| 1 |
On Wednesday 23 November 2005 21:29, Jeff Gercken wrote: |
| 2 |
> I've been chewing on this idea for a while and am hoping someone on the |
| 3 |
> list may help me with a concern. |
| 4 |
> |
| 5 |
> The notion is that big company B will distribute CDs to employees to use |
| 6 |
[...] |
| 7 |
> This seems fairly straightforward but then why isn't anyone doing this |
| 8 |
> already? What haven't I considered? |
| 9 |
|
| 10 |
Hi, |
| 11 |
|
| 12 |
sounds interesting (and i personally like this idea), but i think it is much |
| 13 |
more easier/reliable (but also more expensive) for a company to equip their |
| 14 |
employees with special pre-installed notebooks that have an encrypted |
| 15 |
filesystem together with some kind of hardware-token for authentication. |
| 16 |
|
| 17 |
The problem is, if you cannot trust the hardware you're booting the cd from, |
| 18 |
then there is not much use in any well-designed security-boot-cd. Just think |
| 19 |
of tampered hardware with some kind of hardware-keylogger installed (for |
| 20 |
example http://www.keyghost.com/) |
| 21 |
|
| 22 |
I think this is just one aspect why so many companies spend so much money in |
| 23 |
expensive notebooks for their external workers: they have control over the |
| 24 |
software _and_ the hardware. |
| 25 |
|
| 26 |
Maybe the use of TPA-Architectures will solve this problem in the future |
| 27 |
(*lol*), but i think this is completely another story :) |
| 28 |
|
| 29 |
regards, |
| 30 |
Helmut |
| 31 |
|
| 32 |
|
| 33 |
-- |
| 34 |
Helmut Wuensch, Dompfaffstr. 140, 91056 Erlangen |
| 35 |
PGP/GPG public key available at http://www.helmut-wuensch.de |
| 36 |
fingerprint: 20B7 519F 8912 4606 F516 FF2D 417E EF82 5C9E 235A |
Archives