Disk encryption and installing new versions of Fedora

Mr.Scrooge maximilian_bianco at yahoo.com
Thu Jan 3 19:58:39 UTC 2008 

--- Robin Laing <Robin.Laing at drdc-rddc.gc.ca> wrote:

> Mr.Scrooge wrote:
> > --- Robin Laing <Robin.Laing at drdc-rddc.gc.ca> wrote:
> > 
> >> Mike wrote:
> >>> Mike <mike.cloaked <at> gmail.com> writes:
> > 
> > Are that many people really that careless with their laptops? I think people worry too much
> about
> > encrypting laptops. If a company has it's shit together they are not letting you go home with
> > sensitive info(They should be preventing cd burning and removable media,disabling such actions
> > ,even not having such devices installed, no usb ports on PC's, physical locks on PC case,no
> > offline files, etc...), all data should be backed up to a network location that has strict
> > security. A well thought out security scheme considers this and more. If you are among the few
> > that are allowed to do so (a handful maybe?) then hopefully you are not so irresponsible as to
> > leave it unsecured (by which i mean out of your sight) If someone targets you because of your
> job
> > then its probably fair to say that you deal with sensitive info, so they will( by which i mean
> i
> > would) be counting on encryption and be prepared to deal with it. Most of the high profile
> stories
> > i have seen involve employees taking home info they should not have in the first place. Again
> the
> > organization's IT Dept. should be disabling cd burning and removable media to reduce the
> incidence
> > of such cases.Prevent the copying of files off the local volume or network location.
> Considering
> > average "real world" user skill levels that would probably prevent most such incidents.
> 
> 
> You are missing a point here.  Many people use their laptop instead of a 
> desktop because they need to move this information and have it when they 
> are away from the office.  In my job, many people work at multiple 
> locations and need their information for their work.  Not all sites have 
> network access (even though we want it).  Most people in my section use 
> laptops like this.
> 
> There are also the telecommuters that need to have access to information 
> away from the main work site.  Executives making presentations or going 
> to meetings.
> 
> As a home user, I want encryption to protect my banking and other usage. 
>   My wife uses the laptop instead of a laptop.  She wants her 
> information protected.
> 
> As for theft.  Just going between work and home can be a loss.  You lock 
> your laptop into the trunk of your car and your car gets broken into 
> while you run into the store to get milk.  Electric trunk locks make it 
> easy for a thief to get into your trunk and your laptop is gone.
> 
> And as said before, encryption may be a requirement.
> 
> http://www.p2pnet.net/story/14518
> Make data loss a crime, say UK MPs
> 
> We all don't live in the ideal IT world.
> 
> Of course Fedora has put in SELINUX and firewalls.  All in efforts to 
> prevent corruption of systems and data.  Encryption is just another tool 
> to assist in this endeavor.  At least how I see it.
> 
> -- 
> Robin Laing
> 
I don't mean to suggest that encryption is not a worthwhile feature and several good points have
been made in its defense. However, sensitive information is just that and should be treated as
such. Encryption requires additional overhead and just because it's seamless to the user doesn't
mean it should be used for everything. If you deal with sensitive information that is worth
protecting then its an extra layer of security. That's all it is, an extra layer, too many people
are under the illusion that encryption is bullet proof. It's not, it can be broken and in fact i
would count on it. If it makes you sleep better then fine but keep in mind that if they want to
get around it they can. There are several freely available programs that will boot from a cd and
tell you the user name and password. They will just log in as the user and have full access
anyway. Harddrive encryption is a speed bump, useful as part of a good security plan but
ultimately, in my opinion, no more useful than any other security tool.

-Max


      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

More information about the fedora-list mailing list