Home page logo
/

basics logo Security Basics mailing list archives

Re: VA Loses another Hard Drive with data on 48,000 veterans
From: Anonymous () gmail com
Date: 6 Feb 2007 14:43:18 -0000

Yup.

But Full-Encryption would not be the solution.

If you wish to encrypt the OS files that are like 2GB or more and spend a lot of time in it. Full Encryption would 
solve. 

If you wish to waste your time and complexity in encrypting the data in the HDD, then Full-encryption would solve. 

Well okie, where does the code or software(other softwares like word docs etc) run once the disc is encrypted. To 
decrypt it, is the key stored in USB or somewhere written on a paper that is stuck to the laptop itself.

Are you planning on using MEMORY encryption that when software runs on memory also it is going to be encrypted.

Saqib, if that is the case. The complexity is exponential and the time at which you will be done booting up the system 
would be a month from now. Just exajurating, but it will take more time if you are going to encrypt Data on Disc and PE 
and everything that loads on memory. If that being the case, are you checking for Disassembler, debugger or decompiler. 
If that is also done, then are you checking if those guys are looking at your software that is running to check them 
and make use of vulnerability in that.

Think about those things. there is always 1 loop hole or the other if you are trying to add layers of protection when 
the model itself is bad. There is no use of adding layers of glue over a piece of block that is already fractured. It 
will still be weak no matter what.

Just take your time and think about it. There is no use in talking about the same point year after another and 
justifying your choice.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]