Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: List of Full Disc Encryption products

From: "Eric Furman" <ericfurman () fastmail net>
Date: Wed, 05 Jul 2006 22:55:04 -0400
On Wed, 5 Jul 2006 09:04:34 -0700, "Saqib Ali" <docbook.xml () gmail com>
said:

With recent data thefts and government mandates, the importance of
full disc encryption is being realized. Encrypting individual files or
storing data in encrypted vaults does NOT meet the security
requirements anymore. Corporation and Government institution want the
whole HDD to be encrypted including the temporary files and swap


When are people going to stop learning the *wrong* lesson every time
some incident like this happens? The answer is *not* encryption.
Given physical access to a machine, even with full disk encryption,
I do not trust that the data cannot be retrieved somehow.
The real answer is sensitive data should not ever ever ever be on
a machine that is not fully physically secure all the time.
I'm tired of these nonsense disk encryption discussions.
Disk encryption is *not* mature technology, no matter what
some vendor might tell you. It puts your data at risk and gives
you a false sense of security.
If some disk encryption 'experts', disagree, then flame on.
I'll stick with physical security.
-- 
  Eric Furman
  ericfurman () fastmail net


---------------------------------------------------------------------------
This list is sponsored by: SensePost

Hacking, like any art, will take years of dedicated study and  
practice to master. We can't teach you to hack. But we can teach you  
what we've learned so far. Our courses are honest, real, technical  
and practical. SensePost willl be at Black Hat Vegas in July. To see  
what we're about, visit us at: 

http://www.sensepost.com/training.html
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: