Slashdot Mirror

← Back to Stories (view on slashdot.org)

What's Missing From File / Disk Encryption?

Posted by ryuzaki0 on from the features-wanted dept.

lockDrive asks: "Every month, we read a news about personal information leak. Most of the time, either a laptop or a hard disk that contains sensitive information is stolen from a government or corporate office, and the data are not encrypted. Recently, Department of Veterans Affairs had lost a laptop which contained confidential information for 26.5 million veterans. The data were not encrypted. There are many products that provide a solution to such a problem. Microsoft Encrypting File System (EFS), which comes with Windows 2000 and later, encrypts data in a file system and seems to have a decent key recovery system in Windows 2003 Server CA. Products like SecureDoc and DriveCrypt encrypt an entire disk. I have tried some of them and they are not that difficult to use. What is holding people who handle sensitive information (government, health-care, insurance ...) back from encrypting their data? Are the products still too hard to use? Are they concerned about performance loss? Are they not convinced with the security gain? Are they just not adopting the technology quickly? Is there anything missing in the technology?"

12 of 177 comments (clear)

  1. encryption is a speed bump. by ecalkin · · Score: 3, Insightful

    it will slow people down. maybe long enough to recover the data or somehow make it less useful (change ids, passwords, etc). even good encryption will eventually fail. the best you can do is to make it difficult.

        on a positive note, someone suddenly looking for breaking tools might catch some attention. on a negative note, something encrypted tends to be a big red flag that says 'look at me, i was important enough to protect'.

        and one final thought: it you look at the care and attention that people pay to to security, it would not surprise me if most encrypted systems would be compromised by user stupidity (social engineering).

    eric

    1. Re:encryption is a speed bump. by drsmithy · · Score: 3, Insightful
      it will slow people down. maybe long enough to recover the data or somehow make it less useful (change ids, passwords, etc). even good encryption will eventually fail. the best you can do is to make it difficult.

      Note that when "eventually" is a timeframe measured in tens to hundreds of years, that's probably good enough for just about anyone.

    2. Re:encryption is a speed bump. by Nutria · · Score: 3, Informative
      Out here in the real world, you're not going to crack correctly-applied encryption in your lifetime,

      You'd better re-think that bold assertion...

      http://en.wikipedia.org/wiki/Data_Encryption_Stand ard#Security_and_cryptanalysis
      The feasibility of cracking DES quickly was demonstrated in 1998 when a custom DES-cracker was built by the Electronic Frontier Foundation (EFF), a cyberspace civil rights group, at the cost of approximately US$250,000 (see EFF DES cracker). ... The machine brute-forced a key in a little more than 2 days' search; at about the same time at least one attorney from the US Justice Department was announcing that DES was unbreakable.
      But it's only DES, you say!!! So. It is a correctly-encrypted text, and it was cracked in 56 hours.

      http://en.wikipedia.org/wiki/EFF_DES_cracker
      Six months later, in response to RSA Security's DES Challenge III, in collaboration with Distributed.net, the EFF used Deep Crack to decrypt another DES-encrypted message, winning another $10,000. This time, the operation took less than a day -- 22 hours and 15 minutes.
      --
      "I don't know, therefore Aliens" Wafflebox1
    3. Re:encryption is a speed bump. by Bazzargh · · Score: 4, Funny

      Simple, first kidnap you and your kids. Then slowly torture one of your kids to death to prove I am serious. After that you would do anything, even give up the key/passphrase to save your other kid. I am sure you can come up with several other methods that would work for people without children.

      I keep one of the twins, Alice, in the firesafe to prevent this kind of attack. Bob is kept offsite as a backup.

  2. The real cause... by WidescreenFreak · · Score: 3, Insightful

    I think you missed the real cause -- the IWNHTM Syndrome.

    It Will NeverHappen To Me

    --
    The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
  3. Ignorance by Merlynnus · · Score: 5, Interesting
    Clearly the problem is ignorance. And bad habits. And bad security policies.

    It's not a technological problem -- everyone in Windows & Linux land should be using Truecrypt or something similar and being smart about how they handle data. Rather it's a social problem.

  4. lack of proper policies by artifex2004 · · Score: 3, Interesting
    The biggest flaw in these schemes is always the glaringly obvious: nobody bothered to turn them on.
    Without written security policies, nobody knows what they should/can/must not do, and even if they do, they follow the rules inconsistently.

    Take a look at Cisco's SAFE, for example. It explicitly says

    This document presumes that you already have a security policy in place. Cisco does not recommend deploying security technologies without an associated policy. For further information about security policies and their use, consult the SANS Security Policy Project at:
    http://www.cisco.com/go/safe


    If you don't know what you have, who gets to access it, and when, what good is a bunch of hardware and software? You might as well hand all your workers CDs of your databases and cross your fingers. Which, possibly, actually happens in some of these cases. Sadly, this sort of stuff is Day 1 material for CCNA and MCSE and other certifications these days, so it pretty much looks like whoever is running the show in these places can't follow or doesn't know standard industry practices. That's gross negligence, IMO, and nothing to do with any sort of technical failings.
  5. How about a distro w/ initial install support by Tiamat · · Score: 4, Interesting

    I would love to a see a distro, like ubunto, that would ask me if I wanted to create a small boot parition, and a larger *encrypted* primary parition, which would then install to the encrypted partiton, and finally give me the chance to burn a CD from which to boot (or USB stick if my system supported that, etc.). Then, on boot (either from the HD small boot part, or a read-only CD), I'd enter my password to access the root partition. As it stands, getting this done requires some expertise, too much time for most of us, and lot manipulating of files, partitions, etc.. Make it easy!

    1. Re:How about a distro w/ initial install support by anti-drew · · Score: 3, Insightful

      Don't just make it easy. Make it the default. The vast majority of users start with everything at default settings. Why would you deliberately use a default which is incorrect?

    2. Re:How about a distro w/ initial install support by javifs · · Score: 4, Informative

      It will be integrated in the latest version of the Debian installer, IIRC, it will be in 'etch beta 3'. Which should be available soon (check out the PartmanCrypto stuff in the wiki and the Debian Installer pages). Since Ubuntu uses a derived version from the installer, they will presumely pick this up once it is finished.

  6. Re:-truecrypt? by Merlynnus · · Score: 3, Informative

    Nonsense. I use Truecrypt, and have encrypted a whole drive. *Nothing* on it is unencrypted. It has no partition table. Any sort of analysis of it would show that it is complete indistinguishible from random noise. Taken out of the workstation that it currently resides in, it would be completely and utterly secure. And, unintelligible. Granted, it's not the boot drive, but so what?

    I also wonder about "...and realize that there is an encrypted partion...". Again, so what? Unless you've chosen an insecure passphrase, or give up the passphrase through some manner of coersion with the strong encryption algorithms, it doesn't matter if someone realizes there might be more to the noise or not. And, if you're really worried about it, Truecrypt allows you to create truely hidden encrypted areas.

    I suggest reading the fine manual that comes with Truecrypt and studying the bit about plausible deniability. And the bit about encrypting whole devices. *Then* come back and bring a informed opinion.

    The fact of the matter is that the technical problems have been mostly addressed. The problem is that the wetware doesn't follow reasonable data security policies.

  7. Here's an idea: by Ayanami+Rei · · Score: 3, Informative

    Take a simple linux install disk that uses initrd of your choice and comes with cryptoloop.
    Modify the initrd so it asks for a password before setting up the "real" root device on your harddrive.
    Burn the install CD with the modified initrd. Install linux using this disk (so it installs onto the now-encrypted hard drive)
    In order to use the system, you'll have to insert the install CD and use it as a boot CD everytime. But in this fashion no un-encrypted data is on any of your hard drives. To remove evidence that you can even access it, remove the CD when you're done using the computer, and store it in an inconspicous place.

    If you prefer using windows, deal with linux to the point you can install QEMU or VMWare. Install Windows normally in the virtual environment and it is encrypted as well (including the swap file!).

    --
    THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON