Steven M. Bellovin wrote:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126869&intsrc=hm_ts_head
I wonder if the 40+ breach-disclosure laws in US will now have to be updated to reflect that if data is breached on a "live" system using an encrypted-drive, one must still make the breach disclosure. The CEO of Heartland Payment Systems, however, will no longer be fooled by the salve that FDE drives promise; he's calling for end-to-end encryption, a control which he - and readers of this forum - know, the FDE drives cannot provide: http://www.snl.com/irweblinkx/file.aspx?IID=4094417&FID=7249269 Arshad Noor StrongAuth, Inc. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
