I am curious - how do you arrange for key entry in a server? Does the
operator enter it from the console on each boot? Doesn't that make
"lights
out" operation difficult? I wouldn't like to give up the ability of
machines to reboot unattended. If it is stored somewhere on the
computer,
don't you still have the problem that possesion of the hardware
implies
access to the data?
This is always a problem. You may recall that many SSL web servers in
the early days stored their private keys encrypted. They required that
operators type passwords on boot. Some Linux distributions require
that a password be typed on boot if you are using an encrypted
partition. I have seen physical devices attached to keyboards that
have the passwords in them. I have also seen the key provided over a
network connection.
Anyway, how often do used drives have cash value greater than the cost
differential of regular and FDE drives? Wouldn't it be more
efficient to
just destroy used drives if you can't erase the contents?
Economics are not always aligned that way. Jane hires Jill to destroy
the drives. Jill takes the cash but then sells the drives for extra
profit. Or perhaps somebody decides to donate the computers because
it would be a waste to destroy them when poor kids don't have high
technology.
Daniel Feenberg
_______________________________________________
FDE mailing list
FDE@www.xml-dev.com
http://www.xml-dev.com/mailman/listinfo/fde
_______________________________________________
FDE mailing list
FDE@www.xml-dev.com
http://www.xml-dev.com/mailman/listinfo/fde