Home page logo
/

basics logo Security Basics mailing list archives

Re: How to Test HDD Encryption
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 13 Nov 2007 20:14:59 +0100

On 2007-11-13 jfvanmeter () comcast net wrote:
encrypting file can be based on the user's password or a certificate,
this adds an addational layer of security after the OS is load.

No, it doesn't. If your OS can enforce access controls for certificates
it can enforce access controls for files and folders just as well so you
wouldn't need encryption in the first place. Plus, if your OS isn't
encrypted while the computer is not running an attacker could tamper
with it by booting from some other medium. That way he could install
e.g. a keylogger, which would make passwords for encrypted files utterly
pointless.

So all in all file-level encryption does *not* add to the system's
security, but only to the system's complexity. And on top of that it
doesn't even protect you from attack vectors that FDE (or partition
encryption) will very well protect you from.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]