Re: [Fed-Talk] Looking for encrypted hard drives
Re: [Fed-Talk] Looking for encrypted hard drives
- Subject: Re: [Fed-Talk] Looking for encrypted hard drives
- From: Amanda Walker <email@hidden>
- Date: Sun, 9 Apr 2006 20:05:49 -0400
On Apr 9, 2006, at 5:30 PM, Michael Pike wrote:
On Apr 6, 2006, at 11:42 PM, Amanda Walker wrote:
Does anyone know of good solutions for encrypting data at rest on
Macs (preferably the entire drive)? Unlike my last job, "throw
the drive in a GSA Class 5 safe when you leave the room" is not an
option for me at the moment.
What about just an encrypted drive image? If you have a 160 GB
drive, make two 80GB AES128 encrypted images and mount them as
needed? I know old Filevault had problems, but I've used it since
it came out, and even with poweroutages and everything else, never
lost anything with FileVault as of 10.3.9 on up to 10.4.6.
As I mentioned in my last couple of notes, I'm specifically
interested in something that will keep cache directories (browser and
email caches, in particular) encrypted, which is difficult to do with
an encrypted drive image. The ability of FileVault to do this for
the entire home directory is the main reason we're using it as an
interim solution, but several people I know have had bad FileVault
experiences after a machine crash (including one just a couple weeks
ago, so it's not something that's been fixed in Tiger).
For Windows, there are things like PGP's Whole Disk Encryption or
Utimaco's SafeGuard Easy which just keep the entire drive encrypted--
you have to supply a passphrase to even boot the machine, and a cold
disk (i.e., a stolen computer) has no identifying information on it
at all. For a software solution, that's the kind of thing I'm
looking for (though requiring a smart card or other physical token as
well as a passphrase would be better).
I was talking about this last week to our rent-a-cop, I mean, ISSO
of our agency.
Heh. It usually pays to be nice to your ISSO ;-)...
I think the biometric thing is a mistake. If I'm a terrorist, I'll
cut off your finger and carry it around with me, even if I get
caught, it's an assault charge.
Iris scanning isn't much better, because they can cut out your eye.
Luckily for me, my current threat model does not include an adversary
who will cut off body parts. It's much more prosaic, and includes
two main threats:
- Covert tampering or disclosure: If I leave a Mac unattended over
the weekend (G5s being a little heavy to throw in a backpack), I
don't want to have to worry if the janitorial crew tries to gain
covert access to the information on the machine (or install a
keylogger or network sniffer), even if they have access to the drive,
firewire ports, etc. Mac OS X out of the box is still quite
vulnerable to someone who has physical access to the machine.
- Theft: If someone steals the machine outright (breaks into the
office, steals a laptop off the airport conveyor, etc.), all I want
to have to care about is the hardware replacement cost. I don't want
to have to worry about what's on the drive.
I've already suggested "well, let's just buy some external firewire
drives and a two-drawer GSA Class 5 container", but alas, that's not
going over too well so far ;-). It's the classic tension between
convenience and security.
Amanda Walker
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden