[Discuss] TrueCrypt with SSD
Scott Ehrlich
srehrlich at gmail.com
Fri Aug 19 06:37:53 EDT 2011
An interesting concept came to mind regarding encryption -
If you encrypt a drive (USB stick, WDE, etc), or use an IronKey, it is
only workable as long as the data remain encrypted.
There are many people who unlock their systems, close the lid, and the
system goes into a power save mode. Now, if the system is taken
_before_ that can happen, and you are actively logged in, no
encryption (except for maybe special files or areas that require
passwords to unlock those particular areas even with the system live),
is going to work. The system is already unlocked.
Now, if a screen saver with password option kicks in, the system is
_still_ no longer encrypted, but can make it more difficult to access
the files, but not impossible, so long as the battery holds out, too.
My point is encryption of larger-scale kinds (WDE, Ironkey) is only
best if the system is shut off or not in a state where the data has
already been unlocked and left vulnerable.
It has become clearer that sensitive data should reside on company
servers and only accessible via a VPN connection.
The laptop then becomes a simple portable remote dumb terminal. If
the laptop is thus stolen, no _important_ data is lost.
Scott
More information about the Discuss
mailing list