[Owasp-ireland] Hackers Target State Computers & FDE {OT}

davidrook david.rook at realexpayments.com
Fri Feb 22 04:45:37 EST 2008


I thought I would post this link 
http://www.theregister.co.uk/2008/02/22/eff_unbitlocker/ about a 
weakness in disk encryption technologies.

Dave

Sam Johnston wrote:
> Latest TrueCrypt (5.0, released only last week - see 
> http://truecrypt.org) supports Linux, OS X and Windows, with whole 
> disk encryption for the latter.
>
> I particularly like this 'feature':
>
> *Q: Will TrueCrypt be open-source and free forever?*
>
> A: Yes, it will. We will never create a commercial version of 
> TrueCrypt, as we believe in open-source and free security software.
>
> Sam
>
> On Feb 12, 2008 12:44 PM, Singe <singe at singe.co.uk 
> <mailto:singe at singe.co.uk>> wrote:
>
>     Ron,
>
>      
>
>     I am currently doing research in this area, and the new(ish)
>     BitLocker which is available in Vista Ultimate or Enterprise will
>     provide you with Hard Drive Encryption.  I would say full but it
>     does depend on the configuration of the laptop.
>
>      
>
>     Where multi partitions exist BitLocker can be used with EFS to
>     provide adequate protection.
>
>      
>
>     But again it all depends on the nature and quantity of data that
>     is stored on your laptop as to the best product for you and of
>     course cost.
>
>      
>
>     PGPDIsk is also good, but relatively expensive.
>
>      
>
>     There are in fact a number of other products that I have not tested.
>
>      
>
>     Regards
>
>      
>
>     St. John Harold
>
>     IT Security Consultant
>
>      
>
>     *From:* owasp-ireland-bounces at lists.owasp.org
>     <mailto:owasp-ireland-bounces at lists.owasp.org>
>     [mailto:owasp-ireland-bounces at lists.owasp.org
>     <mailto:owasp-ireland-bounces at lists.owasp.org>] *On Behalf Of
>     *Hahn, Ron
>     *Sent:* 12 February 2008 11:35
>
>     *To:* owasp-ireland at lists.owasp.org
>     <mailto:owasp-ireland at lists.owasp.org>
>     *Subject:* Re: [Owasp-ireland] Hackers Target State Computers &
>     FDE {OT}
>
>      
>
>      
>     Colleagues,
>
>     This brings up a very good question for end-users:  What end-user
>     (not corporate) full disc encryption products are out there for
>     protecting the contents of a Windows laptop?  The Mac world has an
>     excellent built-in (FileVault) but the Windows world doesn't.  Any
>     recommendations or experiences to share?
>
>     Ron
>     -- 
>     Ron Hahn
>     Senior Systems Services and Support Analyst
>     Internal:  8-737-1557
>     External: +353-1-614-1557
>     Mobile:  +353-86-600-5499
>
>     Fidelity Investments Ireland
>     4th Floor, Hardwicke House, Upper Hatch St., Dublin 2, Ireland
>     http://directory.fmr.com/FDirectory.aspx?e=a445377
>
>     P Please consider the environment;  Do you really need to print
>     this email?
>
>     -----Original Message-----
>     From: owasp-ireland-bounces at lists.owasp.org
>     <mailto:owasp-ireland-bounces at lists.owasp.org>
>     [mailto:owasp-ireland-bounces at lists.owasp.org] On Behalf Of Eoin
>     Sent: 08 February 2008 11:22
>     To: owasp-ireland at lists.owasp.org
>     <mailto:owasp-ireland at lists.owasp.org>
>     Subject: [Owasp-ireland] Hackers Target State Computers
>
>     Hi,
>     There is a nice piece in the Independent today (page 6) relating to
>     Laptops, blackberries and usb keys being lost by the gov. Also
>     hacking
>     incidents on various state bodies.
>
>     ek
>
>
>
>     -- 
>     Eoin Keary OWASP - Ireland
>     http://www.owasp.org/local/ireland.html
>     http://www.owasp.org/index.php/OWASP_Testing_Project
>     http://www.owasp.org/index.php/OWASP_Code_Review_Project
>     _______________________________________________
>     Owasp-ireland mailing list
>     Owasp-ireland at lists.owasp.org <mailto:Owasp-ireland at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-ireland
>
>
>     _______________________________________________
>     Owasp-ireland mailing list
>     Owasp-ireland at lists.owasp.org <mailto:Owasp-ireland at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-ireland
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Owasp-ireland mailing list
> Owasp-ireland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-ireland
>   

-- 
David Rook | david.rook at realexpayments.com
Information Security Analyst

Realex Payments
Enabling thousands of businesses to sell online.

Realex Payments, Dublin, www.realexpayments.com
Castlecourt, Monkstown Farm, Monkstown, Co Dublin, Ireland
Tel: +353 (0)1 2808 559 Fax: +353 (0)1 2808 538

Realex Payments, London, www.realexpayments.co.uk
1 Hammersmith Grove, London W6 0NB, England
Tel: +44 (0)203 178 5370 Fax: +44 (0)207 691 7264

Pay and Shop Limited, trading as Realex Payments has its registered office at Castlecourt, Monkstown Farm, Monkstown, Co Dublin, Ireland and is registered in Ireland, company number 324929.

This mail and any documents attached are classified as confidential and
are intended for use by the addressee(s) only unless otherwise
indicated. If you are not an intended recipient of this email, you must
not use, disclose, copy, distribute or retain this message or any part
of it. If you have received this email in error, please notify us
immediately and delete all copies of this email from your computer
system(s). 
--



More information about the Owasp-ireland mailing list