Re: Query on adding a USB hdd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mike McCarty wrote:
> The purpose of encryption is to prevent sharing of information.
> Using it on a disc which is intended to be used on multiple
> machines or OS seems, umm, odd. For portable/removable media,
> the appropriate security seems to me to be physical security.
> Like with credit cards, the appropriate measure seems to me
> to be not to let it fall into the wrong hands. Someone who
> has physical access to your disc has all the time in the
> world to try to break encryption.
You are right of course. I just read an article in a German IT magazine.
They showed some data that estimate that it would take about 10 years of
computing time on a fast computer to break an encryption of SHA1 in best
case for the cracker. If you require better protection, you should use
SHA2, the breaking of which would require many orders of magnitude
longer. So indeed, if it falls in hands to someone with 'all the time in
the world' you are right. If it falls in the hands of someone with less
CPU and/or time to spare, *they* are out of luck.
No matter, encryption is always more secure than no encryption.
YMMV,
Johannes
PS:
If it falls in the hands of Joe Average, probably simply using
unencrypted ext3 as fs might be enough 'encryption', because when he
attaches the 'found' disk to his computer the familiar pop-up window
asking about opening the data in a folder would be missing and he
wouldn't know what to do with the disk.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGVJSRC1NzPRl9qEURAqcyAJ9q0YmX3uYgV5GhVVD89P+hDRxQbQCfSr+z
titwLcvuM1K6jBT26R6s1sY=
=4JZ7
-----END PGP SIGNATURE-----
Reply to: