Mailinglist Archive: opensuse-security (85 mails)
| < Previous | Next > |
Re: [opensuse-security] LUKS and its master key
- From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
- Date: Sat, 19 May 2007 03:20:18 +0200 (CEST)
- Message-id: <Pine.LNX.4.64.0705190313370.2901@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Friday 2007-05-18 at 18:00 +0200, Ralf Ronneburger wrote:
> For harddisk encryption on servers this is senseless. The disk is always
> online (therefore not protected) and before you sell it on ebay you can
> always use some tool to overwrite it with random data. For broken disks
> you'll find a strong magnet or even better a company that shreds them.
> To use encryption for this purpose is a waste of time and resources.
You forget that machines can be stolen, for hardware sale, not caring
about the data they may contain. But the buyer may find that interesting
data... thus encryption denies them access.
I have had spare servers stolen from secured premises (ie, with guards).
We noticed when we went to plug them in.
Then I do data backups to DVD and I'm not interested in a third party
stealing or just looking at them.
- --
Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQFGTlDUtTMYHG2NR9URArSQAJ47KInxvOw9RuLhiCZJklzwqPWNwwCfUQXm
PcdB6pUTUQhE4t2NVsQthKg=
=mcu+
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx
Hash: SHA1
The Friday 2007-05-18 at 18:00 +0200, Ralf Ronneburger wrote:
> For harddisk encryption on servers this is senseless. The disk is always
> online (therefore not protected) and before you sell it on ebay you can
> always use some tool to overwrite it with random data. For broken disks
> you'll find a strong magnet or even better a company that shreds them.
> To use encryption for this purpose is a waste of time and resources.
You forget that machines can be stolen, for hardware sale, not caring
about the data they may contain. But the buyer may find that interesting
data... thus encryption denies them access.
I have had spare servers stolen from secured premises (ie, with guards).
We noticed when we went to plug them in.
Then I do data backups to DVD and I'm not interested in a third party
stealing or just looking at them.
- --
Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQFGTlDUtTMYHG2NR9URArSQAJ47KInxvOw9RuLhiCZJklzwqPWNwwCfUQXm
PcdB6pUTUQhE4t2NVsQthKg=
=mcu+
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx
| < Previous | Next > |