I missed this thread while travelling.
Cooper said "I'm disappointed that no products in this space support the RSA tokens at preboot." Mobile Armor's DataArmor does, it has even been certified by RSA. To not support these things is a choice on the part of the other FDE vendors to not update their software from their original 1980's format. Regards; Bryan ------------------------------------ Mobile Armor Bryan E. Glancey Co - Founder & Chief Technology Officer [EMAIL PROTECTED] 400 South Woods Mill Rd. Suite 110 Chesterfield, MO 63017 tel: 877-276-6778 fax: 877-277-7369 mobile: 314-495-2048 http://www.mobilearmor.com/ ------------------------------------ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, August 08, 2007 10:41 AM To: [email protected] Subject: Re: [FDE] RSA C/R Tokens Wouldn't a pre-boot RSA Token "model" require integration of token handling routines in the computer's BIOS? I have seen hardware that boots PXE from a network so connection to a RSA Token server BEFORE WinOS loads for purposes of token synchronization could be done. Maybe someone can suggest this to a couple of the major PC vendors or drop a hint at the next COMDEX (whatever tradeshow DoD contractors frequent). ~ Dennis C. Virginia Beach, VA ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Coopers Hawk Sent: Monday, July 30, 2007 12:09 PM To: [email protected] Subject: [FDE] RSA C/R Tokens I'm disappointed that no products in this space support the RSA tokens at preboot. It would be a huge win for any vendor and if someone spent a few minutes thinking about it I don't think it would be that *difficult* to implement. Stop thinking about making a preboot network connection ... that is a overly complex way to look at it. Consider the way RSA does it with a disconnected Windows logon ... just work with RSA to extend that to an always disconnected preboot environment (that syncs up future codes once connected inside Windows). At this point it seems like all the vendors have relationships with RSA already so that shouldn't hold things up ... I say let the race begin. I'll buy the first product that can do it well ;). Cooper -----Original Message----- From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ] On Behalf Of SafeBoot Simon Sent: Friday, July 27, 2007 10:24 AM To: [email protected] Subject: Re: [FDE] Best FDE-Product No, it's not linux based - we found Linux simply got too big when you added all the stuff we needed. No, we don't load network drivers (though we could) simply because we don't need them and to do so woud open up exploits. Also, what drivers would you load anyway? There are hundreds of different network cards.. Remember - we're trying to be small and fast.. As for the dynamic RSA tokens - you probably realise they only work if you have a network connection to an ACE server, so again, no. We support things like the SID800 though which work stand alone. Imagine how hard it would be to support a user with a RSA C/R token working in a hotel over a VPN. We'd need a network stack, card drivers, probably a WIFI stack, VPN, web browser (to allow them to sign into the hotel wifi network) plus the ACE software - might as well just let them load windows and use SafeBoot Content Encryption instead. _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
_______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
