Re: Administration password

From: Timothy Goddard (interfecus_at_at@hotmail.dot.com)
Date: 11/10/04


Date: Wed, 10 Nov 2004 23:23:29 +1300


"Bill Unruh" <unruh@string.physics.ubc.ca> wrote in message
>
> IF they have local access, encrypting local files helps not at all.
> they can then read everything you type anyway, including passwords.
>

You're right in that keyloggers are one of the biggest threats to
encryption.

Encryption does, however, prevent them from extracting confidential files
straight away. If they intend to steal a document and it has no encryption
then with a boot disk they can just mount the hard drive and copy the file
to a disk, bypassing passwords completely. With encrypted documents, they
have to go to the extra trouble of installing a keylogger and catching the
pass-phrase used for encryption.

With a BIOS password, they have to remove the hard drive just to get access
to it. With encryption as well they have to remove the hard drive, connect
it to their computer, install a keylogger, replace the hard drive, and make
sure you don't notice them doing it just to get your confidential
information. Even then they have to wait until you next use your passphrase.

If you're paranoid, install a lock on the case. If you're even more
paranoid, get an RSA smartcard, reader, and keypad for your encryption
software. A lock's probably more effective though, and much less expensive.

If you're more worried about them damaging your system than stealing
information, encryption won't help you. Then again, if they wanted to damage
your system they could just do so physically.

I don't know whether or not you can get a windows version of "tripwire"
(unix/linux) which creates a hash database of system files on a disk and can
be used to periodically check for any alteration. A search might reveal
something.



Relevant Pages

  • Re: Validating if password is encoded or encrypted
    ... encryption algorithm or hash function. ... specify the character set used on the system where the passwords were ... Usually the passwords will be base64 encoded before being stored in the db ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ...
    (Pen-Test)
  • Re: one way permutation?
    ... It's still modular encryption, but it's only ... For that, you DO need public-key techniques, such as ... Look on my page about "Passwords and ... kind -> owner ...
    (sci.crypt)
  • Obfuscating sensitive data? (was: response to tax software not encrypting tax info)
    ... Encryption without a key is useless. ... If you can retrieve the file, brute force is always possible, so nothing ... attacker laugh, assuming he is just a bit smarter than a piece of wood. ... Never just obfuscate the passwords by using a generic key. ...
    (Bugtraq)
  • Re: In child porn case, a digital dilemma
    ... passwords. ... By now PGP has ... poop" having only been invented in 1991 and updated since. ... The fastest way to break encryption is to ...
    (alt.true-crime)
  • Shredder ?!
    ... Ubuntu; maybe just on one partion if speed is a problem. ... Passwords are VERY important! ... encryption breaking software will be through your super 256 bit ... Firewalls, virus protection, IP blockers I could go on but I am sure ...
    (Ubuntu)