This one time, at band camp, Martin Visser wrote: > I tend to think that such devices are probably more "security theatre" > as Bruce said it in his keynote, as it is hard to do reliably. If you > allow users adhoc access to mail or web browsers, while you can catch > sequences of numbers like 1234 if you are watching for credit card > numbers, are you watching for one two three four, onetwothreefour, > eentweedrievier and I,II,III,IV as well? This is simple encryption > that people can easily detect, but with modest obfuscation are > possibly hard for automated systems to correctly detect. In order to > effectively limit data leakage I think you need :-
Indeed, and I bet these places still have active USB ports on their PCs. To resolve this problem reliably takes a real systematic approach. But the snake oil vendors push security as product, not process. I would think that some kind of watermarking would be a better approach, so that each version of a sensitive file is striped in some way on checkout, so at least you can track who circulated the file. Of course watermarking can be defeated. Then again, the "dodgy dossier" used to justify the Iraq war by the British government still had tracked changes accesible, showing the changes to the official intelligence made by Blair's spin doctor. -- Rev Simon Rumble <[EMAIL PROTECTED]> www.rumble.net The Tourist Engineer Geeks need vacations too. http://engineer.openguides.org/ In politics, what begins in fear usually ends in folly. - Samuel Taylor Coleridge -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
