Security Basics mailing list archives

RE: How to Test HDD Encryption

From: Eric White <ewhite () ssc wisc edu>
Date: Tue, 13 Nov 2007 10:25:16 -0600

Hello,

This may be a naïve question, but what sort of threats are defended by
file-based encryption when used in the manner you suggest?

Thanks,

Eric


--
---------------------------------------------------------------
Eric White                           


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of jfvanmeter () comcast net
Sent: Tuesday, November 13, 2007 9:43 AM
To: infosecofficer () gmail com; security-basics () securityfocus com
Subject: Re: How to Test HDD Encryption

Hello Samir, you should sign up to the Full Disk Encryption  mail list @
http://www.xml-dev.com/mailman/listinfo/fde

Here is my two shiny centavos on Full Disk Encryption, 

I believe it protects the data when its at rest, but once the OS is mounted
then all bets are off because the OS is now handling access to any file. So
you would need some type of file encryption software like PGP or EFS.

If you don't use a pre-boot log on, if I have access to the laptop  I could
boot to an alternative OS, reset the administrators password, reboot, log in
as the administrator and have full access to the files. 

Again this is just my two shiny centavos --John

 -------------- Original message ----------------------
From: infosecofficer () gmail com

Hi

 

How can we ascertain that the encryption software we have selected is 
doing its jobs.

A small test like removing the hdd of an encrypted laptop and 
attaching it as an external drive on another laptop shows the drive as 
unformatted. So far So Good..

 

But is there any tool available to demonstrate to the management that 
even the professionals cannot break in even if they lay their hands on 
the drive physically.

 

I am basically trying to make a case to push for drive encryption in 
our organization.

 

Please group suggest something.....

 

 

Best Regards

 

Samir

Attachment: smime.p7s
Description:

Current thread:

How to Test HDD Encryption infosecofficer (Nov 13)
- RE: How to Test HDD Encryption Deepak J. Mathew (Nov 13)
- Re: How to Test HDD Encryption Ali, Saqib (Nov 13)
- Re: How to Test HDD Encryption Alexander Klimov (Nov 13)
- <Possible follow-ups>
- Re: How to Test HDD Encryption jfvanmeter (Nov 13)
  - RE: How to Test HDD Encryption Eric White (Nov 13)
- Re: RE: How to Test HDD Encryption anymouse (Nov 13)
  - RE: RE: How to Test HDD Encryption Craig Wright (Nov 13)
- RE: How to Test HDD Encryption jfvanmeter (Nov 13)
  - RE: How to Test HDD Encryption Eric White (Nov 13)
  - Re: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)
- RE: How to Test HDD Encryption jfvanmeter (Nov 13)
  - Re: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)
  - RE: How to Test HDD Encryption Eric White (Nov 13)
- Re: RE: How to Test HDD Encryption jim . lehman (Nov 13)
  - Re: RE: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)

(Thread continues...)