[Discuss] Full disk encryption and backups
Richard Pieri
richard.pieri at gmail.com
Wed Jan 4 11:11:10 EST 2012
On 1/3/2012 10:32 PM, Tom Metro wrote:
> Ummm...yeah. You do realize that in order to use your data you need to
> decrypt it, right? :-)
Yeah, but that data remains local within hopefully protected memory
areas. Bacukps usually run to external storage of some sort, be they
flash drives or NAS or what have you. Take the Firewire or USB link
bewteen a Macintosh and its Time Machine disk. This link is completely
unauthenticated and unsecured. An attacker could tap that connection
without any difficulty.
There are ways to deal with this but they add complexity to the backup
system. The more complex you make the backup system, the more difficult
you make it to use.
--
Rich P.
More information about the Discuss
mailing list