Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Whole disk encryption

from [Galin, Matt (THIP, Corp)] Network Security [Permanent Link]
Subject: RE: Whole disk encryption
Date: Thu, 31 Aug 2006 07:37:18 -0400 
Forensically speaking, full disk encryption is the only way to address
all aspects of data remnants.  Stuff sits in the page file, this isn't
encrypted.  Temp files usually are all over the place, unless directory
structure ACL's are very strict.. One can use the workstation security
templates for high security and lock down the directories, but there are
still writable locations on the disk that users can save stuff to.
Unless all you do is use MS office, folder redirection isn't going to do
you much good.  These strict ACL's break many applications, especially
all the home grown ones, and the older junk that's in all of our
corporate environments.  Volume encryption, such as EFS, TrueCrypt is
MORE secure than nothing, but do you really trust your users, and would
you be willing to put your job on the line when your CIO walks in and
says, we had a laptop stolen, do we have to disclose this to the public?
Full disk encryption has it's problems, most of the larger company's
products like PointSec, Safeboot and Utimaco have methods for
administrative/support logins and key escrow/recovery. They all have
methods to deal with supporting software deployments, i.e. scripting a
number of automatic logins without requiring pre-boot authentication.
All of them have support for SSO, and tokens etc.    Only large problems
relate to multi-boot configurations, lilo, hidden partition backup
solutions etc, as these solutions shim the Master Boot Record or
Partition Boot record..  


-----Original Message-----
From: matthew patton [mailto:pattonme@yahoo.com] 
Sent: Tuesday, August 29, 2006 11:23 AM
To: focus-ms@securityfocus.com
Subject: Re: Whole disk encryption

I am not arguing against whole-disk, but why would you hand a user a
computer/laptop that allows them to write ANYWHERE but in one directory,
their homedir?

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com 

------------------------------------------------------------------------
---
------------------------------------------------------------------------
---



*************************************************************************
This communication, including attachments, is
for the exclusive use of addressee and may contain proprietary,
confidential and/or privileged information.  If you are not the intended
recipient, any use, copying, disclosure, dissemination or distribution is
strictly prohibited.  If you are not the intended recipient, please notify
the sender immediately by return e-mail, delete this communication and
destroy all copies.
*************************************************************************


---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Fwd: Whole disk encryption, Kurt Buff
Previous by Thread:  RES: Whole disk encryption, Willian A. Rabelo
Next by Thread:  RE: Whole disk encryption, Greg Merideth
Indexes:  [Date] [Thread] [Top] [All Lists]