06/10/30/HNseagateagain_1.html
--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Well for one thing, any software based FDE is extremely slow, doubles
the file access times, and is a serious drain on the laptop battery.
See the URL below for a software based FDE benchmark/analysis:
http://www.xml-dev.com/blog/index.php?action=viewtopic&id=250
What if the encryption key for th
I compile a lot of software on my laptop, and I *certainly notice* the
difference between my office laptop (no encryption) and my travel
laptop (with FDE). The laptops are exactly the same, with the same
image loaded. The only difference is the FDE software that is
installed on the travel laptop.
Hello Alexander,
My guess is that slow compilation is a result of access time
misconfiguration: if a filesystem has access time enabled, then each
time a file is read, the file system updates access time on disk. A
solution is to set noatime option on the filesystem used for
compilation.
This
http://csrc.nist.gov/publications/nistpubs/800-100/sp800-100.pdf
This guide is specifically written for top level security/info
management (CSOs, CIOs etc). It addresses the requirements of various
security policies and laws, such as Clinger-Cohen Act (CCA) and FISMA.
--
Saqib Ali, CISSP, ISSAP
not really. however Privacy Rights Clearinghouse reports that
100,000,000 personal records have ended up in criminal hands since
2005. See:
http://www.privacyrights.org/ar/chrondatabreaches.htm
That does not mean 100 million people have become victims of identity
theft. And there is no reason to
Hello All,
I would like to know how much weight people usually give to the FIPS
140-2 Level 1 certification.
If two products have exactly same feature set, but one is FIPS 140-2
Level 1 certified but cost twice. Would you go for it, considering the
Level 1 is the lowest.
saqib
http://www.full-d
Assuming that the two products use Internet protocols (as compared to
proprietary protocols):
I don't understand this statement. What do you mean by internet
protocol vs proprietary protocol???
And also we are looking at FDE solutions, so there are no internet
protocols involved in that.
no.
-- Forwarded message --
From: Bryan Glancey <[EMAIL PROTECTED]>
Date: Dec 27, 2006 7:47 AM
For everyone on this list's interest. The US Government is currently
conducting the largest single side-by-side comparison and competition
for the selection of a Full Disk Encryption product
ut
few understand that you have to work at it constantly.
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net
-- Forwarded message --
From: Scott S <[EMAIL PROTECTED]>
Date: Jan 9, 2007 11:17 AM
Subject: [FDE] Inside interview with Seagate on it's new FDE Drive
To: [EMAIL PROTECTED]
Here is an exclusive interview we conducted with Dan Good, Vice President
of marketing at Seagate, on the
An article on how to use freely available Full Disk Encryption (FDE)
products to protect the secrecy of the data on your laptops. FDE
solutions helps to prevent data leaks in case the laptop is stolen or
goes missing. The article includes a brief intro, benefits, drawbacks,
some tips, and a comple
then used to unlock the HDD "once", and
new credentials are created.
--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Legal access is a special case -- what is the law (and practice) in any
given country on forced access to keys? If memory serves, Mike Godwin
Yup. Disk Crypto has a ugly side as well, as highlighted by the recent
incident where FBI was unable to crack the encryption used by a
pedophile and murd
Yes, encrypted disks aren't much good unless the OS also encrypts
(at least) swap space. I note that OpenBSD ships with swap-space
I think you are confusing "Disk Encryption" with "Full Disk Encryption
(FDE)". They are two different beast.
FDE encrypts the "entire" boot drive, including the OS
On 1/16/07, Steven M. Bellovin <[EMAIL PROTECTED]> wrote:
I don't think that that distinction is either necessary or sufficient.
Dr. Bellovin,
I would like to invite you to try out a Free FDE product called
Compusec < http://www.ce-infosys.com/ >
After trying, please let me know if the distin
Since when did AES-128 become "snake-oil crypto"? How come I missed
that? Compusec uses AES-128 . And as far as I know AES is NOT
"snake-oil crypto"
Closed-source doesn't mean that it is "snake-oil". If that was the
case, the Microsoft's EFS, and Kerberos implementation would be "snake
oil" too.
ce
world. Being open source doesn't necessarily mean that the
implementation is secure.
When is the last time you checked the code for the open source app
that you "use", to make sure that it is written properly?
saqib
http://www.full-disk-encryption.net
On 1/18/07, Allen <
Alcatel-Lucent are planning to release a PCMCIA for mobile workers
that can be accessed by IT Management even if the laptop is turned of.
See more details and discussion at:
http://www.xml-dev.com/lurker/message/20070201.174735.f19eca6b.en.html
or
http://tinyurl.com/2gbxb8
The can encrypt the HD
And here is the wired coverage of the BitFrost platform:
http://www.wired.com/news/technology/0,72669-0.html?tw=wn_culture_1
From the article:
But it should come as no surprise -- given how thoroughly the project
has rewritten the conventions of what a laptop should be -- that the
OLPC's secur
i have been tasked by my advisor to create series of mini-lectures
slides on the topic of cryptography for a freshman year CS class. each
mini-lecture will be 10-12 mins and will be delivered towards the end
of the class (so i will have to make them *very* interesting). There
is be 12 sessions.
I
hould be available by the end of next year.
One wonders if the quote is remotely accurate.
http://www.sciam.com/article.cfm?chanID=sa001&articleID=BD4EFAA8-E7F2-99DF-372B272D3E271363
--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net
This is interesting:
http://www.cerias.purdue.edu/news_and_events/events/calendar/[EMAIL PROTECTED]
OR
http://tinyurl.com/2zko7n
Abstract
The problem of a mice traveling through a maze is well known. The maze can be
represented using a planar graph. We present a variant of the maze. We consider
This year's "BT Young Scientist Award for Mathematics" was awarded to a 19 year
old in the field of cryptography. The project, entitled 'An Extension of
Weiner's Attack on RSA Encryption' used complex mathematics to challenge the
security of keys associated with encryption. Using cutting edge ma
Source:
http://www.washingtonpost.com/wp-dyn/content/article/2007/10/01/AR2007100100511.html
British law enforcement gained new powers on Monday to compel individuals and
businesses to decrypt data wanted by authorities for investigations.
..
Failure to comply could mean a prison sentence of
http://www.freepatentauction.com/patent.php?nb=950
Snake Oil Keywords:
1) Breach-proof Encryption,
2) landmark invention in Cryptography and Information Security
saqib
http://security-basics.blogspot.com/
-
The Cryptography M
26 matches
Mail list logo
