fringe: Schneier slams BitArmor guarantee

[security curmudgeon <jericho () attrition org>]

[The advertising by BitArmor seems aimed at companies wishing to avoid
  dataloss incidents. -jericho]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.vnunet.com/vnunet/news/2236665/schneier-slams-bitarmor

By Iain Thomson in San Francisco
vnunet.com
17 Feb 2009

Security guru Bruce Schneier has called a money-back guarantee by 
encryption vendor BitArmor a "gimmick".

In January BitArmor announced a "No-Breach Guarantee" on its DataControl 
data encryption package. If users purchased a three-year contract, 
platinum-level support, and maintained updates within 90 days of their 
release and still suffered a data breach then they could claim their money 
back from the company.

However, an examination of the fine print also revealed that the user 
would have to publically acknowledge their data breach and the refund 
would only be on the package itself, and that payout would be pro-rated 
against the length of the contract.

Schneier commented on the offer in his monthly Crypto-gram newsletter as 
he had been referenced by the company as a supporter of such an idea. 
However, he was less than pleased with this and issued a rebuttal.

"Bottom line: PR gimmick, nothing more," he wrote.

[...]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently 
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss