[BBLISA] Looking for FDE single system windows 8
Jim Hickstein
jxh at jxh.com
Sat Jan 24 11:24:41 EST 2015
On 2015/01/24 01:51, Rich Braun wrote:
> At work I've watched my cloud-based service go from
> zero to $16M/year in the past 12-15 months, and we're still just using the
> lame AWS "at-rest" encryption which protects against exactly one type of
> threat: someone showing up at the data center with a weapon demanding the hard
> drives. It's the least-likely thing to ever happen, why bother with that at
> all.
Reaching: Because then you can re-use the SSDs without having to shred
them. :-) Shred the key instead. But that's hardly enough to justify
the cost, in many cases.
> Vormetric's the most sophisticated commercial product, supporting block-level
> encryption within user-space, but it's hellaciously expensive. My freeware
> LUKS setup will keep out the burglars but that's about all.
>
> Gotta be a better way.
I started with this stuff in 1983, and I'm still waiting. Someone is
going to make an absolute mint when they can solve this for most users,
or even make a significant improvement. Encryption makes the problem
smaller and more portable, and moves it -- into key management -- but
the problem doesn't really go away.
As for my executor: there's still nothing quite like a piece of paper
with the login and PwSafe passwords hand-written, in a paper security
envelope in a safe-deposit box. And the will, giving them legal access
to the safe-deposit box, in a well-known place outside of the
safe-deposit box itself.
More information about the bblisa
mailing list