funsec mailing list archives
Re: [privacy] Red Cross Laptop with Donor Information Stolen
From: Peter Kosinar <goober () nuf ksp sk>
Date: Sun, 2 Jul 2006 02:31:25 +0200 (CEST)
Do you still have to declare the loss of the data even if it was encrypted ?
Yes. Or rather -- yes, that would be preferred, methinks. - ferg
Agreed. First, without knowing anything about the "encryption" used, one cannot make any assumptions about the actual "security" (secrecy in particular) of the data. After all, a shift cipher (a variation on the Caesar theme) is a form of encryption, just a bit unsafe for data of substantial size [*] Second, if I encrypt a critical file on my machine and then leave the decryption key lying right in the same directory, does it still classify as encryption? Yes, it does... yet the provided security is next-to-none. Third, the "encryption" itself might be secure, yet it might be used in insecure fashion -- like, leaving temporary copies lying all around the disk. Moreover, it happens more often than not that a determined individual (attacker / forensic analyst) can find -very- interesting pieces of information in the unused portions of the filesystem. So, the answer should be "YES, OF COURSE!"; and if it is not, something is definitely wrong... and it'll only get worse. Peter [*] Well, it IS absolutely secure for data one character long :-) -- [Name] Peter Kosinar [Quote] 2B | ~2B = exp(i*PI) [ICQ] 134813278 _______________________________________________ privacy mailing list privacy () whitestar linuxbox org http://www.whitestar.linuxbox.org/mailman/listinfo/privacy
Current thread:
- [privacy] Red Cross Laptop with Donor Information Stolen Fergie (Jul 01)
- Re: [privacy] Red Cross Laptop with Donor Information Stolen Ahmad Elkhatib (Jul 01)
- <Possible follow-ups>
- Re: [privacy] Red Cross Laptop with Donor Information Stolen Fergie (Jul 01)
- Re: [privacy] Red Cross Laptop with Donor Information Stolen Peter Kosinar (Jul 01)
- Re: [privacy] Red Cross Laptop with Donor Information Stolen Fergie (Jul 01)