interesting-people message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]

Subject: [IP] a comment from Ed Felten (and me) A Method for Critical Data Theft - New York Times

BTW an interesting scenario is at Customs entering any country. Your laptop is seized ----- djf 



Begin forwarded message:

From: "Edward W. Felten" <felten@cs.princeton.edu>
Date: February 22, 2008 9:51:50 AM EST
To: "David Farber" <dave@farber.net>
Subject: Re: [IP] Re: A Method for Critical Data Theft - New York Times

I think Lee Dryburgh is missing the point of our work.

The whole point of disk encryption products is to protect the data on
a laptop drive if the laptop is lost or stolen, that is, if physical
security is breached.  Our work shows that popular disk encryption
products fail to do what people think they do.  An adversary with
physical access to a laptop using disk encryption can (usually)
extract all the encrypted information from the disk.

As a meta-comment, be careful about anybody who debunks an idea based
on "a quick read".  Would it be too much trouble to actually read our
paper before pronouncing it pointless?

On Fri, Feb 22, 2008 at 9:37 AM, David Farber <dave@farber.net> wrote:



Begin forwarded message:

From: David Farber <dave@farber.net>
Date: February 22, 2008 9:18:57 AM EST
To: "ip" <ip@v2.listbox.com>
Subject: [IP] Re:    A Method for Critical Data Theft - New York Times
Reply-To: dave@farber.net




Begin forwarded message:

From: "Lee Dryburgh" <dryburghl@gmail.com>
Date: February 22, 2008 8:59:59 AM EST
To: dave@farber.net
Cc: ip <ip@v2.listbox.com>
Subject: Re: [IP] A Method for Critical Data Theft - New York Times

This has been all over the news today. It seems another unwarranted
headline grabber (sorry to IP person whose work it is).
The first point of security of data is physical security and from the quick read you need to push somebody away from their laptop, quickly spray the machine with something to cool it down very quick, hope the person did not disable booting from external drives (which you should do if running disk. encr.), and quickly boot from an external drive. If you can do to all that effort - I'd recommend installing a key logger - simpler with better results 
;)

Interesting and worthwhile research though.

Regards

Lee

\ Emerging Comms Conference
/ March 12-14 - www.eCommMedia.com
\ Skype: leedyburgh

On 22/02/2008, David Farber <dave@farber.net> wrote:




http://www.nytimes.com/2008/02/22/technology/22chip.html?hp


________________________________



Archives



________________________________

Archives




-------------------------------------------

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]

Powered by eList eXpress LLC