Comment Re: must be hardware based encryption (Score 1) 177
It is possible I have a "real misunderstanding" of secrity and encryption. There are probably many posters with a better understanding than I.
But it is not just about the technology, it is about practical application of the technology. The majority of the posts on this thread home in on the issue of practicality not technology. In the real world people are not doing the things we expect or want them to. It is hard enough to get them to use the security tools.
In the response you say "software is fine" with a "few provisos".
But the "few provisos" can be real, practical cases where the system could be compromised.
DaMish said: " . . . you can no longer trust the onboard software to not be modified to save/transmit your password/key. "
And it is not just the case where a laptop is lost and recovered. How often do you find your users have downloaded all kinds of spyware and junk code onto their systems just to get a smiley cursor?
Do your execs stick their laptop in the bottom drawer overnight when they head out early to play golf?
Maybe software basd encryption is fine if you have an extremely disciplined user base. But then, it is only a few days since Symantec had to patch a major flaw in their anti-virus.
My belief is that the encryption implementation must be isolated from the system using a hardware based approach.
For me, software based encryption is not "fine" enough in the real world. Give me a hardware based solution (at the right price please).
Can anyone point me at some good hardware solutions?
But it is not just about the technology, it is about practical application of the technology. The majority of the posts on this thread home in on the issue of practicality not technology. In the real world people are not doing the things we expect or want them to. It is hard enough to get them to use the security tools.
In the response you say "software is fine" with a "few provisos".
But the "few provisos" can be real, practical cases where the system could be compromised.
DaMish said: " . . . you can no longer trust the onboard software to not be modified to save/transmit your password/key. "
And it is not just the case where a laptop is lost and recovered. How often do you find your users have downloaded all kinds of spyware and junk code onto their systems just to get a smiley cursor?
Do your execs stick their laptop in the bottom drawer overnight when they head out early to play golf?
Maybe software basd encryption is fine if you have an extremely disciplined user base. But then, it is only a few days since Symantec had to patch a major flaw in their anti-virus.
My belief is that the encryption implementation must be isolated from the system using a hardware based approach.
For me, software based encryption is not "fine" enough in the real world. Give me a hardware based solution (at the right price please).
Can anyone point me at some good hardware solutions?
