[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Query on adding a USB hdd

On Wed, May 23, 2007 at 06:12:36PM -0400, Greg Folkert wrote:
> On Wed, 2007-05-23 at 17:01 -0500, Ron Johnson wrote:
> > After all the stories about laptops full of sensitive data being
> > stolen, and tapes full of sensitive data being lost, you still have
> > to ask why someone wants to encrypt private data?
> It comes to mind; why all this data is on a "portable device" in the
> first place?

Recently, a major bank here in Canada lost a hard drive containing
clear-text customer personal info (everything an identity thief needs)
in transit from one major city to another.  I don't know why: 

	1.  they didn't treat it like cach and send it via Brinks 
	2.  they didn't encrypt it and send it over the net.

If you're sending backup to off-site storage (vault) other than backing
up to a remote data-center, for some period of time the data will be on
some type of portable device whether hard drive or DLT.

It would be very nice if there was a universal cross-platform rw +
encrypt filesystem for archives.  Something that you could be confident
that you could decrypt and access in 10 years using whatever OS was
current then.

I did something similar when I was running OS/2.  I implemented SHA and
I forget which encrytion algorithm in REXX.  When my OS/2 died and I
switched to Linux, it was a simple matter to translate the REXX into
python and extract my archive.  

Right now, my archives are not encrypted and are tarballs.  With the
media I also save a debian install set.


Reply to: