty easy!) on how to rebuild your registry, please check on the WWW.

Appendix C: Details of the Keyboard Entry Dialog for Passwords

Features include:

• The use of image, rather that text, captions for the "keys"
• "Speckled" images for "keys"
• Random "key" placement
• Random positioning of the dialog
• Random sizing of the dialog

Attacking the protection that this dialog provides would be trivial; just write a program that detects a window being displayed with a "Scramble Keys" button on it. After that, hook the mouse messages, and every time the left mousebutton is pressed, take a screenshot of the dialog, and with it record the X and Y co-ords of the mouse within the dialog. Later, recover the images and info, and just watch what "keys" are being pressed on the dialog.

This dialog is a standard Delphi component so that you can easily incorporated into your own projects (if you really want to!)

Appendix D: OTFE System Compatibility

Support for PhysTechSoft's StrongDisk is currently under development, providing PhysTechSoft publish further API details.

Appendix E: PGP Public Key

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGPfreeware 6.0.2i

mQGiBDekay4RBADuX/QEq7W9POZ3V5xIGj4lpO4+LB+LhY2+ZMi0/jMtsMQg6niJ
ctPBjyKCmm0LwleojZyLo7ArJ1Bkw4dswYbaULEDC+nB4KEwOsJzfdceJ8jI063g
KFZylqpuhAdEKr0am1UScp91O9HndO/TvW+Tz26MGdpHZMSR6ppAISyhSQCg/+eD
Me3ocRdWgJRK3QFPqJ8sZ4sD/jOzuQoWEjcCS+9RCW3ciCbBdsdpeZ+JTSwwiurj
tQ+vOZVmDxx+rBuN2f20BqeXGA1ySaZBkO3FTEcctxN37v7lh7LVa2Has+RZyNL1
P35sTUgJW0/v6ZcevG4pTMhWjQWPQsUGKHVIvHekEDTy+aeYb3kUvZBWJVnQXgJC
3oc/A/9OzHJMDyyezEDdElqAggilPatwIM61WdtX6r0fWF+JG0KrrNCD3PS6FR3O
EVryJdhgqUnmgjUYap50w2IeAgcRronaI8rxaQJHpp2v213Tt8b2Bs/FkZ77AAzI
xLgvQUQkhL8GNf3gtEO8ATJXVB6yswTWgmOFzCHSMH4zYJziprQhU2FyYWggRGVh
biA8c2RlYW4xMkBtYWlsY2l0eS5jb20+iQBLBBARAgALBQI3pGsuBAsDAgEACgkQ
LdjfvvrOepcd6gCg4thdcr3LFCzS8ISjhIr9zlNnUq4AoLh9GDeBL7CppIouCXh5
KS/OCHytuQINBDekay4QCAD2Qle3CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoB
p1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89PY3bzpnh
V5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa8L9GAFgr
5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy4
XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zaf
q9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7AAICB/9nhUFusOvGDXqL
4hLybdYuNaKy7ASL20fDN6pepcu+c3SEnEQkRLTkUm9iTUV5H4qnOxXGuoJ5qlAT
VMKKODSQI8hM+wA8lMXAPrgFOe2p8qmXl1IUFGebP8BFO+52ARcdHzYfkpbDReMi
/M+byUL8FBiS7y2bNQKdUUhsWDFiZNJHQbto+cEtHpeha6aqF86yWaT1KYnoFDzq
mIYOeENHXZ/ZLBjuCyVApYSI1/8ueD7vXFq3DvpiidpEmTjOswl6hKyHpNyeMWMv
1gsSR7V4yxIOctlzGpuOaigugpinBcCSYlbn1klkgqqlWBt9H/YNcOOAGJp/1QiF
8besoHK+iQBGBBgRAgAGBQI3pGsuAAoJEC3Y3776znqXT5wAoNRxr6bHZREJG/FW
XK1m5qGcjC6GAKDwY1TCImJHVg9rdHCmkf3XvEY3LQ==
=MAg0
-----END PGP PUBLIC KEY BLOCK-----

Email me at: sdean12@softhome.net

Return to the main page page