Re: Query on adding a USB hdd
-----BEGIN PGP SIGNED MESSAGE-----
On 05/23/07 18:46, Douglas Allan Tutty wrote:
> On Wed, May 23, 2007 at 06:12:36PM -0400, Greg Folkert wrote:
>> On Wed, 2007-05-23 at 17:01 -0500, Ron Johnson wrote:
>>> After all the stories about laptops full of sensitive data being
>>> stolen, and tapes full of sensitive data being lost, you still have
>>> to ask why someone wants to encrypt private data?
>> It comes to mind; why all this data is on a "portable device" in the
>> first place?
> Recently, a major bank here in Canada lost a hard drive containing
> clear-text customer personal info (everything an identity thief needs)
> in transit from one major city to another. I don't know why:
> 1. they didn't treat it like cach and send it via Brinks
> 2. they didn't encrypt it and send it over the net.
> If you're sending backup to off-site storage (vault) other than backing
> up to a remote data-center, for some period of time the data will be on
> some type of portable device whether hard drive or DLT.
Exactly. An Iron Mountain courier stops by our data center morning
& late afternoon and (I think) once on Saturday.
Mostly we use legacy systems (z/OS & OpenVMS) so any Nefarious Ned
who robs the courier would have to have similar legacy hardware to
extract the data. Very unlikely. I don't know how they secure the
Oracle (both HP-SUX & Linux) and Windows data. Not My Responsibility.
As soon as we upgrade to faster hardware (ha ha ha ha!), Rdb 7.2 and
OpenVMS 8.3, we can use the built-in encryption API to "totally"
secure our data. Until then, it's Security Thru Expensive Legacy
> It would be very nice if there was a universal cross-platform rw +
> encrypt filesystem for archives. Something that you could be confident
> that you could decrypt and access in 10 years using whatever OS was
> current then.
tar is cross-platform, as is ASCII CSV. PGP/GPG is also cross-platform.
> I did something similar when I was running OS/2. I implemented SHA and
> I forget which encrytion algorithm in REXX. When my OS/2 died and I
> switched to Linux, it was a simple matter to translate the REXX into
> python and extract my archive.
> Right now, my archives are not encrypted and are tarballs. With the
> media I also save a debian install set.
Ron Johnson, Jr.
Jefferson LA USA
Give a man a fish, and he eats for a day.
Hit him with a fish, and he goes away for good!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
-----END PGP SIGNATURE-----