Security Basics mailing list archives
Re: Why isn't full disk encryption from manufactures a slam dunk?
From: James Fryman <james () frymanet com>
Date: Thu, 13 Sep 2007 07:56:51 -0500
dan () recyclepcs com wrote:
This would seem to be a security no brainer. What are its limitations?
To add on what has already been pointed out - Crypto changes. Today, <insert favorite strength of AES> or whatever flavor of crypto you use is practically secure for the necessary lifetime or duration of the data being protected. That could change tomorrow, and lock-in from the particular vendor on the type of crypto in hardware is going to prevent upgrades if the algorithm is found with a flaw, or brute-force attacks increase with such vigor as to find a way around the cryptography. (read: quantum computing). It is a long shot, but needs to be considered in the scope of the risk assessment for choosing a hardware or software based FDE solution. My $0.02 in the pot. Hope you find the answers you are looking for. -James -- ------------- James Fryman
Current thread:
- Why isn't full disk encryption from manufactures a slam dunk? dan (Sep 12)
- Re: Why isn't full disk encryption from manufactures a slam dunk? gjgowey (Sep 12)
- Re: Why isn't full disk encryption from manufactures a slam dunk? Kurt Buff (Sep 12)
- Re: Why isn't full disk encryption from manufactures a slam dunk? James Fryman (Sep 13)
- Re: Why isn't full disk encryption from manufactures a slam dunk? Nick Owen (Sep 14)
- Re: Why isn't full disk encryption from manufactures a slam dunk? Daniel Anderson (Sep 18)
- Re: Why isn't full disk encryption from manufactures a slam dunk? Michael Painter (Sep 18)
- <Possible follow-ups>
- FW: Why isn't full disk encryption from manufactures a slam dunk? Craig Wright (Sep 13)
- Re: Why isn't full disk encryption from manufactures a slam dunk? zenmasterbob123 (Sep 13)
- Re: Re: Why isn't full disk encryption from manufactures a slam dunk? empfour (Sep 18)
- Re: Re: Why isn't full disk encryption from manufactures a slam dunk? Daniel Anderson (Sep 19)
- Re: Re: Re: Why isn't full disk encryption from manufactures a slam dunk? empfour (Sep 20)
- Re: Re: Re: Why isn't full disk encryption from manufactures aslam dunk? gjgowey (Sep 20)
- Re: Re: Re: Why isn't full disk encryption from manufactures aslam dunk? ganesh mahadevan (Sep 28)
- Re: Re: Re: Why isn't full disk encryption from manufactures aslam dunk? gjgowey (Sep 20)
(Thread continues...)