format proof application

[Zeal]

Hi there
I hope I am about to ask my question in the right group.
I am a new to c++ programming, basically I have been doing VB and .Net
for a while now. I am writing a basic console applications to start
with. The question I would like to ask is, is it possible to write
programs that are unable to be formatted? My intention is to write a
robust security toll as my laptop has been pinched twice. What I need
to know is is something like this even possible?

cheers
Zeal

 

[Jim Langston]

Hi there
I hope I am about to ask my question in the right group.
I am a new to c++ programming, basically I have been doing VB and .Net
for a while now. I am writing a basic console applications to start
with. The question I would like to ask is, is it possible to write
programs that are unable to be formatted? My intention is to write a
robust security toll as my laptop has been pinched twice. What I need
to know is is something like this even possible?

In Windows I know it would be possible to write a custom boot record that
could protect your program, but it could still be formatted away by a
knowledgable person (in windows/dos using the undocumented feature mdisk
/mbr to rewrite a boot record). Basically, you would have to do something
very low level. It would be non trivial.

 

[Gianni Mariani]

Hi there
I hope I am about to ask my question in the right group.
I am a new to c++ programming, basically I have been doing VB and .Net
for a while now. I am writing a basic console applications to start
with. The question I would like to ask is, is it possible to write
programs that are unable to be formatted? My intention is to write a
robust security toll as my laptop has been pinched twice. What I need
to know is is something like this even possible?

There is nothing specific to C++ about your question and so it's off
topic in c.l.c++.

More to the point, there is very little you can do with today's systems.
Perhaps a boot password but a knowledgeable thief can circumvent just
about anything you do except for a BIOS modification.

On most systems, even to modify the BIOS, you need to load the BIOS, so
this means you always have control.

A BIOS call home feature should be fairly trivial, the only problem is
you need a network. If you're really clever, you can make the BIOS
patch almost undetectable.

Most of this would be done in assembler +C, maybe a little C++, but if
it's your first encounter, you have a very steep learning curve.

 

[Zeal]

Hi people,
Sorry for posting in this group. The reason I did so is because I dont
expect to write system level security apps with VB now do I?
Ok Gianni, thanks, you have basically got on to something that I was
intending to do.
Bios patch:
Thats exactly the kind of questions I wanted answered and that is what
they dont teach grads today, just top level application development in
VS
So basically what Im trying to do is get a discrete app making a one-
off IP logging of the pc/laptops location. I can do this ok on a
running system (While Im logged in and the program runs in the
background etc....). But obviously a theif will not be logging into
your account and going online once they have your computer. They will
do the right thing and format it ofcourse with a logged in system,
tracert or similar can provide the relevent details. But not so easy
with the networking etc in mind.....
Any thoughts and ideas would be appretiated.

cheers

 

[Gianni Mariani]

Zeal wrote:
....

Any thoughts and ideas would be appretiated.

There are "open source" bios alternatives. You would need to learn what
you can there.

a) You would need to learn enough of the architecture to be able to get
hold of the CPU sometime after the system booted.

b) You would need to get transparent control of the networking device or
somehow "patch" the operating system to give you control of the
networking devices (in a transparent fashion).

c) You would need to create a protocol that allows you to circumvent any
network roadblocks that got in the way (DHCP NAT etc)

d) You would need to circumvent overwriting of the bios with another
"unauthorized" bios. A little PKI might work here.

The first thing a thief will probably do is boot a CD based OS and
overwrite the OS.

 

[Michael DOUBEZ]

Gianni Mariani a écrit :

On most systems, even to modify the BIOS, you need to load the BIOS, so
this means you always have control.

You can always replace the bios chip. This is commonly done when you
develop BIOS app and it doesn't work

The security could be improoved by checking the BIOS serial number in
the bootloader though.

Michael

 

[Zeal]

Thank you very much to everyone that replied. I am already doing a lot
of research and considering my options, especially by you Gianni.
See you guys around if I have any 'real' C++ questions....meanwhile I
will be looking at some assembly or something...lol..
takecare all.