RE: List of Full Disc Encryption products

["Steve Armstrong" <stevearmstrong () logicallysecure com>]

Bora

Like I pointed out earlier in this discussion, if you want to protect
you data at rest you must encrypt it.  If you want to protect the whole
disk then encrypt the whole disk.  However, if you need to protect the
some data while the system is running then you must use file/folder
encryption.  

Therefore, if you need to protect data when the system is running (ie
when using the internet but not when accessing a VPN to your internal
LAN) AND when the whole system is off (to protect against loss/theft)
then use file/folder encryption AND full disk encryption (FDE).

How you achieve this is your choise, either 3rd party FDE and MS
file/folder encryption or 3rd part for both.  

What it comes down to is simply assessing where you need to protect the
data and what the system is doing at the time.

Steve A

----------------------------
Check out our UK IT Security Forum www.logicallysecure.com/forum


-----Original Message-----
From: Bora Dal [mailto:boradal () gmail com] 
Sent: 07 July 2006 13:48
To: security-basics () securityfocus com
Subject: Re: List of Full Disc Encryption products

Hi all,

I have a some dark clouds related to the issue of partially encrypting
hard drives... Let say I am partially encrypting my drive; some folders
and files. When a encrypted file is opened, it is likely that it will be
copied to a temp folder. When I am done with it, the file will be left
there or hopefully deleted. This depends on the applicaition used to
open the file. If it is left there that is really a problem, unless I
specifiaclly find a way to encrypt all those temp areas used by my
applications. Even the application deletes the file that it is done
with, it is not wiped(meaning completeky deleted, overwritten from the
hard disk
surface) Does any of the partial encrypting solutions take care of this

If not partial encryption wont be any good and it will leave many
security openings. Swap files are also an issue. As we know basically if
the memory goes low, OSes have the tendency to write to swap files. Even
I set my swap to be cleared with restart, its just deleted from the
harddrive, can be restored fully/partially with the file recovery
solutions.

Does partial encryption solutions take cover these and all possible(lets
say known) issues. If not, I would automatically choose full drive
encryption. At least gives me the feeling that "all" is encrypted and
suprises(mentioned above) are mostly covered.

Regards,

Bora Dal, CISSP

------------------------------------------------------------------------
---
This list is sponsored by: SensePost

Hacking, like any art, will take years of dedicated study and practice
to master. We can't teach you to hack. But we can teach you what we've
learned so far. Our courses are honest, real, technical and practical.
SensePost willl be at Black Hat Vegas in July. To see what we're about,
visit us at: 

http://www.sensepost.com/training.html
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
This list is sponsored by: SensePost

Hacking, like any art, will take years of dedicated study and
practice to master. We can't teach you to hack. But we can teach you
what we've learned so far. Our courses are honest, real, technical
and practical. SensePost willl be at Black Hat Vegas in July. To see
what we're about, visit us at:

http://www.sensepost.com/training.html
---------------------------------------------------------------------------