Re: Do I have to set another password in the CMOS setting to enhance the security of OS?
From: Alun Jones [MSFT] (alunj_at_online.microsoft.com)
Date: 04/20/05
- Next message: Chad: "log files"
- Previous message: Alun Jones [MSFT]: "Re: Other Users with My E-mail Address"
- In reply to: Frank Saunders, MS-MVP IE/OE: "Re: Do I have to set another password in the CMOS setting to enhance the security of OS?"
- Next in thread: andy smart: "Re: Do I have to set another password in the CMOS setting to enhance the security of OS?"
- Reply: andy smart: "Re: Do I have to set another password in the CMOS setting to enhance the security of OS?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 20 Apr 2005 10:13:02 -0700
"Frank Saunders, MS-MVP IE/OE" <franksaunders@mvps.org> wrote in message
news:OhGrt6bRFHA.3560@TK2MSFTNGP14.phx.gbl...
> "andy smart" <anonymus@discussions.microsoft.com> wrote in message
> news:d4539o$7i7$1@newsfeed.th.ifl.net
>> Indeed, but frankly if somebody has that level of physical access + time
>> + inclination no level of security is going to defete them!
>
> True.
Oh, I don't know...
EFS would certainly be of great use there - as some of the posters here have
found, there's essentially no way to crack it if you don't have the right
credentials in hand. As such, you need to consider it as a measure that
says "I would rather lose this copy of the data than have the wrong person
access it" - the phrasing is deliberately intended to make you think about
backing up EFS-protected files.
Heading more towards either science fiction or military hardware, there are
some devices that endeavour to be "tamper-proof" by destroying themselves
when they detect that some physical attack is in progress.
But yes, one of the "ten immutable laws" is that physical access beats
everything. Physical access risks can be mitigated - through secure
encryption, for instance, or by having such physical access monitored and
logged through a security camera.
Even using encryption is a kind of a gamble, though - today's encryption may
be crackable with tomorrow's hardware or mathematics. Encryption is often
described in terms of protecting data for longer than the time over which
that data is valuable. If I can decrypt a file in six months, but the
information in the file is only useful for three months, then the file is
useless to me as an attacker.
If an attacker can decrypt your credit card number in six months of
attacking a file, though, the attacker will get some benefit.
Alun.
~~~~
-- Software Design Engineer, Internet Information Server (FTP) This posting is provided "AS IS" with no warranties, and confers no rights.
- Next message: Chad: "log files"
- Previous message: Alun Jones [MSFT]: "Re: Other Users with My E-mail Address"
- In reply to: Frank Saunders, MS-MVP IE/OE: "Re: Do I have to set another password in the CMOS setting to enhance the security of OS?"
- Next in thread: andy smart: "Re: Do I have to set another password in the CMOS setting to enhance the security of OS?"
- Reply: andy smart: "Re: Do I have to set another password in the CMOS setting to enhance the security of OS?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
