Slashdot Mirror

← Back to Stories (view on slashdot.org)

TSA to Contractors - Encrypt Your Laptops

Posted by Zonk on from the probably-a-good-idea dept.

eweekhickins writes "After two laptops were lost containing the personal data of 3,900+ truckers who handle HAZMATs, the Transportation Security Administration has ordered its contractors to encrypt any and all data. 'After the second theft or loss, the TSA conducted an IT forensic investigation that ascertained that the (previously) deleted information could be retrieved if a thief had the proper training. "So even though [there's only a] small chance of [the data being misused], we did notify all affected individuals and advised them of what steps to take to protect themselves, and we mandated that contractors need to encrypt any and all data in addition to any deletion procedures that might be in place," Davis said.'"

5 of 132 comments (clear)

  1. Overheard conversation by postbigbang · · Score: 5, Funny

    "No, not the keys to the truck and trailer, I need the damn keys to the laptop!"

    --
    ---- Teach Peace. It's Cheaper Than War.
  2. Not Enough by s31523 · · Score: 5, Interesting

    OK, so I have my Open Office document with goodies of HAZMAT data in it. I deploy my favorite encryption program and encrypt the document. Then I delete the original document. Same problem exists. Encryption is not enough.

    Either the data needs to be "shredded" or stored in it's natural form on a fully encrypted volume.

  3. Truecrypt! by NitroWolf · · Score: 4, Informative

    I use Truecrypt to encrypt a partition on a drive and store all of my documents there. It's transparent to the user, once you've mounted your volume(s) and it's pretty danged fast, too. You can do encryption with Twofish, Serpent and AES or a cascading combination of them. Pretty damned secure, opensource and free.

    You can even encrypt a whole device. If you do that, it just looks like a blank volume and a thief won't even know there is data on the volume to be decrypted.

    1. Re:Truecrypt! by mlts · · Score: 4, Informative

      TrueCrypt is an excellent program, the devs have put a lot of thought into every aspect of security. I use it for encrypting external drive volumes completely so if someone does a smash and grab on my stuff, they will end up with hardware, but the data is protected by a passphrase and a keyfile stored on the (WDE encrypted, using a hardware token) boot drive.

      The biggest thing to remember with TrueCrypt, if you lose the first 1024k or so of an encrypted volume, you have completely lost the volume because the first part contains the encryption key (or keys) for the rest of the data. ALWAYS back up the volume headers (they are encrypted with the same mechanism as the volume itself, so they just need to be stored safely) of all critical volumes.

      Of course there will be people saying that "I don't use encryption programs, I have nothing to hide." That is analogous to saying "Don't have a front door as you might has something to hide." Its not the governments these programs are for (most governments can obtain the decryption key via other means including a rubber hose), its thieves. These days, TrueCrypt and other security programs are highly necessary to keep a $1000 laptop from becoming a loss of many thousands in ID theft.

  4. Re:It's always sad by Chris+Mattern · · Score: 4, Funny

    If they could actually take retroactive measures, they'd be much happier. "Johnson, I need to secure that data so that it didn't get stolen three days ago!"

    Chris Mattern