Full Disk Encryption Dos and Don'ts

Discussion in 'other security issues & news' started by ronjor, Oct 21, 2009.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,728
    Location:
    Texas
    Article
     
  2. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    The author forgot:

    "DON'T use an encryption product that is closed-source." Indeed, the author even says to stay away from open-source (which shows his ignorance on the subject).
     
  3. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    I agree with you about the closed source vs. open source issue. This article seems strictly geared toward corporate and business environments. If that's the case, then I think it's fine. There's a lot of talk about "functions such as key management, access control, lock-outs, reporting and recovery". In these types of environments, a back door isn't necessarily a bad thing. They seem to be more interested in functionality than getting the most secure product possible.

    The only problem I have with the article is that it's not clearly stated that this is an enterprise encryption strategy, and not one for the individual user.

    For the individual user who has more leeway in selection, I would go with an open-source, simple solution with no option for password recovery.
     
Loading...
Thread Status:
Not open for further replies.