Keeping a folder/directory private

Good one, Bob. Haven't tried that yet. How does it appear in a detail
Explorer view? How can he retrieve it?

rs

 

I vaguely remember that trick from way back, & made a ".secret" folder to
test it.

But on NT, at least, I can see the folder just fine, and in a CMD shell, I
can list it with a DIR. The only thing unusual about it was that Explorer
wouldn't let me name the folder that way -- I had to go to a command shell
to make the directory.

Dir *. or whatever. ONLY you will know it is there.

 

Sorry to report, it didn't work for me. XP Pro, NTFS -- doesn't really
have DOS tho it maintains the commands.

rs

 

To all,

Hi, I've been busy and didn't check this thread for a couple of days. Many
responses and I didn't know where to put a general reply so I'm attaching it
here. Thanks to everyone that contributed.

It seems that some people miss understood my intent. Perhaps the initial
post was written to hastily and should have been more clear. The question
was about making a Windows folder private so that other people couldn't
snoop into it or copy files from it. I didn't mean to imply that I'm trying
to keep something secret from my employer. Nor did I mean to imply that my
employer and I don't have an agreement about ownership. We are working on
that.

Here's the deal: I've just started working for a new employer. I'm bringing
along over 10,000 lines of AutoLISP which I developed over the past few
years. Due to computer security at this office, I'm concerned that some
employees may have passwords and could log onto my station as a
Administrator thus gaining access to my files. I don't have any real reason
to suspect anyone has passwords, or that they would do such a thing, but I
would be more comfortable knowing my files were secure. (I lock my car to
keep honest people honest.)

At other offices, I've kept such files in the "My Documents" folder,
thinking that anyone logging on without Admin rights would not be able to
view my files (I'm not sure if that is as secure at I thought). As for the
designated IT people, whom must log on from time to time to do maintenance
work or whatever, that hasn't been a concern of mine because I trust them
and they don't have a clue about using the code even if I just handed them a
copy.

I hope that clarifies the ownership issues. I'm still looking for a
solution to the original question if anyone can help. I'm currently using
password protected zip files for transporting files from work to home via
email. But I've been unzipping to a folder so as to be able to edit the
files. Perhaps I should just zip up any open source code at the end of each
editing session (thanks Tony).

Anyway, I'm probably fretting over nothing. Most user's wouldn't be able to
do much with the code anyway because it's too convoluted for me to
understand sometimes.

Thanks again.

Regards,
Steve Doman

 

"they don't have a clue about using the code even if I just handed them a
copy."

some of them just might surprize you...ive met a few IT who were closet lisp
freaks

Jaime

 

Sorry guys,
It seems that the "." folder is now available for viewing.
Alas.
Bob

 

Like me, I do both.

 

I would just make sure you have a backup folder in an obscure place in case
someone tinkers with your code, you can just restore the original.

I made a folder hidden deep within the windows sufolders, obscurely named.
then wrote a batch file to copy files from my standard lisp area to this
secret location and run it every so often, or after major changes.

This also helps incase something gets corrupted, or the HD crashes where
they are located.

 

Steve, my own concerns on this are not so much concealing the code as
preventing my routines from being handed around or "shared" without
permission.

I've found that most folks who are capable of "borrowing" code and altering
it for their own purposes are also capable of writing it themselves. I think
I've occasionally written some fairly clever code, but I don't think that
any of it is so revolutionary or unique that my methodology needs to be kept
secret. If I gave a general description of what one of my programs
accomplishes, without revealing any code, there are any number of people in
this NG who could quickly come up with better, faster ways of doing the same
thing.

My main concern is with employees potentially "sharing" cool programs with
buddies outside our firm. There a lot more lisp-swappers than there are
programmers, and in most cases they don't care about seeing or changing the
code -- they just want a ready-made program that does something useful.
Since a lot of my lisps are tailored for our type of work (residential
architecture), they would potentially be beneficial to competing firms, and
I don't want to be giving away things that our firm has borne the cost of
developing. Compilation, in itself, doesn't protect against unauthorized
file-swapping.

So I compile our lisps not so much to conceal the coding, as to add hidden
security measures to prevent their being bootlegged. For instance, I include
a check of Acad serial number and network domain name, to ensure that our
lisps won't work on anyone else's system. In my experience, even if these
features weren't encrypted by compilation, they'd be enough to discourage
the vast majority of non-programming file-swappers.

Another simple measure is making all the lisps to some degree
interdependent -- for instance, calling a general-purpose error-handler or
other "library" type utilities. This ensures that any single lisp won't run
on its own, outside our system. Again, the average file-swapper won't be
able to get past the "unknown function" error when the lisp calls a routine
they don't have.

Just my two cents. You might give some more thought to exactly what kind of
thing you're really trying to protect against.

If you're that sensitive about the code, I'd suggest getting some kind of
read-write removeable media (nothing wrong with a good old ZIP drive) and
keep your code off the hard drive altogether.

 

I found a great little FREE App called Dekart Private Disk Light www.dekart.com (very similar to BestCrypt).
You create a container file (sizeand Drive Letter you specify) and it creates a password protected Vitual disk. Unlike Bestcrypt however, the container file can be accidently deleted when it is closed.

May be what you are after.

Dean

 

Tom,

Well said. Like you, I'm using compiled files for distribution on the
Company server. And also like you, I'm calling toolbox functions from c:
functions. Haven't added the domain name and version checks, but I'll add
that. I presently use time bombs.

You are exactly right on with my attitude about code protection regarding
user's leaving the company or sharing with friends.

Thanks for your two cents!

Regards,
Steve Doman

 

Dean,

I haven't had time to read all the information at dekart.com, but their
product looks like its exactly what I'm looking for. I'll give it a trial
run. Good tip. Thanks a billion!

Regards,
Steve Doman

www.dekart.com (very similar to BestCrypt).

creates a password protected Vitual disk. Unlike Bestcrypt however, the
container file can be accidently deleted when it is closed.

 

John,

I like your stealthy batch file idea. Very clever. Excellent tip.

Thanks!!!

Regards,
Steve Doman

 

Jaime,

Someone removed the parentheses keys from my keyboard! Egads, closet lisp
freaks are everywhere.

Thanks for the good point and the good laugh.

Regards,
Steve Doman

 

Nice try and thanks for the trip down memory lane...I was just telling a
coworker how we use to use DOS back in the old days, to customize the
keyboard function keys for osnaps.

Regards,
Steve Doman

 

Steve, I use a time bomb too as a fallback for at-home installations. Our
custom stuff won't load unless you're on the correct serial numbered copy of
Acad (getvar "_pkser") and either on our network (getenv "userdomain") or
else within the right time frame. I update the allowable-date file every 6
months and send fresh copies home with people. We also have a stern written
agreement they have to sign before taking home a copy of Acad.

 

There's several ways to do this, but here's one of my favorites.

If you have SpyBot Installed (A cool, free, spyware/adware remover)
<http://www.safer-networking.org/>

It comes with a feature called secure shredder...

Just drag the files into the App's window, and tell if how many shreds
to perform (default is 5)

Here's a quote from the help file...

"The secure shredder is a tool to get finally rid of files, without any
further possibilities of recovery.
Shredding is simple – drop some files from the explorer into the list
(or add some using the context menu of the list), select the number of
shreds, and click Chop it away.

Usage tracks that are in files will be shredded using this tool, too,
using 5 passes.

The first 5 shreds are using pre-defined bit pattern that should make
even hardware recovery impossible. Any further pass will use a random
bit pattern that is changing every few Bytes.
Please notice: one pass is not enough to shred a file, as the heads of
your hard disk won't hit the same track 100,00% of the time. There are
small differences of a few µm that will allow pros to reconstruct even
overwritten data. That is why multiple shreds are necessary, and why
different patterns should be used.

Warning: This tool is designed to remove files so they can not be
recovered again! If you use it, be aware of that!"

Enjoy!

BNZ

 

Thanks for the link Bonzo, I'll check it out.

 

Tom,

Excellent practice. I will implement your ideas about checking the version
and domain name.

Thanks again,
Steve Doman

 

Dean,

I tried the Private Disk Light the other day and it seems very promising.
Tonight I tried to download it's big brother, Private Disk, but their sever
isn't up. I'll try again later.

Could you please elaborate a little about accidentally deleting the
container file?

Thanks,
Steve Doman

www.dekart.com (very similar to BestCrypt).

creates a password protected Vitual disk. Unlike Bestcrypt however, the
container file can be accidently deleted when it is closed.