My understanding is that there are several standard ways of attacking drive encryption:
* Asking the suspect for the encryption key * Threatening the suspect to get the encryption key * Brute forcing the passphrase using other information around * Looking for the key in memory But if you use strong passphrases and your users are torture-proof, they're probably on a pretty good footings. On Mar 25, 2008, at 12:31 PM, Owens Bernard B wrote: > > The nexus between the referenced article and this list seems to be > when > Detective Sergeant Geoff Conway is quoted: "Encryption and passwords > hold no fear for us. If there is something on a computer, we will find > it." > > That's news to me. The agency I work for is positively manic (and > rightly so) to make sure that any computer that leaves our controlled > space is fully encrypted. I think my management would be unpleasantly > surprised to learn that our encryption can be easily swept aside by DS > Geoff of Merseyside. > > In all seriousness, do such articles have any impact? Do vendors on > this list commonly encounter people who are convinced that no FDE > scheme > is proof against even reasonably smart and resource-rich attacks? > > I don't sell FDE products; I just use and administer them every > day. My > users understand the need for FDE and accept the minor inconveniences > involved as long as they have faith that it works. If my users were > to > read something like this and believe it, they'd get really irritated > at > me for making them type yet another apparently unnecessary password > before they begin work each morning. > > Any thoughts? > > Bernard Owens > Computer Specialist > USTreas/IRS > > > > > _______________________________________________ > FDE mailing list > [email protected] > http://www.xml-dev.com/mailman/listinfo/fde > _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
