Nuts. Forgot to include the list on this. Sorry.
Kurt ---------- Forwarded message ---------- From: Kurt Buff <[EMAIL PROTECTED]> Date: Aug 30, 2006 11:32 AM Subject: Re: Whole disk encryption To: Saqib Ali <[EMAIL PROTECTED]> On 8/30/06, Saqib Ali <[EMAIL PROTECTED]> wrote:
> One way would be to give them only standard user rights to the host > OS, no ability to install programs, and rights only to unlock the > partition with the VM on it and to run that VM. If you are going to do that, I am not sure what is the added benefit of the VM. In that case might as well use full-disc-encryption on the physical hardware.
I think the benefits are several-fold - instruct me if you differ, please: 1) cheaper to retrofit to existing hardware 2) cheaper to implement on new hardware with low-cost or free VM software, like Xen (or QEMU on *nix boxen) 3) achieve benefits of both file/directory encryption and whole-disk encryption It does cost some user annoyance with having to sign in, launch the VM and then sign in again, but it might well be worth it for the benefits involved. Kurt --------------------------------------------------------------------------- ---------------------------------------------------------------------------
