> If data is encrypted with strong crypto, and that crypto's secret > key is not stored on the device, then that data can generally be > considered safe even if the device is stolen. > > In English, that means if the security depends on a strong password > the user must enter (and not on some magic the manufacturer has > "hidden" inside the device), the password-protected data is safe.
... Isn't that only partially true? I mean, if the encrypted data is stolen, isn't it reasonable to believe it can be cracked given enough time/cpu power? I was always told that no encryption is uncrackable given the right resources. What you buy with strong cryptography is an expected length of time before it's cracked. But, that may be just what I have been told. --Matt Ross Ephrata School District ----- Original Message ----- From: Ben Scott [mailto:[email protected]] To: NT System Admin Issues [mailto:[email protected]] Sent: Thu, 10 Feb 2011 09:17:29 -0800 Subject: Re: IPhone attack reveals passwords in six minutes > On Thu, Feb 10, 2011 at 12:10 PM, S Powell <[email protected]> wrote: > > Yep, big security issue, but if someone has physical control of your > > device, any device, you should always consider it compromised. > > If data is encrypted with strong crypto, and that crypto's secret > key is not stored on the device, then that data can generally be > considered safe even if the device is stolen. > > In English, that means if the security depends on a strong password > the user must enter (and not on some magic the manufacturer has > "hidden" inside the device), the password-protected data is safe. > > Note also "stolen". If someone can compromise the software and > *give it back to you*, so you then continue to use it, all bets are > off. > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
