Can you keep a secret? This encrypted drive can...

2006-10-31 Thread Saqib Ali
.html -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Can you keep a secret? This encrypted drive can...

2006-11-02 Thread Saqib Ali
Well for one thing, any software based FDE is extremely slow, doubles the file access times, and is a serious drain on the laptop battery. See the URL below for a software based FDE benchmark/analysis: http://www.xml-dev.com/blog/index.php?action=viewtopicid=250 What if the encryption key for

Re: Can you keep a secret? This encrypted drive can...

2006-11-06 Thread Saqib Ali
I compile a lot of software on my laptop, and I *certainly notice* the difference between my office laptop (no encryption) and my travel laptop (with FDE). The laptops are exactly the same, with the same image loaded. The only difference is the FDE software that is installed on the travel laptop.

Re: Can you keep a secret? This encrypted drive can...

2006-11-07 Thread Saqib Ali
Hello Alexander, My guess is that slow compilation is a result of access time misconfiguration: if a filesystem has access time enabled, then each time a file is read, the file system updates access time on disk. A solution is to set noatime option on the filesystem used for compilation. This

NIST releases a security guide for managers

2006-11-14 Thread Saqib Ali
http://csrc.nist.gov/publications/nistpubs/800-100/sp800-100.pdf This guide is specifically written for top level security/info management (CSOs, CIOs etc). It addresses the requirements of various security policies and laws, such as Clinger-Cohen Act (CCA) and FISMA. -- Saqib Ali, CISSP, ISSAP

1 in 3 US residents are potential identity theft victim?

2006-12-17 Thread Saqib Ali
not really. however Privacy Rights Clearinghouse reports that 100,000,000 personal records have ended up in criminal hands since 2005. See: http://www.privacyrights.org/ar/chrondatabreaches.htm That does not mean 100 million people have become victims of identity theft. And there is no reason to

How important is FIPS 140-2 Level 1 cert?

2006-12-21 Thread Saqib Ali
Hello All, I would like to know how much weight people usually give to the FIPS 140-2 Level 1 certification. If two products have exactly same feature set, but one is FIPS 140-2 Level 1 certified but cost twice. Would you go for it, considering the Level 1 is the lowest. saqib

Re: How important is FIPS 140-2 Level 1 cert?

2006-12-22 Thread Saqib Ali
Assuming that the two products use Internet protocols (as compared to proprietary protocols): I don't understand this statement. What do you mean by internet protocol vs proprietary protocol??? And also we are looking at FDE solutions, so there are no internet protocols involved in that. no.

Fwd: [FDE] Largest Ever Single FDE implementation

2006-12-28 Thread Saqib Ali
-- Forwarded message -- From: Bryan Glancey [EMAIL PROTECTED] Date: Dec 27, 2006 7:47 AM For everyone on this list's interest. The US Government is currently conducting the largest single side-by-side comparison and competition for the selection of a Full Disk Encryption product.

Re: (Short) Intro and question

2007-01-08 Thread Saqib Ali
. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending

It's a Presidential Mandate, Feds use it. How come you are not using FDE?

2007-01-16 Thread Saqib Ali
An article on how to use freely available Full Disk Encryption (FDE) products to protect the secrecy of the data on your laptops. FDE solutions helps to prevent data leaks in case the laptop is stolen or goes missing. The article includes a brief intro, benefits, drawbacks, some tips, and a

Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?

2007-01-16 Thread Saqib Ali
the HDD once, and new credentials are created. -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?

2007-01-16 Thread Saqib Ali
Legal access is a special case -- what is the law (and practice) in any given country on forced access to keys? If memory serves, Mike Godwin Yup. Disk Crypto has a ugly side as well, as highlighted by the recent incident where FBI was unable to crack the encryption used by a pedophile and

Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?

2007-01-16 Thread Saqib Ali
Yes, encrypted disks aren't much good unless the OS also encrypts (at least) swap space. I note that OpenBSD ships with swap-space I think you are confusing Disk Encryption with Full Disk Encryption (FDE). They are two different beast. FDE encrypts the entire boot drive, including the OS,

Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?

2007-01-18 Thread Saqib Ali
source doesn't necessarily mean that the implementation is secure. When is the last time you checked the code for the open source app that you use, to make sure that it is written properly? saqib http://www.full-disk-encryption.net On 1/18/07, Allen [EMAIL PROTECTED] wrote: Saqib Ali wrote

Re: One Laptop per Child security

2007-02-07 Thread Saqib Ali
And here is the wired coverage of the BitFrost platform: http://www.wired.com/news/technology/0,72669-0.html?tw=wn_culture_1 From the article: But it should come as no surprise -- given how thoroughly the project has rewritten the conventions of what a laptop should be -- that the OLPC's

interesting and thought provoking resources on quantum crypto

2007-02-08 Thread Saqib Ali
i have been tasked by my advisor to create series of mini-lectures slides on the topic of cryptography for a freshman year CS class. each mini-lecture will be 10-12 mins and will be delivered towards the end of the class (so i will have to make them *very* interesting). There is be 12 sessions.

Re: quantum computer demonstrated, maybe.

2007-02-15 Thread Saqib Ali
is remotely accurate. http://www.sciam.com/article.cfm?chanID=sa001articleID=BD4EFAA8-E7F2-99DF-372B272D3E271363 -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe

An Extension of Weiner's Attack on RSA Encryption

2007-09-28 Thread Saqib Ali
This year's BT Young Scientist Award for Mathematics was awarded to a 19 year old in the field of cryptography. The project, entitled 'An Extension of Weiner's Attack on RSA Encryption' used complex mathematics to challenge the security of keys associated with encryption. Using cutting edge

Contested UK encryption disclosure law takes effect

2007-10-02 Thread Saqib Ali
Source: http://www.washingtonpost.com/wp-dyn/content/article/2007/10/01/AR2007100100511.html British law enforcement gained new powers on Monday to compel individuals and businesses to decrypt data wanted by authorities for investigations. .. Failure to comply could mean a prison sentence

Bid on a SnakeOil Crypto Algorithm Patent

2007-10-03 Thread Saqib Ali
http://www.freepatentauction.com/patent.php?nb=950 Snake Oil Keywords: 1) Breach-proof Encryption, 2) landmark invention in Cryptography and Information Security saqib http://security-basics.blogspot.com/ - The Cryptography