Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] TrueCrypt with SSD

An interesting concept came to mind regarding encryption -

If you encrypt a drive (USB stick, WDE, etc), or use an IronKey, it is
only workable as long as the data remain encrypted.

There are many people who unlock their systems, close the lid, and the
system goes into a power save mode.   Now, if the system is taken
_before_ that can happen, and you are actively logged in, no
encryption (except for maybe special files or areas that require
passwords to unlock those particular areas even with the system live),
is going to work.   The system is already unlocked.

Now, if a screen saver with password option kicks in, the system is
_still_ no longer encrypted, but can make it more difficult to access
the files, but not impossible, so long as the battery holds out, too.

My point is encryption of larger-scale kinds (WDE, Ironkey) is only
best if the system is shut off or not in a state where the data has
already been unlocked and left vulnerable.

It has become clearer that sensitive data should reside on company
servers and only accessible via a VPN connection.
The laptop then becomes a simple portable remote dumb terminal.   If
the laptop is thus stolen, no _important_ data is lost.


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /