In article <20100406010806.E785581461@fleegle.mixmin.net>, The Lookout
<the_lookout@nym.mixmin.net> wrote:
> Travis The Dragon AKA insane for boys wrote:
> >On 2010-04-04 05:58:10 -0500, The Lookout <the_lookout@nym.mixmin.net>
> >said:
> >
> >> "_C'0-SM-oS," <oezse@sats.com> wrote:
> >>> Hi lookout
> >>>
> >>> Interesting reading and thanks for the heads up note,
> >>>
> >>> I am not sure but this seems to relate to a computer that is up and
> >>> running but locked by the user
> >>>
> >>> Not sure if it works with ones that have been off or/and the drives
> >>> dismounted
> >>>
> >>> What is your understanding of the claims of the Software Company?
> >>>
> >>> Cosmos
> >>>
> >>>
> >>> One more example for not leaving a computer running and UN attended
> >even
> >>> if its screen locked
> >>
> >> Hi Cosmos,
> >>
> >> It does require that the encrypted volume be mounted. I was thinking
> >about
> >> how many of us rely on a passworded screensaver or 'Windows-L' when
> >leaving
> >> our computer unattended for only a couple of minutes.
> >>
> >> We should make it a habit of dismounting and clearing cached passwords
> >each
> >> and every time we step away.
> >>
> >> Take care,
> >> The Lookout
> >
> >Here's a thought: Truecrypt allows you to use files as keyhashes
> >instead of an actual password. So what if you, for example, use 10
> >mp3's as keyhashes and have say, 5 mp3's burned on one disc and 5 on
> >another? When you want to mount, you just copy the mp3's onto your
> >harddrive and after you dismount, delete the mp3's.
>
> Hi Insane,
>
> I'm afraid that the result would be the same if the keyhash/passphrase
> is cached. It really isn't the mathematics behind the encryption that
> they are defeating, it's the decryption key/passphrase stored in memory
> that is being copied. That attack requires that your encrypted volume
> be mounted, even though your computer is screen locked (Windows key+L).
>
> It's best to just dismount and clear cached passwords to be safe when
> stepping away.
>
> Take care,
> The Lookout
>
>
I never liked the idea of a whole encrypted drive. What happens if the
file system develops a problem such as can happen with a OS crash or if
the drive gets disconnected "accidentally" without dismounting it
first? Disk repair utilities couldn't fix it or recover files.
Everything would be lost!
I didn't see anything about encrypted containers which can be copied
and backed up to other drives. Would the same things they warned about
apply? What about the swap file? MacOS has the option to encrypt the
swap file but I don't know how secure that is when the computer is on
or off. Are unsaved passwords cached in MacOS memory like in Win?
Turning your computer off when you don't use can be a hassle but there
is another problem that can be much more serious. If you are raided
while you are in the same room as your computer how *fast* can you turn
it off before they grab you? A wise friend advised the computer and
external drives be on a power control center or strip with an off
switch you can reach in an emergency when are you are sitting at your
computer or standing in the room. A little practice can make your
reactions faster. It is a little more complicated with a notebook comp
that uses a battery but you get the idea.
I don't have anything seriously illegal in my comp but I do have a
problem with more than average risk of my notebook being stolen. My
danger with the law isn't as much as with some people here (mp3s
anybody? LOL) but I don't want strangers messing with my personal info
anymore than anybody else does!
--
Grant
|
| Follow-ups: | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 |
|