|
Audio Asylum Thread Printer Get a view of an entire thread on one page |
For Sale Ads |
50.183.218.111
In Reply to: RE: Not true: most are thrown away before they die -t posted by Tony Lauck on November 21, 2014 at 17:11:45
On Mac, FileVault 2 encrypts all data on disk on the fly as you create new files and folders. If you lose your laptop and someone removes the disk in an attempt to mount and retrieve data, it's darn near impossible for even a somewhat technically savvy thief.
Additonally, every Mac for as many years as I can remember has a 'secure erase' feature built into the standard 'Disk Utility'.
Securely Erase Your Disk. Note the different levels of Secure Erase
US DOE Compliant Erase
US DOD Compliant Erase
Tony compliant best practice for Disk Erase:
Follow Ups:
1. I know this whole disk encryption exists. However, without hardware support the result is a noticeable loss of performance.
2. The human factors associated with whole disk encryption yield a poor tradeoff of convenience vs. security (e.g. password strength).
3. There is no reason to believe that any "secure xyz" is actually secure after Edward Snowden's revelations. (I have known this to be the case for decades, but had no credible way of demonstrating this.) In addition, secure file erase is of dubious value due to device level revectoring games, which are the exception with spinning rust but an essential part of SSDs.
I place more faith in the sledge hammer method. However, after smashing to pieces it may be necessary to grind the results to dust and burn them. :-)
Tony Lauck
"Diversity is the law of nature; no two entities in this universe are uniform." - P.R. Sarkar
"1. I know this whole disk encryption exists. However, without hardware support the result is a noticeable loss of performance."
Intel processors since Westmere, circa 2010, have AES encryption extensions to the x86 architecture. In other words, hardware acceleration for AES encryption. With modern laptops and fast SSDs the performance hit isn't noticeable in most cases under typical use. If you run a disk performance test then you will 'see' a difference in MB/s for reads and writes but from the keyboard and screen as a user it's imperceptible. Some SSDs have hardware accelerated encryption built-in.
The initial whole disk encryption runs in the background but once that's complete, subsequent encryption happens 'on the fly' as the user creates new files and folders.
"2. The human factors associated with whole disk encryption yield a poor tradeoff of convenience vs. security (e.g. password strength)."
Password strength is important in any system and no more inconvenient for File Fault 2 encryption. In fact, passwords are almost irrelevant to File Vault 2's encryption mechanism. The system relies on a series of cryptographic keys granting access to two other layers of keys. These keys are the derived encryption key, the key encryption key and the volume encryption key. You enter your password and the password is converted to a derived key with the RSA Password Based Key Derivation Function (PBKDF2). There are more steps but the bottom line is that it's no more inconvenient than logging in with a typically strong password.
"3. There is no reason to believe that any "secure xyz" is actually secure after Edward Snowden's revelations. (I have known this to be the case for decades, but had no credible way of demonstrating this.) In addition, secure file erase is of dubious value due to device level revectoring games, which are the exception with spinning rust but an essential part of SSDs."
The whole Snowden thing was an 'insider threat' issue, not a disk encryption issue. He had the keys. There are other mechanisms being architected to combat this problem including ways of easily monitoring, logging, and mining for every login and action by every IC insider, and raising flags on unusual activity. It's a huge problem because of the sheer number of people in the IC. It's not as simple as looking at a couple log files on a couple machines.
Any disk encryption system can be hacked (with sufficient time and tools) but the point is, why not make it difficult and not worthwhile for most thieves? All employees in the group that I work for are required to run whole disk encryption on their laptops. If you lose your laptop, you've lost the ability to delete your data or smash the disk. Why make it easy for a thief to access that data?
You entirely misunderstood the gist of my Snowden comments. I had already figured out by 1994 that the NSA was in bed with at least one major O/S company. I knew that by conversations with people "in the know" who were "split brained", i.e. had crypto security clearances. It was not hard to figure out what was going on from talking with these people, since when you got too close to the edge you could see their faces tense up. Pressing them some more, you soon reached the point where they said, "I can't discuss this any further." I suspect the processor hardware is equally untrustworthy. It only takes a single extra wire in a chip to implement a hidden trap door.
The encryption keys have to be stored somewhere. So if the disk is encrypted the key has to be unencrypted, or protected by a password that the user types in. So you may be able to discard an encrypted disk, but if so you will have to enter a strong password at boot or trust some other portion of the system that contains the encryption key.
Tony Lauck
"Diversity is the law of nature; no two entities in this universe are uniform." - P.R. Sarkar
I had already figured out by 1994 that the NSA was in bed with at least one major O/S company.
Of course! The IC as a whole relies on several private firms and COTS solutions sometimes customized for their needs.... and as you know, often highly classified.
My point about disk encryption was why not use it since it is free, not at all intrusive, and offers a good level of protection for personal computers. At least that's the case on Mac OS, not sure what MS offers.
What do you expect from sellers of computer services? They are not really interested in security or audio quality.
Post a Followup:
FAQ |
Post a Message! |
Forgot Password? |
|
||||||||||||||
|
This post is made possible by the generous support of people like you and our sponsors: