[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Disk encryption and installing new versions of Fedora



Mr.Scrooge wrote:
--- Robin Laing <Robin Laing drdc-rddc gc ca> wrote:

Mr.Scrooge wrote:
--- Robin Laing <Robin Laing drdc-rddc gc ca> wrote:

Mike wrote:
Mike <mike.cloaked <at> gmail.com> writes:


I don't mean to suggest that encryption is not a worthwhile feature and several good points have
been made in its defense. However, sensitive information is just that and should be treated as
such. Encryption requires additional overhead and just because it's seamless to the user doesn't
mean it should be used for everything. If you deal with sensitive information that is worth
protecting then its an extra layer of security. That's all it is, an extra layer, too many people
are under the illusion that encryption is bullet proof. It's not, it can be broken and in fact i
would count on it. If it makes you sleep better then fine but keep in mind that if they want to
get around it they can. There are several freely available programs that will boot from a cd and
tell you the user name and password. They will just log in as the user and have full access
anyway. Harddrive encryption is a speed bump, useful as part of a good security plan but
ultimately, in my opinion, no more useful than any other security tool.

-Max


Good points but every bump is a bump. That is why I said that I believe in multiple layers.

Full disk encryption to make it harder for the "Boot of CD" crowd as they then have to enable the encryption and find the pass phrases.

Then user/directory/file encryption tools. Each one provides more road blocks to anybody trying to get to your data without your full permission. And with the recent court decision that it is unconstitutional to make someone provide their password (in the US) it becomes a better defense to random snooping.

I just want an easier way to start the security. Just as SELINUX is one level of system security.

--
Robin Laing


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]