It's a Presidential Mandate, Feds use it. How come you are not using FDE?

Jonathan Thornburg jthorn at aei.mpg.de
Tue Jan 16 10:12:29 EST 2007


On Mon, 15 Jan 2007 08:39:18 -0800
"Saqib Ali" <docbook.xml at gmail.com> wrote:
> An article on how to use freely available Full Disk Encryption (FDE)
> products to protect the secrecy of the data on your laptops. FDE
> solutions helps to prevent data leaks in case the laptop is stolen or
> goes missing. The article includes a brief intro, benefits, drawbacks,
> some tips, and a complete list of FDE solutions in the market.
> 
> http://www.full-disk-encryption.net/intro.php

On Tue, 16 Jan 2007, Steven M. Bellovin wrote:
> I'll turn it around -- why should you use it?
> 
> In most situations, disk encryption is useless and probably harmful.
[[cogent arguments snipped]]

A further point:  Do you really want the granularity of your encryption
to be "one key per disk"?  I much prefer a cryptographic file system
which lets me have separate keys for separate categories of information
(eg one key for my tax forms, a different key for company-confidential
project stuff, a different key for old love letters, still another one
for My Secret Plan For World Domination, etc etc).  These might all
live on the same laptop, but they probably need quite different key
policies.

ciao,

-- 
-- "Jonathan Thornburg -- remove -animal to reply" <jthorn at aei.mpg-zebra.de>
   Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut),
   Golm, Germany, "Old Europe"     http://www.aei.mpg.de/~jthorn/home.html      
   "Washing one's hands of the conflict between the powerful and the
    powerless means to side with the powerful, not to be neutral."
                                      -- quote by Freire / poster by Oxfam

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list