Re: Seeking Encryption Software Referals
From: Brian Maratikos (test_at_)
Date: 02/26/05
- Previous message: Brian Maratikos: "Re: Seeking Encryption Software Referals"
- In reply to: xpyttl: "Re: Seeking Encryption Software Referals"
- Next in thread: Walter Roberson: "Re: Seeking Encryption Software Referals"
- Reply: Walter Roberson: "Re: Seeking Encryption Software Referals"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 25 Feb 2005 20:24:01 -0600
"xpyttl" <xpyttl_NOSPAM@earthling.net> wrotf:
>"test" <test@> wrote in message
>news:abis11tqf8gdpnapefddk3lfff8kso5l0n@4ax.com...
>
>> I am currently using Windows ME. I would like something that is
>
>How silly. Windows 9x was never intended to be even a little secure. You
>are looking for a industrial strength lock on a paper door.
>
>At least upgrade to XP. With NTFS you have a prayer. And take M$'s folder
>encryption and call it good. If you are currently running ME you don't have
>the processes in place to make effective use of anything more serious
>anyway.
I assure you I am quite familiar with the security of various
Microsoft products. NTFS uses DES for encryption and I am not
impressed with DES (cracked in under 18 hours) or MS inplementation of
it in EFS.
>Keeping private data private requires a multi layered approach. The
>foundation to that approach is an understanding of the threats and
>vulnerablities. It seems all too common for folks to think of all sorts of
>nightmare scenarios and ignore the common threats. If you are serious about
>protecting your data, first get a business process consultant to help you
>get your business processes in order. Once that is done (and it will take
>years), get a security guy to help you get a security infrastructure in
>place. THEN, MAYBE, drive encryption might make sense.
I *am* a Security Consultant. Trust me, I know what the risks of
using my current OS are. *Any* MS product is going to have huge,
gaping security holes. If anything ME is *more* secure than XP or 2K
through the security by obscurity method. Encryption is *one* layer
of my security, and I want it to be watertight.
>Software is never a solution. I always say never use always or never, but
>this is one case where it is true. Software can sometimes be part of a
>larger solution, but it is never the solution. Fix the real problem first.
>ME by itself isn't the problem. The fact that you seem to think that
>protecting your data is important, and yet you are still running ME is an
>strong indication that you have much more serious problems. Don't fool
>yourself.
>
>Putting in place something that makes you feel all warm and fuzzy is only
>going to delay your recognition of the real problem. IT WILL MAKE THINGS
>WORSE. If you don't want to face the real problem, at least don't waste the
>money. Feeling like you are at risk is probably better protection than a
>patch that won't work.
I'm not looking for a lecture, I'm looking for advice from people who
have done more research into this issue and have more expertise than I
can hope to attain.
Since you seem to have some knowledge of these issues, I'll ask again.
What encryption products do you prefer?
Brian
- Previous message: Brian Maratikos: "Re: Seeking Encryption Software Referals"
- In reply to: xpyttl: "Re: Seeking Encryption Software Referals"
- Next in thread: Walter Roberson: "Re: Seeking Encryption Software Referals"
- Reply: Walter Roberson: "Re: Seeking Encryption Software Referals"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
