BreachExchange mailing list archives
Re: (article) "We recovered the laptop!" ... so what?
From: sawaba <sawaba () forced attrition org>
Date: Wed, 14 Feb 2007 21:22:25 -0500 (EST)
No, Vista will have no significant impact, for several reasons: 1. As mentioned somewhere down this thread, Vista's disk encryption option only comes with the more expensive versions of Vista. 2. Owners of this version are a much smaller percentage of total Vista owners. A small percentage of people that buy these versions will a) know it is there b) care that it is there, or c) know how to use it properly even if they do know about it and are interested in using it. 3. The people using disk encryption in Vista are likely to be doing it with their personal PCs. We're mostly interested in large entities and corporations using disk encryption to protect our sensitive, valuable data while in their care. These companies, if they are using disk encryption at all, are most likely to be using a commercial disk encryption product with enterprise deployment/management features. Bottom Line: Vista's new encryption features will most likely see the most use in the hands of the individual consumer, not the enterprise. Caveat: This is not to say that Vista's disk encryption features do not work! When and where they are PROPERLY used, they will be effective in protecting data from compromise. --Sawaba On Mon, 12 Feb 2007, Herve Roggero wrote:
Hi everyone This thead is very interesting. All techniques so far deal with reading data at a low level. Will Windows Vista prevent techniques such as Symantec Ghost? I understand that Vista performs bit-level encryption with its BitLocker technology. Thanks. Herve Roggero Managing Partner Pyn Logic LLC Visit www.pynlogic.com -----Original Message----- From: "Max Hozven" <mhozven () tealeaf com> To: "sawaba" <sawaba () forced attrition org>; "blitz" <blitz () strikenet kicks-ass net> Cc: dataloss () attrition org Sent: 2/12/07 1:27 AM Subject: Re: [Dataloss] (article) "We recovered the laptop!" ... so what? Or boot up on a Symantec Ghost boot disk, then blast the data over to a network drive or a connected USB drive. -Max -----Original Message----- From: dataloss-bounces () attrition org [mailto:dataloss-bounces () attrition org] On Behalf Of sawaba Sent: Sunday, February 11, 2007 9:09 PM To: blitz Cc: dataloss () attrition org Subject: Re: [Dataloss] (article) "We recovered the laptop!" ... so what? You don't even have to mess with mirroring it. You can create a Linux boot disk, specifically set up with scripts that search for juicy data, and then upload them to your server over Wi-Fi. On a fairly new laptop, you should have data (if there's any data to be had) within 30 minutes. You'll be done in an hour or two unless there is a huge amount of data you want to grab. And because you are mounting the Fat32 or NTFS volume read-only, no dates
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 148 million compromised records in 573 incidents over 7 years.
Current thread:
- Re: (article) "We recovered the laptop!" ... so what?, (continued)
- Message not available
- Re: (article) "We recovered the laptop!" ... so what? Adam Shostack (Feb 16)
- Re: (article) "We recovered the laptop!" ... so what? B.K. DeLong (Feb 16)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 16)
- Re: (article) "We recovered the laptop!" ... so what? Adam Shostack (Feb 17)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 19)
- Re: (article) "We recovered the laptop!" ... so what? Chris Walsh (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? security curmudgeon (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? Chris Walsh (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 14)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 14)