full-disk encryption standards released
Arshad Noor
arshad.noor at strongauth.com
Wed Jan 28 19:09:12 EST 2009
Steven M. Bellovin wrote:
> http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126869&intsrc=hm_ts_head
I wonder if the 40+ breach-disclosure laws in US will now have
to be updated to reflect that if data is breached on a "live"
system using an encrypted-drive, one must still make the breach
disclosure.
The CEO of Heartland Payment Systems, however, will no longer
be fooled by the salve that FDE drives promise; he's calling for
end-to-end encryption, a control which he - and readers of this
forum - know, the FDE drives cannot provide:
http://www.snl.com/irweblinkx/file.aspx?IID=4094417&FID=7249269
Arshad Noor
StrongAuth, Inc.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list