Security Basics mailing list archives
RE: How to Test HDD Encryption
From: jfvanmeter () comcast net
Date: Tue, 13 Nov 2007 18:12:17 +0000
encrypting file can be based on the users password or a certificate, this adds an addational layer of security after the OS is load. If I'm a malicous person that is trying to steal your files ..... I now have to get pass the FDE, ACLs on the file system, then the file based encryption. I believe like electrical current, malicous people take the path of less resistance, so if the target has extra security controls it would make there task harder. Again this is jusy my two shiny centavos, and somedays there not all that shiny. --John -------------- Original message ---------------------- From: Eric White <ewhite () ssc wisc edu>
--- Begin Message --- From: Eric White <ewhite () ssc wisc edu>
Date: Tue, 13 Nov 2007 16:25:41 +0000
Hello, This may be a naïve question, but what sort of threats are defended by file-based encryption when used in the manner you suggest? Thanks, Eric -- --------------------------------------------------------------- Eric White -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of jfvanmeter () comcast net Sent: Tuesday, November 13, 2007 9:43 AM To: infosecofficer () gmail com; security-basics () securityfocus com Subject: Re: How to Test HDD Encryption Hello Samir, you should sign up to the Full Disk Encryption mail list @ http://www.xml-dev.com/mailman/listinfo/fde Here is my two shiny centavos on Full Disk Encryption, I believe it protects the data when its at rest, but once the OS is mounted then all bets are off because the OS is now handling access to any file. So you would need some type of file encryption software like PGP or EFS. If you don't use a pre-boot log on, if I have access to the laptop I could boot to an alternative OS, reset the administrators password, reboot, log in as the administrator and have full access to the files. Again this is just my two shiny centavos --John -------------- Original message ---------------------- From: infosecofficer () gmail comHi How can we ascertain that the encryption software we have selected is doing its jobs. A small test like removing the hdd of an encrypted laptop and attaching it as an external drive on another laptop shows the drive as unformatted. So far So Good.. But is there any tool available to demonstrate to the management that even the professionals cannot break in even if they lay their hands on the drive physically. I am basically trying to make a case to push for drive encryption in our organization. Please group suggest something..... Best Regards SamirAttachment: smime.p7s
Description:
--- End Message ---
Current thread:
- How to Test HDD Encryption infosecofficer (Nov 13)
- RE: How to Test HDD Encryption Deepak J. Mathew (Nov 13)
- Re: How to Test HDD Encryption Ali, Saqib (Nov 13)
- Re: How to Test HDD Encryption Alexander Klimov (Nov 13)
- <Possible follow-ups>
- Re: How to Test HDD Encryption jfvanmeter (Nov 13)
- RE: How to Test HDD Encryption Eric White (Nov 13)
- Re: RE: How to Test HDD Encryption anymouse (Nov 13)
- RE: RE: How to Test HDD Encryption Craig Wright (Nov 13)
- RE: How to Test HDD Encryption jfvanmeter (Nov 13)
- RE: How to Test HDD Encryption Eric White (Nov 13)
- Re: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)
- RE: How to Test HDD Encryption jfvanmeter (Nov 13)
- Re: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)
- RE: How to Test HDD Encryption Eric White (Nov 13)
- Re: RE: How to Test HDD Encryption jim . lehman (Nov 13)
- Re: RE: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)
- FDE and integrity of OS Was: How to Test HDD Encryption Alexander Klimov (Nov 14)
- Re: FDE and integrity of OS Was: How to Test HDD Encryption Mike Hale (Nov 14)
- RE: FDE and integrity of OS Was: How to Test HDD Encryption Craig Wright (Nov 14)
- Re: RE: How to Test HDD Encryption Ansgar -59cobalt- Wiechers (Nov 13)