 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Thu, Feb 28, 2013 at 10:25 AM, Rich Pieri <richard.pieri at gmail.com> wrote: > On Thu, 28 Feb 2013 07:27:04 -0500 > Jerry Feldman <gaf at blu.org> wrote: > >> USB thumb drives are inherently insecure without encryption. It does > > They're also inherently insecure with full disk encryption. Once > mounted, anyone who has access to the system has access to the files on > the device. Two different security issues are being conflated here. Any mounted drive (USB or otherwise) is only as secure as the system it is mounted on, whether it is encrypted or not. If you can get into the system, either remotely or by sitting in front of it, you can get as much access to the files as Unix security allows. And if you're using an exploit of Unix, more than that. A USB drive sitting on a table is another matter. An unencrypted one is insecure, period. Anybody can take it and mount it on a computer of their choice. Unix security is meaningless because it can be changed or ignored by a root user. An encrypted USB drive is more secure; how secure it is depends on the quality of the encryption software and the password used to encrypt it.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
