On 3/5/07, Brad Lhotsky <[EMAIL PROTECTED]> wrote: > ... > Broad generalizations are the problem with Security these days. My > scientists will likely lose their jobs if they lose their laptops. ... > If the laptop is just an accessory, then sure, people will lose them > because they don't value them. When the laptop is the scientists > well-being, they tend to know where they are.
point taken. how about "most people" lose (read: theft) laptops more frequently than they lose keys. more than being an accessory, it's simply more difficult to protect a laptop than it is keys in your pocket. for the sake of example, a friend of mine had his laptop stolen right out of his hands by a stranger who grabbed it and ran. he cared for the laptop, but even keeping it with him (not left unattended in a vehicle, etc) wasn't sufficient in that case. encouraging users to "care" for the data they are stewards over is an interesting and varied problem. your example shows how effective this can be without any additional security or controls in place. "accountability scales better than enforcement". > This is why the OMB Mandate for FDE annoys me. It's a large, corporate > style office making assumptions about the operations of all it's highly > specialized divisions. Sure FDE would be great, but we're dealing with > a March 31st deadline to deploy an FDE solution that doesn't fit our > operation. > > Aint bureaucracy great?! that would be frustrating, no doubt. but is it the mandated process and tools which are causing the pain, or the concept itself? i'd be interested to hear how you feel after a laptop does get stolen, and the data is concealed by the new FDE in place. does one prevented loss make it worthwhile? a dozen? (do you really believe the perfect track record will continue indefinitely?) i certainly can't answer that, and agree that a dictatorial bureaucracy forcing the decision regardless of context is a bad way to approach the problem. but i still think there is merit to having one of the requisite authentication factors tied to an existing model (physical keys) that is familiar and less prone to theft or loss. best regards, [one last comment: i'm basing this observation on my experience and the experiences of those i know. i can list a number of friends/acquaintances who've had laptops and computers stolen. a fewer number who've lost hard drives or tapes. two who've lost wallets. and no one who's lost their keys. perhaps my experience is abnormal in this regard. i'd love to hear other experiences that are seemingly different from the norm, like yours above. perhaps they can hint at other ways users can improve their privacy.] _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
