This maybe obvious to a lot of people here but I've been on "Expert OS Boards" and have had people completely not understand how important it is for security reasons to encrypt the file system as well as the data. In fact people there have said there is no reason to encrypt the file system.
I can't go into details about who and what because I don't want to get sued. Lets just say it's digital content. The people who deliver it are suppose to make sure that the content is secure so that the content creators are protected.
The data is encrypted and they also go to a lot of trouble to make sure that windows and Linux can't read the OS by simply inserting the device into another computer. There efforts included hardware security devices, and non-standard industrial computers just to be clear. But what they fail to do is encrypt the under lying OS. So that tools available from any warez site can simply read the entire OS. So now I have there servers, I have there passwords, I have everything I need to go and rape them anally; IMHO DUH. Which in the end leads to getting the data.
There is close to $150,00 thousand dollars worth of data on one of these devices at current retail prices. I'm not interested in there data or there code base, or raping there servers, for the matter. Just there stupidity it's too easy. Something like this could bring a company down. If you are in charge of developing systems that you don't want people messing with please encrypt the file system as well as the data.
xor
Yeah duh I typo'ed the word System in the subject line, no one is perfect :)
I can't go into details about who and what because I don't want to get sued. Lets just say it's digital content. The people who deliver it are suppose to make sure that the content is secure so that the content creators are protected.
The data is encrypted and they also go to a lot of trouble to make sure that windows and Linux can't read the OS by simply inserting the device into another computer. There efforts included hardware security devices, and non-standard industrial computers just to be clear. But what they fail to do is encrypt the under lying OS. So that tools available from any warez site can simply read the entire OS. So now I have there servers, I have there passwords, I have everything I need to go and rape them anally; IMHO DUH. Which in the end leads to getting the data.
There is close to $150,00 thousand dollars worth of data on one of these devices at current retail prices. I'm not interested in there data or there code base, or raping there servers, for the matter. Just there stupidity it's too easy. Something like this could bring a company down. If you are in charge of developing systems that you don't want people messing with please encrypt the file system as well as the data.
xor
Yeah duh I typo'ed the word System in the subject line, no one is perfect :)
Comment