Re: Laptop Encryption & Hibernation

["Kevin Snively" <kevinsnively () comcast net>]

The protection would (or should) be NTFS (as I mentioned). This would
require a password to access the system or even the hardrive by itself put
into another machine (now we wont even go into the fact that it would
blue-screen to Hades unless it was totally compatible with the original
computer). This is where I was saying (by inference) the two together were
an excellent beginning of a security policy (note my references to
documentation).

Btw I tend to agree with you on hibernation (and security and ease of use)
though it is our (some of us) jobs to find a medium we (2nd being the user)
can live with.
I tend to believe stand-by will suffice. On early laptops, far back as Win
95, Toshiba, in particular, had a utility which created these hibernation
files. They would often become corrupt -- which was annoying to the user.


----- Original Message ----- 
From: "GuidoZ" <uberguidoz () gmail com>
To: "Kevin Snively" <kevinsnively () comcast net>
Cc: "James McGee" <j.mcgee () syn-tec com>; "Security Basics[List]"
<security-basics () securityfocus com>
Sent: Wednesday, September 22, 2004 11:04 PM
Subject: Re: Laptop Encryption & Hibernation


Certainly a nice thought, Kevin, and a step in the right direction.
Unfortunately that wouldn't potect the system against theft, as the
HDD could just be removed. Usually the purpose of encryption is to
protect the data from prying eyes - regardless where those eyes may be
coming from.

Best of luck finding a solution. The only time I've ever had to deal
with something similar, hibernation was simply disabled. Security and
ease of use rarely go hand in hand. =)

--
Peace. ~G


On Tue, 21 Sep 2004 18:58:18 -0500, Kevin Snively
<kevinsnively () comcast net> wrote:
> How about something as simple as a bios password? Works for me.
>
> reguards,
> Kevin Snively
> The HelpDesk Inc ®
> 615-781-1922 (office)
> 615-582-0877 (Mobile)
>
> ----- Original Message -----
> From: "James McGee" <J.McGee () syn-tec com>
> To: "Security Basics[List]" <security-basics () securityfocus com>
> Sent: Sunday, September 19, 2004 10:28 AM
> Subject: Laptop Encryption & Hibernation
>
> Hi
>
> We are trying to find a centrally manageable solution that we can deploy
> to 2000 Laptop users.
>
> The majority of our users also make frequent use of the hibernation
> function within WinXP.
>
> The problem lies with the fact that we can't seem to get a hard drive
> encryption tool that will enable users to continue to use the
> hibernation function.
>
> We have 2 options that I can recommend; bin the hibernation
> functionality or use a file and folder level encryption product, neither
> of which are the ideal solution for the situation.
>
> I am sure we are not the first to come across this problem, so I was
> wondering how anyone else has overcome it.
>
> Apparently the people who make entire hard-drive encryption products are
> aware of the issue and are working with MS to get it sorted, but how
> long that will take is anyone's guess.
>
> Any help or advice is appreciated..
>
> Thanks
>
> JM


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.768 / Virus Database: 515 - Release Date: 9/22/04


---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------