On 3/2/07, Michael Dickey <[EMAIL PROTECTED]> wrote: > Let's say I write down my encryption passkey and stuff it in my laptop > bag. My laptop bag is stolen along with the passkey to get in. Obviously > that is a way "around" encryption and that vulnerability is real.
this is one reason i am fond of multi-factor auth that includes a physical token or USB key of some kind. this key should be small (Sony Micro-Vault USM-H [0] is my personal preference for pass-phrase protected loop-aes secrets) and kept on a key chain. people lose their keys much less frequently than they lose laptops and storage media. placing disk keys on a key chain also ties into the usability / intuitiveness of a capability like approach for protecting your OS and storage. smart cards are another technique to consider, though wallets / purses get lifted more frequently than key chains. 0. Sony MicroVault USM-H 14.5x 2.7 x 30.0 mm storage fob http://www.sony.net/Products/Media/Microvault/usm-h.html _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
