Re: [Thinkpad] Thinkpad Hard Drive Passwords

Fat free is good, but low carbs is in!
----- Original Message -----
From: "Colgrove, George" <George.Colgrove@state.vt.us>
To: <thinkpad@stderr.org>
Sent: Tuesday, February 03, 2004 8:01 AM
Subject: RE: [Thinkpad] Thinkpad Hard Drive Passwords

> Bruce,
>
> Quote of the day:
> "So the best prevention against data loss by a pro is DON'T LET THE DRIVE
> GET STOLEN."
>
> This is probably the best explanation of security I've ever read - all in
a
> nutshell! The same philosophy can be applied to so many other issues in
> this world. You can never nor should have 100% of anything be it security
> to a fat free diet. Going for that last 10% could cost you everything, and
> gain you nothing!
>
> I do not use passwords because they could get forgotten or something could
> go wrong somewhere. (For some reason, I somehow seem to be a victim of
> Murphy's Law!) Plus to go through them every day - every time I turn on
my
> machine is cumbersome and time consuming. Making sure my computer does
not
> get stolen, takes no time and costs nothing. In the end, I get the same
> results!
>
> Thanks Bruce,
> George
>
> P.S. I do not advocate, nor did I take what Bruce said as promoting a
> password free existence - nor fat free for that matter.
>
> -----Original Message-----
> From: Bruce Markowitz [mailto:scosgt@worldnet.att.net]
> Sent: Monday, February 02, 2004 6:26 PM
> To: Jonathan Graham
> Cc: thinkpad@stderr.org
> Subject: Re: [Thinkpad] Thinkpad Hard Drive Passwords
>
> You see, you seem to have completely missed the point.
> A professional who is after the specific data will simply get around the
> best security by hacking/buying the key from the company that writes the
> encryption software. In the same way, the pro would already know the
> password. If the data involved is THAT sensitive or valueable, the pro
will
> buy/steal/exort the password.
> Passwords/data encryption are only useful against the casual thief, one
who
> steals an unattended laptop off a desk. HE is not about to send the drive
to
> Nortek and pay $200 or $300 or more AND leave a paper trail just to "see
> what's on the drive".
> So the best prevention against data loss by a pro is DON'T LET THE DRIVE
> GET STOLEN. The hard drive password is probably all that is needed against
> the casual thief, for the above reasons.
> This is sort of like alarm systems and safes.
> There is no safe in the world that is absolutely burglar proof - such a
safe
> would be worthless, since the true owner would be denied the enclosed
> property if the lock was broken or the combo lost.
> In the same way no alarm system, on its own, can stop the professional
> thief - only slow him down. But it does stop the average junkie out to
grab
> whatever isn't nailed down.
>
> ----- Original Message -----
> From: "Jonathan Graham" <grahamj@virtue.cx>
> To: "Bruce Markowitz" <scosgt@worldnet.att.net>
> Cc: <thinkpad@stderr.org>
> Sent: Monday, February 02, 2004 11:21 AM
> Subject: Re: [Thinkpad] Thinkpad Hard Drive Passwords
>
>
> > On Mon, Feb 02, 2004 at 10:40:33AM -0500, Bruce Markowitz wrote:
> > > All I have to say is:
> > > ENIGMA
> > > Midway
> > > ANY code can be broken
> >
> > Except that ENIGMA isn't an example of the the kind of code being
> presented as unbreakable here. So your claim is equivalent to: "I can
> safely eat an orange therefore all fruit may be safely eaten."
> >
> > With that in mind skepticism is warranted sure a one-time-pad is
> 'provably' unbreakable (as that any message of length N can represent any
> other message of length N - or less if we include the possibility of
> padding). However this is only true in the case where the key selection
is
> random. Key selection on computers is generaly not random and this can
> allow someone the ability to crack the key.
> >
> > J.
> >
> >
> >
> > > ----- Original Message -----
> > > From: "Felix E. Klee" <felix.klee.thinkpad@gmx.net>
> > > To: <thinkpad@stderr.org>
> > > Sent: Monday, February 02, 2004 8:38 AM
> > > Subject: Re: [Thinkpad] Thinkpad Hard Drive Passwords
> > >
> > >
> > > > On Mon, 2 Feb 2004 08:10:29 -0500 Bruce Markowitz wrote:
> > > > > You can break anything if you try hard enough. What is your point?
> > > >
> > > > His point is that HD passwords are a weak protection as compared to
> > > > encrypted data. If the encryption key is as long as the data, it is
> > > > obvious that the encryption cannot be broken. If the key is shorter
> than
> > > > the data, it is always possible to partially decrypt the data.
> However,
> > > > with decently long keys and good encryption schemes this process may
> > > > take "astronomically" long (maybe hundreds or thousands of years).
HD
> > > > passwords, OTOH, can probably be gained in a matter of hours by any
> good
> > > > data rescue service.
> > > >
> > > > Felix
> > > >
> > > > PS: To contact me off list don't reply but send mail to "felix.klee"
> at
> > > the
> > > > domain "inka.de". Otherwise your email to me might get automatically
> > > deleted!
> > > > _______________________________________________
> > > > Thinkpad mailing list
> > > > Thinkpad@stderr.org
> > > > http://stderr.org/cgi-bin/mailman/listinfo/thinkpad
> > >
> > > _______________________________________________
> > > Thinkpad mailing list
> > > Thinkpad@stderr.org
> > > http://stderr.org/cgi-bin/mailman/listinfo/thinkpad
> > _______________________________________________
> > Thinkpad mailing list
> > Thinkpad@stderr.org
> > http://stderr.org/cgi-bin/mailman/listinfo/thinkpad
>
> _______________________________________________
> Thinkpad mailing list
> Thinkpad@stderr.org
> http://stderr.org/cgi-bin/mailman/listinfo/thinkpad
> _______________________________________________
> Thinkpad mailing list
> Thinkpad@stderr.org
> http://stderr.org/cgi-bin/mailman/listinfo/thinkpad

_______________________________________________
Thinkpad mailing list
Thinkpad@stderr.org
http://stderr.org/cgi-bin/mailman/listinfo/thinkpad
Received on Tue Feb 3 10:22:04 2004