Urm Gnome isn't Linux? I was under the impression that gnome was simply a GUI, and that the "core" of the OS or "Kernel" was Linux, a UNIX derivative originally developed by Linus. Also,that open source projects were based on standards that may have deviations in the implementation, but still try to follow the standards.
Please have tolerance before you blast me, as this is my interpretation and observations without any definitive answers.
Additionally, I don't get the "making Linux look like windows for older folks". Are you sure this hangup isn't in your head? Personally, I installed Ubuntu about 2 years ago on my 83 year old grandmothers PC. After two months, I asked her how the computer was doing, and she said "It is running faster than it used to, and I like the version of Mahjong, because I can read the letters easier."
I did not tell her I changed her PC to Linux, I just took the time to explain that her computer was gonna be different now, and that she needed to do things slightly differently.
As soon as notifications start annoying me just like windows XP notifications did, you will hear the sound of my shuttling feet moving to another operating system.
alaederach wasn't looking for a sales pitch on Truecrypt. The decision has been made. He is looking to the slashdot community to empower him with a good argument to resist encryption. I hope that he chooses to embrace encryption, while recognizing that it is not applicable to every environment or computer. He can still make an informed argument against it in his case, provided he is correct in his assessment.
POLICY
alaederach, I believe the folks that posted advice about resolving this through the proper channels to get an exception to the policy is your best route. Dont start argumentatively. Explain your concerns and keep an open mind about them. Start with a member of the team that is deploying PGP and ask what the proper procedure is to get an exception to the policy. If there is a project manager assigned, that would be the person to start with. Project managers are usually more open to the needs of your area, and have the power to address issues that are raised during the implementation process. Kindly explain your concern, and ask if a high performance system can be benchmarked and tested prior to the roll out of PGP.
PERFORMANCE
As a proud tin foil hat wearing network administrator whom has rolled out PGP, I did not find a performance hit that was enough justification to make an exception in our environment. However, the identified risk of data loss and theft was a concern for the traveling laptops. The servers were less of a risk due to the physical security controls that were in place. PGP was only rolled out to laptops in my environment. I would recommend extensive testing prior to the roll out for high performance machines.
Boot times were slower, but were measured in seconds vs minutes. In every case where performance was an issue, it was typical problems that one might find on a windows machine, and was unrelated to the encryption.
SECURITY
Every time I have worked as a member of a team deploying a security measure, the same argument is claimed by someone. "There is no reason to do X as it can be subverted." That goes for policy, physical access controls, software, and hardware. Encryption is no exception to this. Yes, warm and cold boot attacks are possible. Yes, highly motivated individuals, groups, and governments may have the ability to access your data.
Security is best used with many layers. It can be highly effective at reducing risk, and keep higher percentages of the population from accessing or corrupting your data.
alaederach, your best argument here is risk vs reward. This is where you kindly make your claim that risk is low due to the low impact of data loss in your environment. At the same time, if you have good physical security controls, you might want to include that in your argument. If the data that your work produces is valued higher by the decision makers than what you are sharing with us, then you may want request the performance testing and explain the risk of lower production due to performance. Geeks love performance testing, and if the highest risk is determined to be your computing performance, you just might find an exception to the policy.
MYTHS
A network adminstrator that gets hit by a bus, will cause your data to be lost. FALSE. The majority of organizations that have the funds to implement a project such as this, will also have determined off site storage of encryption keys as well as any othe data that would be backed up. Usually it is a different geographical location that utilizes high physical security controls. Yes there will be members of the staff that will have access. That is why there are Human Resource controls in place to vet the administrators. I.E. background checks.
An encrypted drive can not be accessed to retrieve data. FALSE. encrypted or unencrypted, proper data backup methods should be in place. With PGP specifically, I created a bartPE cd that allowed retrieval of data on a hard
People aren't going to take green technology seriously until it wins in rally or 24 hour le mans or somethign similarly awesome to win. Having to make a special competition just for green cars seems like, well, these cars are cool and all, but just not actually competitive with already existant technology. This isn't good for the public image.
Winning an existing competition will be difficult, if not impossible. Most of the sponsoring organizations have very detailed rules that cover almost all technical aspects of the car build. It may be possible to organize an event to invite many of the existing types of race cars, but I suspect that would take a very large amount of funding. Even if the funding is there, just participating in such an event for the typical racing team would probably violate a rule by the sanctioning organization. Of coarse you could probably get a car built to the specifications, but unless they are beating a well know racing team, even that doesn't have much appeal. Until fathers and sons and building fuel cell cars in their garages for Saturday night racing events, it probably wont have the social appeal that is needed to draw global attention.
Slashdot Mirror
Urm Gnome isn't Linux? I was under the impression that gnome was simply a GUI, and that the "core" of the OS or "Kernel" was Linux, a UNIX derivative originally developed by Linus. Also,that open source projects were based on standards that may have deviations in the implementation, but still try to follow the standards. Please have tolerance before you blast me, as this is my interpretation and observations without any definitive answers. Additionally, I don't get the "making Linux look like windows for older folks". Are you sure this hangup isn't in your head? Personally, I installed Ubuntu about 2 years ago on my 83 year old grandmothers PC. After two months, I asked her how the computer was doing, and she said "It is running faster than it used to, and I like the version of Mahjong, because I can read the letters easier." I did not tell her I changed her PC to Linux, I just took the time to explain that her computer was gonna be different now, and that she needed to do things slightly differently.
As soon as notifications start annoying me just like windows XP notifications did, you will hear the sound of my shuttling feet moving to another operating system.
alaederach wasn't looking for a sales pitch on Truecrypt. The decision has been made. He is looking to the slashdot community to empower him with a good argument to resist encryption. I hope that he chooses to embrace encryption, while recognizing that it is not applicable to every environment or computer. He can still make an informed argument against it in his case, provided he is correct in his assessment.
POLICY
alaederach, I believe the folks that posted advice about resolving this through the proper channels to get an exception to the policy is your best route. Dont start argumentatively. Explain your concerns and keep an open mind about them. Start with a member of the team that is deploying PGP and ask what the proper procedure is to get an exception to the policy. If there is a project manager assigned, that would be the person to start with. Project managers are usually more open to the needs of your area, and have the power to address issues that are raised during the implementation process. Kindly explain your concern, and ask if a high performance system can be benchmarked and tested prior to the roll out of PGP.
PERFORMANCE
As a proud tin foil hat wearing network administrator whom has rolled out PGP, I did not find a performance hit that was enough justification to make an exception in our environment. However, the identified risk of data loss and theft was a concern for the traveling laptops. The servers were less of a risk due to the physical security controls that were in place. PGP was only rolled out to laptops in my environment. I would recommend extensive testing prior to the roll out for high performance machines. Boot times were slower, but were measured in seconds vs minutes. In every case where performance was an issue, it was typical problems that one might find on a windows machine, and was unrelated to the encryption.
SECURITY
Every time I have worked as a member of a team deploying a security measure, the same argument is claimed by someone. "There is no reason to do X as it can be subverted." That goes for policy, physical access controls, software, and hardware. Encryption is no exception to this. Yes, warm and cold boot attacks are possible. Yes, highly motivated individuals, groups, and governments may have the ability to access your data. Security is best used with many layers. It can be highly effective at reducing risk, and keep higher percentages of the population from accessing or corrupting your data. alaederach, your best argument here is risk vs reward. This is where you kindly make your claim that risk is low due to the low impact of data loss in your environment. At the same time, if you have good physical security controls, you might want to include that in your argument. If the data that your work produces is valued higher by the decision makers than what you are sharing with us, then you may want request the performance testing and explain the risk of lower production due to performance. Geeks love performance testing, and if the highest risk is determined to be your computing performance, you just might find an exception to the policy.
MYTHS
A network adminstrator that gets hit by a bus, will cause your data to be lost. FALSE. The majority of organizations that have the funds to implement a project such as this, will also have determined off site storage of encryption keys as well as any othe data that would be backed up. Usually it is a different geographical location that utilizes high physical security controls. Yes there will be members of the staff that will have access. That is why there are Human Resource controls in place to vet the administrators. I.E. background checks.
An encrypted drive can not be accessed to retrieve data. FALSE. encrypted or unencrypted, proper data backup methods should be in place. With PGP specifically, I created a bartPE cd that allowed retrieval of data on a hard
Winning an existing competition will be difficult, if not impossible. Most of the sponsoring organizations have very detailed rules that cover almost all technical aspects of the car build. It may be possible to organize an event to invite many of the existing types of race cars, but I suspect that would take a very large amount of funding. Even if the funding is there, just participating in such an event for the typical racing team would probably violate a rule by the sanctioning organization. Of coarse you could probably get a car built to the specifications, but unless they are beating a well know racing team, even that doesn't have much appeal. Until fathers and sons and building fuel cell cars in their garages for Saturday night racing events, it probably wont have the social appeal that is needed to draw global attention.