Somewhat OT, encryption question

Bill Oliver vendor at billoblog.com
Wed Nov 26 21:58:32 UTC 2014


On Wed, 26 Nov 2014, Joe Zeff wrote:

> On 11/26/2014 12:47 PM, Bill Oliver wrote:
>>  Now let's say that flash drive is stolen, lost, etc. *and* the
>>  passphrase is compromised.  I want the data on the flash drive to be
>>  available *only on one computer* even if the passphrase is known.
>
> What happens when (not if) some piece of hardware dies without warning?
>

Then I'd rely on decrypted backups, which are stored under physical lock and key. Or, if necessary, I'd simply go back to the client and get the data again.  I do that a lot with paper files, since I burn them when my consultation is finished.  Occasionally, the client will come back for more help, and I'll have them resend the information.  My problem is *not* loss of data.  It's security.

Since I do investigative work and litigation support involving violent deaths occurring in multiple countries, including evaluation of possible human rights abuses and assassinations (though most of what I do is much more mundane), I have *boxes* of confidential material in a safe in my home.  For example, one of my coworkers recently returned from Gaza, looking at deaths of children there.  As you might expect, the information and imagery she brought back might be inflammatory, and until the final report is released, there are significant issues with data security.  But the fact is that she can lose her working copies of stuff because the archival copies are in a secure place.

If someone is willing to break into some place and dynamite a safe, then that's the breaks.  However, I also have the problem of folk constantly attempting to gain access to materials electronically.  More recently, I lost a flash drive that had sensitive data on it.  While the drive is encrypted, and I believe that it was "really" lost, not picked up, I'm not overly concerned.  But that started me thinking about trying to fix it so that even if someone had my passphrase, they could still only open it on my secured computer.


billo


More information about the users mailing list