Thumbprint encryption (Was Re: [vox] slashdottable news)
Steven Peck
vox@lists.lugod.org
Fri, 10 Oct 2003 23:52:28 -0700
Not really. Physical security of a system is a component of a systems
security. The marketing folks are lucky one of the techs wasn't around
to to report them to HR or the security department over someone bringing
in unknown software and hacking into a corporate system. If they are
using biometric thumbprint logons, then they probably have a policy that
will get the marketing people fired.
Now, if they truly want security, then they would need to add file level
encryption to the mess. This would require some serious key management
and an enterprise management solution that would escalate the costs
dramatically (labor primarly). Also they DEFINITALY would need to store
documentaion on secured file servers and fire people who store documents
on local workstations that are far more difficult to audit.
In this world of wireless and vpn access everywhere, securing data
really comes down to hiring people you can trust and then auditing
access to the important stuff.
-sp
-----Original Message-----
From: vox-admin@lists.lugod.org [mailto:vox-admin@lists.lugod.org] On
Behalf Of Bill Kendrick
Sent: Friday, October 10, 2003 11:00 AM
To: vox@lists.lugod.org
Subject: Thumbprint encryption (Was Re: [vox] slashdottable news)
On Fri, Oct 10, 2003 at 10:52:09AM -0700, Nicole TWN wrote: <snip>
>=20
> --nicole "Lightyears beyond encryption? WTF?" twn
You guys all heard the story about one of the vendors Mike Simons
visited while we were at GTC, right?
They wanted to see Knoppix, because apparently lots of customers asked
if Linux would run on their PCs, and they didn't know. So, Mike brought
a copy over, booted up the machine, and proceeded to show off
OpenOffice.org's ability to read Word DOC files.
They were STUNNED. Not because their PC could run Linux. Not because
OpenOffice.org could read DOC files. But because, apparently, the DOC
files were ONLY supposed to be readable if you provided the proper
thumb-print to a little biometrics device connected to the machine.
Yeah... /real/ secure... depending on the OS, and not even encrypting
the file at all.
Sufficed to say, the only people there were marketing folks... and based
on their response, the tech folks are LUCKY they weren't around, because
they'd have lots of questions to answer. :^) (And I'd like to think
that the marketing folks would throw the thumbreaders at them... but
that's just my fantasy.)
-bill! ;^)
or maybe I should be saying:
-bill1 ;60'
since shift-key's a no-no
--=20
bill@newbreedsoftware.com Got kids? Get Tux
Paint!=20
http://newbreedsoftware.com/bill/
http://newbreedsoftware.com/tuxpaint/
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox