File System Encryption: When Is It Worthwhile?
Encryption is used to protect confidentiality. But what role should it play within your operating systems for protecting file systems? The answer, as so often, is “it depends.” Physical Theft A laptop or detachable media such as USB-connected external disks and thumbdrives could easily be stolen or lost. Especially with smaller objects, you may not […]
The Internet Has Serious Trust Problems, Part 4: Trouble in Turkey, Carefully Corrected
Last week, the week before, and the week before that, I explained how the cryptographic side of digital certificates and secure web site identity works, and how there have been some continuing problems with what many see as misbehavior by root CAs. We introduce the technical side in in Learning Tree’s System and Network Security […]
How Can You Tell If Your Secrets Are Really Secret?
Last week I mentioned that Availability was the odd member of the CIA triad, because it lacks the mathematical tools (and thus the solid numbers) of Confidentiality and Integrity. But that doesn’t mean that C and I both work the same way! Confidentiality tools like ciphers are preventative. You choose the best cipher, manage keys […]