Announcement

Collapse
No announcement yet.

Encrypting The File System

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Encrypting The File System

    This maybe obvious to a lot of people here but I've been on "Expert OS Boards" and have had people completely not understand how important it is for security reasons to encrypt the file system as well as the data. In fact people there have said there is no reason to encrypt the file system.

    I can't go into details about who and what because I don't want to get sued. Lets just say it's digital content. The people who deliver it are suppose to make sure that the content is secure so that the content creators are protected.

    The data is encrypted and they also go to a lot of trouble to make sure that windows and Linux can't read the OS by simply inserting the device into another computer. There efforts included hardware security devices, and non-standard industrial computers just to be clear. But what they fail to do is encrypt the under lying OS. So that tools available from any warez site can simply read the entire OS. So now I have there servers, I have there passwords, I have everything I need to go and rape them anally; IMHO DUH. Which in the end leads to getting the data.

    There is close to $150,00 thousand dollars worth of data on one of these devices at current retail prices. I'm not interested in there data or there code base, or raping there servers, for the matter. Just there stupidity it's too easy. Something like this could bring a company down. If you are in charge of developing systems that you don't want people messing with please encrypt the file system as well as the data.

    xor

    Yeah duh I typo'ed the word System in the subject line, no one is perfect :)
    Last edited by xor; September 8, 2007, 10:03.
    Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

  • #2
    Re: Encrypting The File Syetsm

    Well now it depends on what you are actually referring to, if you are trying to access an encrypted file system from a remote location using a legitimate administration service (telnet, ssh) it wouldn't really matter if you hard drive is encrypted even with AES-256 Bit, because the service theoretically has the credentials to read every byte of the HDD, as it's being run right above that encryption system.

    Now if you are referring to physical access, or separately encrypted drives, then things change... not encrypting ALL of your hard disk's data might lead to a compromise of the unencrypted data, placing Trojans or Sniffers in order to gain access to systems.

    So you can never be really safe from an attack even if your hard disk is using hardware encryption, as long as there is a door that opens everything.
    BY ACCEPTING THIS BRICK THROUGH YOUR WINDOW, YOU ACCEPT IT AS IS AND AGREE TO MY DISCLAIMER OF ALL WARRANTIES, EXPRESS OR IMPLIED, AS WELL AS DISCLAIMERS OF ALL LIABILITY, DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL, THAT MAY ARISE FROM THE INSTALLATION OF THIS BRICK INTO YOUR BUILDING.

    Comment


    • #3
      Re: Encrypting The File Syetsm

      I agreed you never arrive at security it's always a path. The greater the slope the harder it is to get up the hill.

      I'm referring to physical access in this instance taking the device out and examining it and gleaming(love that word very popular today) information from it that you would not otherwise have. An encrypted file system would have prevented this or at least made it harder.

      xor
      Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

      Comment


      • #4
        Re: Encrypting The File System

        Originally posted by xor View Post
        I can't go into details about who and what because I don't want to get sued. ... There is close to $150,00 thousand dollars worth of data on one of these devices at current retail prices.
        so you're almost certainly talking about digital jukeboxes that are popping up at bars and restaurants now. yes, they often run some flavor of windows and yes, they typically only encrypt the MP3 content. the systems are badly developed a lot of the time, often with guest access turned on and other bad holes appearing. anyone who has access to these machines can do some exploring easily since they even sometimes have NetBIOS enabled. a few times i've seen these systems getting their connectivity from an existing business-grade broadband connection (shared by other machines in back offices, etc) as opposed to a dedicated line, so LAN access is common.

        Originally posted by xor View Post
        I'm not interested in there data or there code base, or raping there servers
        not that i'm a mod... but rule violation here. please check grammar... there vs their vs they're is a problem for lots of folk on the forums, but it still gets me when it slips by.

        Originally posted by xor View Post
        taking the device out and examining it and gleaming(love that word very popular today) information from it
        i think you mean gleaning, not gleaming, unless the information is particularly shiny, heh.
        "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
        - Trent Reznor

        Comment


        • #5
          Re: Encrypting The File System

          I can neither confirm nor deny working with digital jukeboxes or digital music.

          I will say however that the record companies are brutal and have more money and lawyers than god. I was at Drexel when students with nothing got sued for millions. They were sued for doing something that everyone was doing at the time just so the record companies could make a public example out of them. The fact is people are still doing it only the methods have changed. People should fear them and PETA(beautiful zealots that they are) more than the IRS. :)

          xor

          Ps Just to be clear love animals and support PETA; just wouldn't want them after me.

          PPs. Yeah, sorry about the typos I don't always catch stuff that isn't picked up by the spell checker. In fact I'm no doubt the worst proof reader in the world. Anything I do officially I have to have someone else proof read for me because I just don't see it. It has plagued me all my life.
          Last edited by xor; September 9, 2007, 17:44.
          Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

          Comment

          Working...
          X