Re: How to Test HDD Encryption

[jfvanmeter () comcast net]

True,  on a correctly acl'ed systems
I've seen acls on file systems that gave full user access from root down, and windows systems that everyone had full 
rights too. I would rather protect my clients NPPI/PII/PCI information with file encrytion.

Just my two shiny centavos, and some days there not all that shiny --John

 -------------- Original message ----------------------
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
> On 2007-11-13 jfvanmeter () comcast net wrote:
> > true, we can say the same for FDE, once the OS is mount, those file are
> > all open. 
>
> So? Once the OS is running the kernel will enforce access controls to
> all files and folders, thus maintaining its own integrity as well as the
> confidentiality of the data. FDE will ensure the operating system's
> integrity and the confidentiality of all files on the system while the
> OS is not running and thus cannot enforce anything.
>
> Regards
> Ansgar Wiechers
> -- 
> "All vulnerabilities deserve a public fear period prior to patches
> becoming available."
> --Jason Coombs on Bugtraq