Phantom makes data invisible
- By Carlos A. Soto, John Breeden II
- Nov 01, 2002
If you want to hide data so that even supersleuths can't find it, check out a PC with Phantom Total Security software preinstalled.
Gianus Technologies Inc. describes the product as an operating system. It's available only through resellers that preinstall it on desktop or notebook PCs running Microsoft Windows 9x or XP'but on a drive partition independent of the OS.
The independent or private OS operates the same as standard Win9x or XP. Then, presto'when Phantom is initiated, the private OS and all its data disappear without a trace.
GCN Lab reviewers repeatedly tried and failed to break into the private OS from the public OS and the MS-DOS prompt. So we brought out a big gun'a $28,000 application called State Point Plus from Westinghouse Electric Co. It inspects and analyzes all software on a computer or network down to the bit level.
Westinghouse also sent a software engineer to help us test Phantom.
The hard-drive partition for the public OS had only 2G of storage. When we tried the MS-DOS FDISK command, our suspicion was confirmed: a second partition.
We assumed that the only way to access the private OS would be via some type of executable file in the public OS. Sure enough, State Point Plus revealed the presence of a small, 68K executable called G4R4 on the public partition. The executable rebooted the notebook to a command prompt, which asked us to enter two eight-digit passwords and a third 16-digit password.
If any error occurred in typing the eight-digit passwords, we were warned, the notebook would automatically reboot to the public OS. Any error in the 16-digit password would freeze the system until it was manually rebooted.
Gianus officials said the manual reboot is intended to stymie remote hackers.
The Westinghouse engineer returned to help us run more robust tests for Phantom, but State Point Plus again detected nothing about the hidden OS. We began wondering whether the second partition was just empty space. So we called Gianus and asked for passwords to initiate the second partition.
As we had previously discovered, the G4R4 file started the log-on. We entered the three passwords.
As soon as we got the passwords correct, a second OS appeared in a 2G partition with different programs and files. The c: drive with the public OS became the d: drive in the Phantom partition.
Gianus representatives are closemouthed about the mechanics of all this, which has made Phantom a controversial product. Some encryption vendors even call it a fraud. But State Point Plus gave us a few clues.
Phantom 'dematerializes' the hidden OS and its data into bits scattered over the entire hard drive. We knew that pieces must be dispersed across the whole drive because the G4R4 executable had to reside on the public partition in order to initiate the private partition.
Phantom Total Security could be a good bet for agencies that maintain the tightest possible security. Their users could encrypt secret data with 128-bit encryption software and then dematerialize it with Phantom.
The price depends on the size of the hard drive and its reseller. Estimates range from $200 to $300 per license.