[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Laptop Drive Encryption

Subject: Re: Laptop Drive Encryption
From: tony <email@hidden>
Date: Wed, 17 Jan 2007 20:39:39 -0800 (PST)
Delivered-to: email@hidden
Delivered-to: email@hidden
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=6EVNR07Vl1G8RO9mCQYq3svfppHu6JMKnpfduAxqR6F1ShFCOcZY1ya2QCxcsUlX10ikySBUwTaeVNGkz4Y8ayzaB5xTuV6NT10Jr5oEnMfkdHwuFXZEBA5hmSvP0ewbfDL7k8cAz4EwCNZd9svds+Ri4XQxafGZZH0UEoVrgtg=;

Hi,

I'm in the same boat as the originator of this thread.  Basically our customers are demanding it but we are rolling out more macs without any centralized management whatsoever (not my call).  Can PGP be as secure as wde products for windows?  Can it be easy to manage and use with features such as sso and possibly integrate with AD?  Basically we're looking for a product similar to products such as guardianedge Encryption Anywhere.  Currently I do not think this exists?  Thanks for your input!

Regards,
tony

----- Original Message ----
From: Gregor Alessi <email@hidden>
To: email@hidden
Sent: Wednesday, January 17, 2007 3:28:33 PM
Subject: Re: Laptop Drive Encryption

On 17.01.2007, at 18:22, Jim Zajkowski wrote:

> On Wed, 17 Jan 2007, Ed Crelin wrote:
>
>> if they don't have the password they're not gonna get anything  
>> more or less than if they know the password to Filevault.
>
> That's not really true: you can remove the disk from the notebook  
> and mount it from another computer, regardless of the password  
> protection on the notebook (eg, OF/EFI password, user accounts).

Second that:

To crack Open Firmware Protection just remove physical memory - the  
PW will be gone.
To read data from a non-encrypted hard drive, start-up the laptop (or  
the iMac or any Apple computer for that matter) in Target Disk Mode  
and set Finder to ignore permissions.
To read a non-encrypted hard drive from any computer runnning any OS,  
connect it to a device you can mount on your machine. For starters,  
an IDE device: http://www.granitedigital.com/catalog/ 
pg19_firewirebridgeboards.htm

In other words: If I have physical access to your machine, only  
encryption will keep me from reading (or writing to) your data.  
Whether you need encryption or not is up to your policy.

Then again, encryption needs evaluation - FileVault is good, but PGP  
can be better if configured properly.

Regards

Gregor
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Client-management mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/client-management/email@hidden

This email sent to email@hidden

____________________________________________________________________________________
TV dinner still cooling? 
Check out "Tonight's Picks" on Yahoo! TV.
http://tv.yahoo.com/
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Client-management mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/client-management/email@hidden

This email sent to email@hidden

Follow-Ups:
- Re: Laptop Drive Encryption
  - From: "John C. Welch" <email@hidden>

Prev by Date: Re: 10.4.8 Printing
Next by Date: Re: Laptop Drive Encryption
Previous by thread: RE: Laptop Drive Encryption
Next by thread: Re: Laptop Drive Encryption
Index(es):
- Date
- Thread

Home