[FDE] Question re risks of data loss with FDE
coderman
coderman at gmail.com
Fri Mar 2 17:00:40 MST 2007
On 3/2/07, Michael Dickey <mdickey at itagroup.com> wrote:
> Let's say I write down my encryption passkey and stuff it in my laptop
> bag. My laptop bag is stolen along with the passkey to get in. Obviously
> that is a way "around" encryption and that vulnerability is real.
this is one reason i am fond of multi-factor auth that includes a
physical token or USB key of some kind. this key should be small
(Sony Micro-Vault USM-H [0] is my personal preference for pass-phrase
protected loop-aes secrets) and kept on a key chain.
people lose their keys much less frequently than they lose laptops and
storage media. placing disk keys on a key chain also ties into the
usability / intuitiveness of a capability like approach for protecting
your OS and storage.
smart cards are another technique to consider, though wallets / purses
get lifted more frequently than key chains.
0. Sony MicroVault USM-H 14.5x 2.7 x 30.0 mm storage fob
http://www.sony.net/Products/Media/Microvault/usm-h.html
More information about the FDE
mailing list