Best encryption sw for home laptop

Best encryption sw for home laptop
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Computer Software Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Best encryption sw for home laptop emailchrisco 06-19-2006
Posted by TwistyCreek on June 22, 2006, 9:45 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> There's no need to do so. Just remove it.
> Actually I even wonder why to have any relation to the original
> archive at all.

<snip>

So flustered you have to reply twice with slightly different wording?

How pathetic.


Posted by Demosthenes on June 22, 2006, 9:19 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
In article
>

> > As you might or might not have understood by now, the
discussion was
> > about ever needing admin rights - yes, you do, to install it
for the
> > very first time. If you never had admin rights, you're
pissed of.
>
> The discussion was about needing a "driver", where it came
from, and
> how it's implemented. With the single exception of actually
needing one
> for Truecrypt's traveler mode, you're so far out in left field
you're
> not even in the game.
>
> The driver is in the file itself. It's loaded temporarily, and
unloaded
> when the volume is unmounted. You're trying to say it's not by
> yammering on about "first time" nonsense. You need admin
rights *every*
> time you mount the volume.

No, you don't, only the first time.

From the Free OTFE documentation:

Portable mode allows you to use FreeOTFE without first
installing it on your computers hard drive.

WARNING: Although no files are copied to your computers hard
drive, because part of the manner in which MS Windows manages
device drivers, when portable mode is started, Windows writes
certain details of your portable mode drivers to the registry,
specifically the full path and filename of the drivers used
together with other basic information on the drivers (e.g. if
they are started manually or automatically at system startup).


It should be noted that the points raised here apply equally to
other OTFE systems that support any kind of "portable mode".

Note: Administrator rights may be required in order to use
portable mode.

On the other hand, anyone who suggests that sending plaintext is
the equivalent of sending a self-extracting encrypted .zip file
doesn't get much credence from me...




Posted by Borked Pseudo Mailed on June 23, 2006, 12:34 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Anonymous-Remailer@See.Comment.Header (Demosthenes) wrote:

> > The driver is in the file itself. It's loaded temporarily, and
> unloaded
> > when the volume is unmounted. You're trying to say it's not by
> > yammering on about "first time" nonsense. You need admin
> rights *every*
> > time you mount the volume.
>
> No, you don't, only the first time.

Yes, you *do*. You're misreading the very documentation you quoted I

think.

> From the Free OTFE documentation:
>
> Portable mode allows you to use FreeOTFE without first
> installing it on your computers hard drive.
>
> WARNING: Although no files are copied to your computers hard

Note: No files installed on the machine. This means any drivers as
separate. Included only with the "archive".

Take it to the logical extreme, and I think it's clearer. Burn a
traveler mode volume to CD and access it once. Windows makes a record
of where the drivers are, and loads them. Now remove teh CD and reboot
the machine. The drivers can not be loaded, obviously. To reload them
you have to again have admin privileges, like you do when you load any
such device driver.

> drive, because part of the manner in which MS Windows manages
> device drivers, when portable mode is started, Windows writes
> certain details of your portable mode drivers to the registry,

Yes, it makes registry entries. This is a completely different thing
than installing drivers. Windows also makes a record of the drive
letter, accessed files, and a lot of other things that have nothing at
all to do with loading or unloading the actual drivers that grant you
access.

> specifically the full path and filename of the drivers used
> together with other basic information on the drivers (e.g. if
> they are started manually or automatically at system startup).
>
>
> It should be noted that the points raised here apply equally to
> other OTFE systems that support any kind of "portable mode".
>
> Note: Administrator rights may be required in order to use
> portable mode.

Please read this line again. Note it says "to use", not "to use the
first time" or "to install". Every time the driver needs reloaded you
need admin rights (if your OS requires admin rights to load this sort
of driver at all). Remember that nothing is installed locally. Now
think about how those drivers will remain loaded, or reload, after they
have been unloaded or the volume has been removed.

The short answer is, they can't, unless you specifically request them
to be reloaded by attempting to mount the volume again. And that
requires admin rights.

> On the other hand, anyone who suggests that sending plaintext is
> the equivalent of sending a self-extracting encrypted .zip file
> doesn't get much credence from me...

Of course not. That's as ridiculous a statement as has ever graced this
group. Compromising a PGP SDA or encrypted WinZip archive isn't
anywhere near as "simple" as some people might mislead you into
believing either. This sort of software wasn't dreamt up yesterday.
There's been a considerable amount of effort invested in making sure
they can't be tampered with. But if you're of the "nothing is perfect"
mind set, then by all means move the encrypted archive to an isolated
machine and open it. If there was any chance that it had been cracked
or replaced, you've given the attacker nothing. You'll know it right
away, and you can make arrangements to have the data resent.

FWIW, I spent 8 years in the US Air Force handling encrypted
communications and data. This sort of suspected compromise happened
more often than anyone would like to admit. We had an extensive set of
procedures for destroying suspect data, and resending good data. It can
be done, and quite successfully, in spite of what those who have never
dealt with such things will tell you. You just need a good software, and
a little common sense. ;-)

--
Posted via a free Usenet account from http://www.teranews.com


Posted by Demosthenes on June 23, 2006, 7:14 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
>
> Anonymous-Remailer@See.Comment.Header (Demosthenes) wrote:
>
> > > The driver is in the file itself. It's loaded temporarily,
and
> > unloaded
> > > when the volume is unmounted. You're trying to say it's
not by
> > > yammering on about "first time" nonsense. You need admin
> > rights *every*
> > > time you mount the volume.
> >
> > No, you don't, only the first time.
>
> Yes, you *do*. You're misreading the very documentation you
quoted I
> think.

I believe that you are correct.

> Take it to the logical extreme, and I think it's clearer. Burn
a
> traveler mode volume to CD and access it once. Windows makes a
record
> of where the drivers are, and loads them. Now remove teh CD
and reboot
> the machine. The drivers can not be loaded, obviously. To
reload them
> you have to again have admin privileges, like you do when you
load any
> such device driver.

I got it.


> > On the other hand, anyone who suggests that sending
plaintext is
> > the equivalent of sending a self-extracting encrypted .zip
file
> > doesn't get much credence from me...
>
> Of course not. That's as ridiculous a statement as has ever
graced this
> group. Compromising a PGP SDA or encrypted WinZip archive isn't
> anywhere near as "simple" as some people might mislead you into
> believing either. This sort of software wasn't dreamt up
yesterday.
> There's been a considerable amount of effort invested in
making sure
> they can't be tampered with. But if you're of the "nothing is
perfect"
> mind set, then by all means move the encrypted archive to an
isolated
> machine and open it. If there was any chance that it had been
cracked
> or replaced, you've given the attacker nothing. You'll know it
right
> away, and you can make arrangements to have the data resent.
>
> FWIW, I spent 8 years in the US Air Force handling encrypted
> communications and data. This sort of suspected compromise
happened
> more often than anyone would like to admit. We had an
extensive set of
> procedures for destroying suspect data, and resending good
data. It can
> be done, and quite successfully, in spite of what those who
have never
> dealt with such things will tell you. You just need a good
software, and
> a little common sense. ;-)

What I want most to do is to carry data from home to my work
computer on a USB drive.

I want it encrypted in case I lose the USA device.

I want to be able to access it from my work computer, on which I
do not have admin rights.

PGP SDA or WinZip seem to be the only solutions.




Posted by Borked Pseudo Mailed on June 23, 2006, 9:13 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Anonymous-Remailer@See.Comment.Header (Demosthenes) wrote:

<bigsnip>

> What I want most to do is to carry data from home to my work
> computer on a USB drive.
>
> I want it encrypted in case I lose the USA device.
>
> I want to be able to access it from my work computer, on which I
> do not have admin rights.
>
> PGP SDA or WinZip seem to be the only solutions.

What about the most obvious solution... asking your admin to install
Truecrypt on your work machine. :)

Make the argument that allowing you to work from home makes you more
productive, and the security of Truecrypt makes you safe. Explain what
a win/win situation it is. If this is a legitimate request I don't see
how any employer or admin could possibly refuse. You apparently have
the ability to plug in a USB device and move files, so unless you're
violating your TOE or some NDA type thingy, you're being a lot more
responsible than the average Joe carrying unencrypted files back and
forth.

Even Truecrypt's licensing is golden...

http://www.truecrypt.org/license.php

2. "You" (or "your") means an individual or a legal entity (e.g., a
non-profit organization, commercial organization, government agency,
etc.) exercising permissions granted by this License.

[...]

2. You may use this product freely (see also Section III.) on single or
multiple computers/systems for non-commercial and/or commercial uses.

Section III deals with modifications and derivatives.

I really don't see a down side to any of it. :)


Similar ThreadsPosted
Laptop Question from Cornwall.... September 29, 2005, 1:24 pm
Very Slow to startup laptop ? July 22, 2006, 7:20 pm
Tracking of every event on laptop July 22, 2008, 11:24 am
Where can I find my wanted laptop? January 1, 2009, 5:39 pm
Home Lab May 21, 2008, 6:35 pm
U.S. government mandates laptop security July 6, 2006, 10:50 pm
home computer password November 27, 2005, 12:33 pm
Are You Looking For A Serious Home Based Business? January 30, 2006, 4:40 pm
Re: Best way to protect a laptop from highly skilled hackers and professionals July 30, 2006, 4:47 pm
Types of Attacks possible on a home computer.. April 8, 2007, 12:47 am

The site map in XML format XML site map

Contact Us | Privacy Policy