Security Basics mailing list archives

RE: Transporting source code securely

From: "Robinson, Sonja" <SRobinson () HIPUSA com>
Date: Wed, 24 Aug 2005 10:03:35 -0400

Secure Mail.  They can pick it up from anywhere via a Secure SSL web
site, securftp web site, etc... OR encrypted devices that are
profile/user driven, such as disk net reflex pro and a host of others. 


Sonja L. Robinson, CISSP, CIFI, CISA, CISM
Forensic Specialist, Digital Investigations
HIP Information Security Group
Tel: 212-806-4125
srobinson () hipusa com
 

-----Original Message-----
From: Bill Stout [mailto:bill.stout () greenborder com] 
Sent: Wednesday, August 17, 2005 5:40 PM
To: security-basics () lists securityfocus com
Subject: Transporting source code securely

Our developers occasionally debug at customers sites, and need to bring
about a Gig of proprietary source code with them.   

I'd like to secure the media they take with them in case they lose it.

I don't want to add software to the debugged machine in order to access
and decrypt the media they bring.  Both PGP and WinZip require software
to be loaded, although PGP acts like a disk, WinZip requires extraction
to use encrypted files (not usable).

I'm also skeptical of the portable biometric drives.  It appears that if
the drive were removed, it could be read in cleartext.

What is used out there to transport source code securely?

Bill Stout

Current thread:

Transporting source code securely Bill Stout (Aug 22)
- RE: Transporting source code securely Adam J. Rosen (Aug 23)
  - RE: Transporting source code securely evb (Aug 24)
- RE: Transporting source code securely Carl Davis (Aug 23)
- Re: Transporting source code securely Alexander Klimov (Aug 23)
- <Possible follow-ups>
- RE: Transporting source code securely Meidinger Christopher (Aug 23)
- RE: Transporting source code securely Robinson, Sonja (Aug 24)