BreachExchange mailing list archives
Re: TJX breach shows that encryption can be foiled
From: "Adrian Sanabria" <adrian.sanabria () gmail com>
Date: Mon, 2 Apr 2007 23:58:53 -0400
So frustrating, getting little bits of technical info at a time. It is even common for people to refer to something password protected as "encrypted". Just the phrase "decryption tool" is a big clue. Clue to what, I don't know, but most encryption I've worked with would never lead me to use that phrase. Can anyone think of a specific product that would refer to? The only thing I can think of is the decryption tool (usually put on a bootable floppy or cd) Helpdesk and Security use to decrypt most enterprise full disk encryption. --Sawaba On 4/2/07, Chris Walsh <cwalsh () cwalsh org> wrote:
On Apr 2, 2007, at 2:44 PM, Casey, Troy # Atlanta wrote: > It should make for a short list of suspects, assuming TJX was doing a > reasonable job of key management... That (reasonable key management) is a critical assumption. I'd be interested in learning what algorithm (and implementation thereof) they were using, as well. Not holding my breath on that info :^) cw _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 203 million compromised records in 609 incidents over 7 years.
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 203 million compromised records in 609 incidents over 7 years.
Current thread:
- TJX breach shows that encryption can be foiled lyger (Apr 01)
- Re: TJX breach shows that encryption can be foiled B.K. DeLong (Apr 02)
- Re: TJX breach shows that encryption can be foiled Casey, Troy # Atlanta (Apr 02)
- Re: TJX breach shows that encryption can be foiled Chris Walsh (Apr 02)
- Re: TJX breach shows that encryption can be foiled Adrian Sanabria (Apr 02)
- Re: TJX breach shows that encryption can be foiled Avery Sawaba (Apr 03)
- Re: TJX breach shows that encryption can be foiled DAIL, ANDY (Apr 03)
- Re: TJX breach shows that encryption can be foiled Sean Steele (Apr 03)
- Re: TJX breach shows that encryption can be foiled DAIL, ANDY (Apr 03)
- Re: TJX breach shows that encryption can be foiled B.K. DeLong (Apr 03)
- Re: TJX breach shows that encryption can be foiled James Childers (Apr 03)
- Re: TJX breach shows that encryption can be foiled Sean Steele (Apr 03)
- Re: TJX breach shows that encryption can be foiled Casey, Troy # Atlanta (Apr 02)
- Re: TJX breach shows that encryption can be foiled B.K. DeLong (Apr 02)
- <Possible follow-ups>
- Re: TJX breach shows that encryption can be foiled Dissent (Apr 03)
- Re: TJX breach shows that encryption can be foiled Chris Walsh (Apr 03)
- Re: TJX breach shows that encryption can be foiled Donald Aplin (Apr 03)