Re: [Fed-Talk] FileVault and Electronics Searches
Re: [Fed-Talk] FileVault and Electronics Searches
- Subject: Re: [Fed-Talk] FileVault and Electronics Searches
- From: Dave Schroeder <email@hidden>
- Date: Thu, 07 Feb 2008 15:52:51 -0600
On Feb 7, 2008, at 3:12 PM, Stephen Bates wrote:
So the IntelList has been high volume with discussions based upon
the below Washington Post article. Wonder how safe we really are
if we have everything encrypted in FileVault?
Can I get some clarification on what you mean by "safe"?
"Safe" in that there are no backdoors in FileVault? (There aren't,
unless there is a backdoor in AES-128 or -256, which, as we have
discussed previously on this list, isn't the case.)
"Safe" in that your data won't be read if the drive is copied
wholesale without access to your password(s)? (Yes.)
"Safe" if you use best practices to protect your user credentials
(such as secure virtual memory, etc., in the unlikely case that CPB is
employing forensic software to recover encrypted or protected data en
masse from laptops)? (Yes.)
"Safe" as in, protected from the admittedly questionable and unclear
electronics search policies of CPB at the borders upon entry? (Doesn't
seem to be a FileVault issue...)
"Safe" if you volunteer your password to CPB agents? (No, but again,
doesn't seem to be a FileVault issue...)
Sorry, the word "safe" there kind of confused me. Safe from what,
exactly, in the context of the government what could end up being
deemed a legally allowable search? There are of course questions of
how encryption will be handled, and so on, but all of these rest in
pretty murky areas. What if you forgot your password? Could you be
liable for encrypted data to which you don't possess a key? Seems very
unlikely, and unenforceable. Not to mention there are many other
undetectable, or extremely difficult to detect, mechanisms to smuggle
data electronically. Steganographic techniques come to mind...
- Dave
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden