Mr.Scrooge wrote:
--- Robin Laing <Robin.Laing@xxxxxxxxxxxxxxx> wrote:
Mr.Scrooge wrote:
--- Robin Laing <Robin.Laing@xxxxxxxxxxxxxxx> wrote:
Mike wrote:
Mike <mike.cloaked <at> gmail.com> writes:
I don't mean to suggest that encryption is not a worthwhile feature and several good points have
been made in its defense. However, sensitive information is just that and should be treated as
such. Encryption requires additional overhead and just because it's seamless to the user doesn't
mean it should be used for everything. If you deal with sensitive information that is worth
protecting then its an extra layer of security. That's all it is, an extra layer, too many people
are under the illusion that encryption is bullet proof. It's not, it can be broken and in fact i
would count on it. If it makes you sleep better then fine but keep in mind that if they want to
get around it they can. There are several freely available programs that will boot from a cd and
tell you the user name and password. They will just log in as the user and have full access
anyway. Harddrive encryption is a speed bump, useful as part of a good security plan but
ultimately, in my opinion, no more useful than any other security tool.
-Max
Good points but every bump is a bump. That is why I said that I believe
in multiple layers.
Full disk encryption to make it harder for the "Boot of CD" crowd as
they then have to enable the encryption and find the pass phrases.
Then user/directory/file encryption tools. Each one provides more road
blocks to anybody trying to get to your data without your full
permission. And with the recent court decision that it is
unconstitutional to make someone provide their password (in the US) it
becomes a better defense to random snooping.
I just want an easier way to start the security. Just as SELINUX is one
level of system security.
--
Robin Laing
