Forgot your password?
typodupeerror

Comment: Re:Back to your assertion, please provide evidence (Score 1) 107

by fahlenkp (#34624562) Attached to: What To Do About Mobile Devices That Lie
Hi, I can help you understand many of these subjects. HIPAA as put forth by Centers for Medicare Services on behalf of the US Government has partnered with NIST to establish controls for protection of patient data. The end result being that HIPAA data is protected by FIPS-140-2 standards. PHIPA - I'm assuming the name I threw in, is the health regs modeled on the US HIPAA but used in Canada. The Ministry of Health decided to use US NIST FIPS 140-2 standards or better as well. Military uses a mix of FIPS 140-1 to 3 for normal stuff. Funny how the National Institute of Standards and tech would implement standards for the nation. Lazy example 1 you provided is an inaccurate example, I don't think you read the last paragraph, or that you understand the difference between breaking encryption on the phone vs breaking the transmission protocol from phone to carrier. Any phone besides blackberry on the carrier to phone has next to nothing. Lazy example 1 has been mitigated by blackberry. Lazy example 2 - Ok, that is a good example os poor implementation. But so incredibly easy to mitigate, I'm not sure why you linked it. I don't know anyone who uses blackberry desktop, not a BES server. And even if you did use blackberry desktop, your hard drive will already be encrypted to nist fips-140-2 standars if you are in this business anyway. Thanks for the link, I didn't see it. But stupid example. Trolling? I'm open to a nice discussion, you know, what slashdot is supposed to be. IT folks exchanging information. The information I would exchange back to you - in your threat assesment of Blackberry, look at the statistics involved in risk management on this subject. The biggest risk is loss/theft of the physical device. Not backups, not data transmission. You know, #1 in the NIST/FIPS security cycle- Identify the problem. Next line- no phone is secure. Agreed, if there are no wires and no radios, the more it is like a hunk of granite, a device is more secure. But there are more secure devices than others and I stand by my premise that a blackberry is more secure than an iphone and a google phone. I was trying to use an easy example to show you that one device was more secure than the other with the youtube search. I guess the youtube numbers game was not a good choice to try to convince you. I am aware of many problems with modern encryption. Most require more $ worth of GPU power than my data is worth. I'm not interested in the theoretical fun you are. I'm interested in the practical implementation of these technologies. I am also interested in protecting my company from monetary losses incurred from failing to observe federal regulations for processing patient data. I suppose the big difference is that I'm prepared for a US court, you are prepared for what, writing a book about conspiracy theory? At this point I abandon my customer service practice and move on to begging you to put your tinfoil hat back on. (don't forget to run a line to earth ground or it doesn't work)

Comment: Back to your assertion, please provide evidence (Score 1) 107

by fahlenkp (#34612838) Attached to: What To Do About Mobile Devices That Lie
I am fairly well versed on FIPS standards for both HIPAA, PHIPA and rusty on DoD work. I 'try' every day... Please return to your assertion that blackberry encryption is weak and comprimised. I will state my challenge to you again in simple plain terms so you might understand before replying this time. 1. Cite articles from sources displaying proof of your assertion. I can't find any. Perhaps you could inform NIST of these breaches so that they can remove the offender from the certified list. 2. Provide details on why cracking iphone encryption comes up a lot on youtube, and blackberry not at all. Here is my link for abundant proof of my claim.- http://tinyurl.com/28wesd6 I'm patient. Take your time.

Comment: Will adobe follow up, will this crush Apple? (Score 1) 1

by fahlenkp (#34609920) Attached to: Will there be Adobe Creative Suite for Linux?
My developers constantly justify macbook pro's because they say Adobe apps run better on Mac. Last I checked on benchmarks, a Windows machine for less money beats the tar out of a Mac on most of these apps. If they don't want Windows, fine, please let us have linux. Everyone needs to jump on the getsatisfaction page there and chime in to keep development alive. Competition is good.

Comment: Re:Great idea despite the naysayers (Score 1) 399

by fahlenkp (#34609300) Attached to: Intel's Sandy Bridge Processor Has a Kill Switch
I challenge you to cite some examples of PGP, Credant, Truecrypt, or Checkpoint disk encryption failing to patch their whole disk encryption. I'll come up with a list many times bigger with holes that are patched. I am here because my job depends on it and I need to keep an open mind. Please educate me.

Comment: Primer on how this works because you guys=confused (Score 1) 399

by fahlenkp (#34603224) Attached to: Intel's Sandy Bridge Processor Has a Kill Switch
1. purchase license for remote recovery service. 2. enable service on laptop bios, encrypt drive, enable intel kill switch. 3. now I can see all computer's GPS history in a nifty web portal. It has pretty maps and charts, good manager bait. Now I can set fences based on country, state etc to start a wipe and shut down if it leaves that fenced area. 4. User reports stolen laptop, we report to security service. 5. Remote wipe sensitive directories, execute any custom commands. 6. Alert cops to pick it up, start a timer for kill switch based on battery life. 7. Cops don't pick it up, battery is low, disable machine completely with intel switch (only new part here). If you own a laptop, get in the bios right now and look for computrace activation. If it is a business class machine, it is already there and has been for years. If you don't like it, don't get an aircard. All of this technology is up and running for me and a lot of other corporations. If you don't like it, and you work for me, fine. Quit. If you are a home consumer, disable it. Every other service on your computer is equally vulnerable to unknown unwritten malware.

Comment: Re:Great idea despite the naysayers (Score 1) 399

by fahlenkp (#34603126) Attached to: Intel's Sandy Bridge Processor Has a Kill Switch
So you don't have a machine with a built in SSH port? (or remote desktop?) What is really harder? Building a virus to modify a modern BIOS or execute RM -rf? The point of most malware is not to render the computer useless. It is to use the computer in a botnet or extract valuable information. Now where was that tinfoil hat? Maybe I am missing something obvious.

Comment: Re:Great idea despite the naysayers (Score 1) 399

by fahlenkp (#34603082) Attached to: Intel's Sandy Bridge Processor Has a Kill Switch
Absolute=lojack the parent company. These guys are late to the big brother party. Lenovo, Dell, HP all come with the SMS activation with no power and gps tracking support in the BIOS. The icing on this cake is that when I report a machine stolen now, sms message goes out, activates gps, cops go after it, and the processor is disabled so if the battery does run out, the machine is useless. The comment 2 up-- You didn't read my comment. We encrypt our drives. While once in a while a crack comes out for this, it gets patched pretty quick. I'm not concerned. I just read a little more, you have to enable it in the BIOS, doesn't come by default. You can also have the full functionality restored.

Comment: Great idea despite the naysayers (Score 1) 399

by fahlenkp (#34602954) Attached to: Intel's Sandy Bridge Processor Has a Kill Switch
While I wouldn't say it isn't possible for someone to break in and kill your machine, it isn't likely. We have been using Absolute software's offering and have been able to do remote wipes on laptops for a long time now. Nobody has broken in and wiped out all the computers with this technology. That being said, do you really think IT who implements this doesn't have a backup? And that our legal departments wouldn't get fair compensation if said "gotcha" really occurs? I would rather have the ability to disable a phone or pc in any way possible when I need it to happen. For the comment above about just moving the hard drive to another machine.. Really? Who goes through the trouble of enabling this, and paying monthly for the service and just skips the whole drive encryption bit? My vote is go Intel.

Comment: Re:Nothing (Score 1) 107

by fahlenkp (#34602532) Attached to: What To Do About Mobile Devices That Lie
In my experience, things that have undergone more testing generally tend to have better performance. NIST tests the devices, algorithms, policy, etc. They don't wave a magic wand that makes it more secure or take a payoff to say it is just compliant as you state. Saying that no security measure is 100% to prove a point is gutless. Of course it isn't, but a security plan with more thought and research is more effective at meeting it's goals than none. Have countries outlawed iphone because the encryption is too difficult for government agencies to tackle? If it is so easy, why does this happen? Maybe you can link some examples and educate us. I am often wrong and would like some help if this is the case. I find a lot of youtube videos showing any idiot how to break in to any iphone OS version, where are the videos for Blackberry? I for one feel more comfortable having grandmas's ssn on some doctors blackberry than his iphone. Judging from your other flamebait comments, I think I am wasting my keystrokes here.

Comment: Re:Nothing (Score 1) 107

by fahlenkp (#34599112) Attached to: What To Do About Mobile Devices That Lie
I disagree with most of the comments here. In my opinion the solution is to continue to use Blackberry and ban iphone, google and MS phones from uses that require security. The nice folks at NIST regularly test Blackberry systems and they continue to pass over and over earning the magic FIPS140-2 certification. Throwing your arms up and screaming "screw it" indicates you are either joking or having a nervous breakdown and need to step down from your IT post. Layered defenses are effective because no one layer may be completely trusted. You have to make the best decision you can per layer and move on. In this situation it is easy. Continue to use only FIPS-140 approved devices. The encryption, security and central management on Blackberry is a lot better than the (none) on the other platforms.

Comment: In related news, seti@home scores are 10x faster (Score 1) 228

by fahlenkp (#34599054) Attached to: The Clock Is Ticking On Encryption
Somehow they took my boring news of Moores's law - My seti@home and primegrid stats are moving 10x faster with my new laptop's gpu. They turned that into - IN THE FUTURE COMPUTERS MIGHT BE REALLY FAST AND MELT YOUR 1960s PASSWORD! It isn't exciting. Quantum computing will come with both encryption and decryption. Nobody cares what it does to your password from 15 years ago.

Badges? We don't need no stinking badges.

Working...