Security Basics mailing list archives
RE: How to Test HDD Encryption
From: jfvanmeter () comcast net
Date: Tue, 13 Nov 2007 18:37:26 +0000
true, we can say the same for FDE, once the OS is mount, those file are all open. As for malware, virus and exploits O'my.... hopefully the workstation is patched, and running a current anti-virus, anti-spyware/malware scanner.... Ipatch management has to be part of the over all security picture, or your right it really doesn't matter... none of it FDE or File based encryption Personnel if I was going after file, I would do a little social engineering to again access to the workstation. "You can catch more flies with honey than with vinegar." Take Care and Have Fun --john -------------- Original message ---------------------- From: Eric White <ewhite () ssc wisc edu>
--- Begin Message --- From: Eric White <ewhite () ssc wisc edu>
Date: Tue, 13 Nov 2007 18:28:22 +0000
Hello, So under this scenario you're thinking about application or OS level exploits that would give the bad guys access to files that should be off limits, right? When I think about this situation, I wonder how much file based encryption truly helps. If the OS or an application can be exploited, it's possible malware will be installed as part of this exploit. If that malware captures the credentials needed to decrypt these files, then the attacker wins. If ACLs are incorrect or breached through less nefarious means, then yes, less sophisticated attackers are kept at bay by file level encryption, but does it really stop the pros? I worry that an attacker who has access to your machine or network while it's live would have the means to capture the credentials necessary for decryption. Thanks, Eric -- --------------------------------------------------------------- Eric White -----Original Message----- From: jfvanmeter () comcast net [mailto:jfvanmeter () comcast net] Sent: Tuesday, November 13, 2007 12:12 PM To: Eric White; infosecofficer () gmail com; security-basics () securityfocus com Subject: RE: How to Test HDD Encryption encrypting file can be based on the user's password or a certificate, this adds an addational layer of security after the OS is load. If I'm a malicous person that is trying to steal your files ..... I now have to get pass the FDE, ACLs on the file system, then the file based encryption. I believe like electrical current, malicous people take the path of less resistance, so if the target has extra security controls it would make there task harder. Again this is jusy my two shiny centavos, and somedays there not all that shiny. --John -------------- Original message ---------------------- From: Eric White <ewhite () ssc wisc edu>Attachment: smime.p7s
Description:
--- End Message ---
Current thread:
- RE: How to Test HDD Encryption, (continued)
- RE: How to Test HDD Encryption Deepak J. Mathew (Nov 13)
- Re: How to Test HDD Encryption Ali, Saqib (Nov 13)
- Re: How to Test HDD Encryption Alexander Klimov (Nov 13)
- Re: How to Test HDD Encryption jfvanmeter (Nov 13)
- RE: How to Test HDD Encryption Eric White (Nov 13)
- Re: RE: How to Test HDD Encryption anymouse (Nov 13)
- RE: RE: How to Test HDD Encryption Craig Wright (Nov 13)
- RE: How to Test HDD Encryption jfvanmeter (Nov 13)
- RE: How to Test HDD Encryption Eric White (Nov 13)
- Re: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)
- RE: How to Test HDD Encryption jfvanmeter (Nov 13)
- Re: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)
- RE: How to Test HDD Encryption Eric White (Nov 13)
- Re: RE: How to Test HDD Encryption jim . lehman (Nov 13)
- Re: RE: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)
- FDE and integrity of OS Was: How to Test HDD Encryption Alexander Klimov (Nov 14)
- Re: FDE and integrity of OS Was: How to Test HDD Encryption Mike Hale (Nov 14)
- RE: FDE and integrity of OS Was: How to Test HDD Encryption Craig Wright (Nov 14)
- Re: FDE and integrity of OS Was: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 14)
- Re: RE: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)
- RE: How to Test HDD Encryption Eric White (Nov 14)