On Jul 6, 2014, at 9:21 AM, Richard Damon <rich...@damon-family.org> wrote:
> On 5/21/14, 12:42 PM, Nagy László Zsolt wrote: >> I need to create an application for Windows 7 that runs from a flash >> drive. This program would be used to create remote backups of the >> pendrive. The pendrive contains sensitive data, so when I plug in the >> pendrive and run the program to make a backup, it should not leave any >> trace of operation on the windows system. The information is so >> sensitive that I was forbidden to use cloud storage. I was also >> forbidden to make backups to a local drive, or leave any trace on the >> host windows system. >> >> The question is this: if I create this program with Python 3.4 and >> cx_Freeze, then what should I expect. When the user starts the >> cx_freeze-d program from the flash drive, will it create temporary files >> on the system drive? Will it leave log files or store any permanent or >> temporary data on the system drive (maybe in the user's tmp folder) that >> can later be used to tell what drive was mounted, with what parameters >> the program was started etc. >> >> Thanks >> > > I am not sure about what temp files python might leave around, but if you are > being ultimately paranoid about this, one risk that will be present is the > possibility of leaving traces of data in the swap file. If the program > doesn't specifically prohibit it, anything that is brought into memory (and > the act of reading the pendrive will do this) might end up in the swap file. > > I can't imagine python having a run time option to force it to disable the > swap file. > > If the data is as sensitive as they seem to want to treat it, perhaps you > should follow the procedures of classified computing, which says that any > storage medium "exposed" to classified computing becomes classified. This > would say that you would use a dedicated machine to do these backups, and > after doing them, you remove the hard disk from the machine and lock it up, > only to be taken out for later backups. This level of paranoia says you don't > need to be as concerned about figuring out what traces might be left, you > assume they are and lock them up. > — Furthermore, I don’t know about Windows, but on many UNIX-like OSs, the file system preserves the time the file was last accessed. If the goal is truly to leave no traces of the fact that the a group of files was backed up, this pretty well would be a red flag that they had been. -Bill -- https://mail.python.org/mailman/listinfo/python-list