Security Basics mailing list archives
Re: Re: Why isn't full disk encryption from manufactures a slam dunk?
From: "Daniel Anderson" <dtndan () gmail com>
Date: Wed, 19 Sep 2007 11:15:35 -0500
On 18 Sep 2007 05:49:25 -0000, empfour () hotmail com <empfour () hotmail com> wrote:
If you were to have, for example, your laptop stolen, you would feel fairly confident that any information in it protected by your full disk encryption solution (if using a strong password and/or two-tiered authentication), but you would still change your account passwords and inform the effected people all the same just to be safe.
I think part of your answer will make for an interesting conversation... "inform the effected people all the same just to be safe" Is this because you do not trust the encryption? If you transmitted this same information over an encrypted VPN across the Internet do you also inform the "effected people"? What about an encrypted wireless LAN? Unencrypted across an internal corporate LAN? I guess my thought is - If you are using a good crypto algorithm, handling your keys properly, etc then there are really no "effected people" from this theft. What would your notification to them say? "Some time in the next x# of years a major government may be able to decrypt and read the data on the harddrive that was stolen." I'm not sure that is useful. I think if a major government wanted my personal (or corporate) information there are much easier ways to get it. I can understand to some degree why the government does not generally allow encryption as a destruction method for classified materials, but that is national security information where presumably release would cause damage (of varying degrees) to national security. (Even then, you can still transmit classified over RF if it is properly encrypted, and nothing is stopping this from being captured) Thoughts? Dan
Current thread:
- Why isn't full disk encryption from manufactures a slam dunk? dan (Sep 12)
- Re: Why isn't full disk encryption from manufactures a slam dunk? gjgowey (Sep 12)
- Re: Why isn't full disk encryption from manufactures a slam dunk? Kurt Buff (Sep 12)
- Re: Why isn't full disk encryption from manufactures a slam dunk? James Fryman (Sep 13)
- Re: Why isn't full disk encryption from manufactures a slam dunk? Nick Owen (Sep 14)
- Re: Why isn't full disk encryption from manufactures a slam dunk? Daniel Anderson (Sep 18)
- Re: Why isn't full disk encryption from manufactures a slam dunk? Michael Painter (Sep 18)
- <Possible follow-ups>
- FW: Why isn't full disk encryption from manufactures a slam dunk? Craig Wright (Sep 13)
- Re: Why isn't full disk encryption from manufactures a slam dunk? zenmasterbob123 (Sep 13)
- Re: Re: Why isn't full disk encryption from manufactures a slam dunk? empfour (Sep 18)
- Re: Re: Why isn't full disk encryption from manufactures a slam dunk? Daniel Anderson (Sep 19)
- Re: Re: Re: Why isn't full disk encryption from manufactures a slam dunk? empfour (Sep 20)
- Re: Re: Re: Why isn't full disk encryption from manufactures aslam dunk? gjgowey (Sep 20)
- Re: Re: Re: Why isn't full disk encryption from manufactures aslam dunk? ganesh mahadevan (Sep 28)
- Re: Re: Re: Why isn't full disk encryption from manufactures aslam dunk? gjgowey (Sep 28)
- Re: Re: Re: Why isn't full disk encryption from manufactures aslam dunk? gjgowey (Sep 20)