|
|
Security Basics
Why isn't full disk encryption from manufactures a slam dunk? Sep 12 2007 04:16PM dan recyclepcs com (6 replies) Re: Why isn't full disk encryption from manufactures a slam dunk? Sep 17 2007 09:21PM Michael Painter (tvhawaii shaka com) Re: Why isn't full disk encryption from manufactures a slam dunk? Sep 15 2007 02:44AM Daniel Anderson (dtndan gmail com) Re: Why isn't full disk encryption from manufactures a slam dunk? Sep 14 2007 02:18PM Nick Owen (nickowen mindspring com) Re: Why isn't full disk encryption from manufactures a slam dunk? Sep 12 2007 08:10PM gjgowey tmo blackberry net Re: Why isn't full disk encryption from manufactures a slam dunk? Sep 12 2007 08:10PM Kurt Buff (kurt buff gmail com) |
|
Privacy Statement |
> This would seem to be a security no brainer. What are its limitations?
>
To add on what has already been pointed out - Crypto changes. Today,
<insert favorite strength of AES> or whatever flavor of crypto you use
is practically secure for the necessary lifetime or duration of the data
being protected. That could change tomorrow, and lock-in from the
particular vendor on the type of crypto in hardware is going to prevent
upgrades if the algorithm is found with a flaw, or brute-force attacks
increase with such vigor as to find a way around the cryptography.
(read: quantum computing). It is a long shot, but needs to be considered
in the scope of the risk assessment for choosing a hardware or software
based FDE solution.
My $0.02 in the pot.
Hope you find the answers you are looking for.
-James
--
-------------
James Fryman
[ reply ]