BreachExchange mailing list archives
Re: (article) "We recovered the laptop!" ... so what?
From: sawaba <sawaba () forced attrition org>
Date: Wed, 14 Feb 2007 21:40:16 -0500 (EST)
I disagree. If they encrypted the data correctly, they know very well if it is secure or not. There are specific encryption algorithms and associated key lengths considered suitable for disk encryption. The most commonly accepted is AES with a 256-bit key. It is chosen as such, because as of yet, no flaw has been found in AES, and a 256-bit key could not be brute-forced in any feasible time frame with current technology. In other words, when you finally brute force it 10 or 15 years from now, the credit card numbers and SSNs will be useless anyway. --Sawaba On Mon, 12 Feb 2007, blitz wrote:
Ok, so youve got a copy of an encrypted disk to crack at your leisure. The data is still compromised and in someone elses hands, and they have no idea if its secure or not. That still counts as a loss in my book. At 08:54 2/12/2007, you wrote:Hi everyone This thead is very interesting. All techniques so far deal with reading data at a low level. Will Windows Vista prevent techniques such as Symantec Ghost? I understand that Vista performs bit-level encryption with its BitLocker technology. Thanks. Herve Roggero Managing Partner Pyn Logic LLC Visit www.pynlogic.com
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 148 million compromised records in 573 incidents over 7 years.
Current thread:
- Re: (article) "We recovered the laptop!" ... so what?, (continued)
- Re: (article) "We recovered the laptop!" ... so what? Adam Shostack (Feb 13)
- Message not available
- Re: (article) "We recovered the laptop!" ... so what? Adam Shostack (Feb 16)
- Re: (article) "We recovered the laptop!" ... so what? B.K. DeLong (Feb 16)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 16)
- Re: (article) "We recovered the laptop!" ... so what? Adam Shostack (Feb 17)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 19)
- Re: (article) "We recovered the laptop!" ... so what? Chris Walsh (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? security curmudgeon (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? Chris Walsh (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 14)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 14)