|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dataloss] (article) "We recovered the laptop!" ... so what?
From: Chris Walsh (cwalsh
cwalsh.org)
Date: Tue Feb 13 2007 - 09:49:17 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The laptop and the passphrase are in the same laptop bag, which is
stolen.
Game Over.
That is why a good law will require that the key not be lost, and
(more generally) will set a key management floor, as well as
specifying which encryption methods are approved, and saying that
encryption is safe harbor only for instances of physical theft of the
device. No current state laws do these things, IIRC. Only one of
them even *defines* encryption, and they (Nevada) do it horribly wrong.
On Feb 13, 2007, at 7:50 AM, security curmudgeon wrote:
>
> For the sake of argument, I'll disagree here.
>
>
> That said, can you describe a scenario other than what I described
> above
> as a viable way to get to the client data on my laptop?
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tracking more than 148 million compromised records in 573 incidents over 7 years.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]