How to securely transfer files from a possibly infected WinXP machine to Linux?

There is an old Windows XP installation that was being used without even an antivirus. This WinXP computer has files. These files are important and should be moved to a Linux installation. Given the lack of any security practices on the side of the WinXP owner it seems possible that the data contains malware.

I can now:

  • Ignore this and simply keep using these files in Linux; after all Linux is supposed to not need AV.
    • At the very least the files should be scanned to avoid accidental redistribution of malware if they are ever sent to anyone else again
    • The files contain eg a multitude of .odt / .doc documents – maybe it’s a very remote possibility, I don’t know, but malicious macros are OS independent?
  • Install ClamAV on Linux machine, scan the files, remove Clam afterwards.
    • AFAIK ClamAV is known for its poor detection rate – scanning the files with it is only marginally better than not scanning at all?
  • Install an AV on the WinXP machine (Panda Free AV still supports WinXP, doesn’t it?), scan the files there, only transfer them afterwards.
    • Which means going online with WinXP once again – this just feels wrong
  • Any options I overlooked?

I feel stuck. Not sure how to progress.

Note I wouldn’t like to manually inspect the files and eg remove any potentially suspicious files like .exe files while leaving safe files like .png files intact. Reason is the data is not mine, I was just asked to transfer it so that someone else may use them.

What is the accepted best practice in a situation like this?

Quarantine virus found – how to remove the file securely?

There is a file found by antivirus program and it was put into the virus’ quarantine section (its not a false positive).

Now I don’t know how to handle this “quarantined” files.

1) What is the best practice and secure way to deal with them? Delete from quarantine, or let them in there?

2) If i delete a file from the quarantine, does it mean that it goes to the “recycle bin” of the computer and is thus still existent on my PC, and could be recovered by some tools like Recuva? Or will it be gone for ever

3) What happens if there are files in the quarantine and you accidentally de-install the antivirus program from your PC, what happens to the files?

Thanks.

Would a difficult to access “Key” be an option to securely solve the Apple vs. FBI problem?

In recent times, there has been an escalating demand by legislators in the US and the world around to be able to decrypt phones that come pre-configured with strong encryption. Key escrow is commonly suggested as a solution, with the risk seeming to arise out of the escrow agent misusing or not appropriately securing the keys — allowing for remote, illegal, or surreptitious access to the secured data.

Could a system secure from remote attack be devised by adding an offline tamper-evident key to the device? This could be an unconnected WLCSP flash chip or a barcode within the device with the plaintext of a decryption key.

I recognize the evil maid attack, but presume a tamper seal could be made sufficiently challenging to thwart all but the most motivated attackers from surreptitious access to the data.

What would be lost in this scheme relative to the current security afforded by a consumer-grade pre-encrypted device (cf. iPhone)? Bitcoin, Subpoena efficacy, and other scenarios that seem fine with “smash and grab” tactics come to mind.

How can I securely generate secret-sharing/multisig keys on a p2p network?

I am trying to create a peer-to-peer escrow system. I need to encrypt the private key of a wallet with a 2-of-3 secret-sharing function – the buyer, seller, and arbitrator will each have have one key.

The problem lies in the generation of secret keys on a p2p network, as there is no trusted server. What can I do to prevent a maliciously modified client from making a copy of the keys before distributing them to their rightful owners?

Thanks in advance!

How to securely access oracle system user credentials from my installer

We have a installer that we have built using scripts. When we start the installer, it asks for the database system user and password, which it needs to create application users. We do not want the user doing the installation to know the system user password. Hence we are looking for ways in which installation can go through without sharing the system user password. Few things we have explored. Encrypting the system user password using an utility. This is not very feasible, considering that we have to embed the key in the installer, which is not obfuscated/encrypted(basically user can read it by opening it) Obfuscating the utility used for encryption and installer. This was ok, but it is still unsafe, as obfuscation itself is not fool proof.

Is there any other way , this can be handled. Is there an Oracle API, that we can use? Please suggest.

How do crypto coprocessors securely decrypt a disk without allowing bus sniffing?

I’m trying to understand how using a crypto co-processor chip can securely decrypt a disk without someone getting the decryption key by sniffing the bus it communicates on or loading the disk onto another computer and viewing the contents that way. Specifically, I’m trying to figure out how this works when someone has physical access to the device and the device needs to be decrypted without a password.

An example would be an ATM that has an embedded device that will boot on OS only if it is running on trusted hardware that has a crypto chip. In this case it is passwordless (there is no login to be able to use the ATM terminal). A malicious actor can get physical access to the board, but shouldn’t be allowed to sniff the bus between the crypto coprocessor and the main processor nor be allowed to remove the SD card and view the contents on a separate computer.

Consider the following situation:

  • Embedded system running Linux with a crypto chip that communciates over i2c
  • Disk is removable media such as an SD card and has full disk encryption
  • The device is passwordless, but only runs on the trusted hardware
  • The removable media cannot be loaded into another device and analyzed
  • The device/keys can be provisioned in a secure environment

Questions:

  • How is it possible that the decryption key can be transmitted across the i2c bus without being intercepted?
    • I assume it uses public key encryption, but how is the private key on the disk side kept secret?
  • Can this setup work if the removable media is not paired with a specific crypto chip?
    • Example being the device gets a new SD card (but can still be decrypted with the crypto chip)

Securely displaying hidden integers with MD5

A system I’m trying to disprove security of uses the following mechanism: a 19-digit integer is hashed via the MD5 algorithm and the salt of the integer is shown in plain sight to the user before they take an irreversible action relevant to trying to guess the first 2 digits of said number.

Somehow, this screams of insecurity to me. With 10^19 possible results for each particular implementation and a 2-minute lifetime of a single entry, as well as capabilities of modern GPUs, I just don’t feel giving the okay to rolling this out.

My attempts to tackle it with a hashcat mask bruteforce with a somewhat high-end graphics card off my personal computer give very reassuring results of a time way exceeding two minutes, yet intuition seems to hint at something I’m missing.

Am I?

Cheapest way to securely connect to close networks

The location of this scenario is a two-floor appartment in a house with more appartments that all share the same cellar. In the cellar, there is a room with a box where all the LAN cables for all the appartments meet. That’s right, there is a central patch panel for all people. The two floors of the appartment are only connected through the patch panel, with a LAN outlet for each floor that both go down to the patch panel. The goal is to create a single network in which all devices in the appartment can talk to each other. However, there are stupid devices (ironically called “smart” devices by their sellers) that cannot encrypt their traffic, so a MitM attack from the cellar becomes trivial since the patch panel is accessible to anyone. On the other hand, once out of the outlet in the appartment, the network is safe from tampering. I therefore have two distinct, tempering-proof zones that are connected by an insecure link.

I visualized the situation in this ferocious piece of art:

Visualization of the described situation

So my question is: What is the cheapest way to link those floors securely at 1Gbps/s speed? This would be the magic “??” star in each zone. With enough budget, those would simply be two routers, one at each outlet, tunelling traffic between the two floors. However I know of no router model that is both cheap and able to deliver Gigabit through a secure VPN.

Are there special boxes out there to perform the job? Or is there a very affordable router (less than $ 100) that delivers enough throughput? Or am I doomed to tape an extra LAN cable to the stairs despite theoretically having an existing infrastructure?