Say I’m storing files of national security on my TR1, I have a few too many beers one night (let’s face it, all this protecting the nation business can get a bit stressful) and I leave it in a bar. Is there a foolproof way to make sure foreign powers can never get at the data? I know there’s your BIOS password, but is there a way anyone could get around this? For the sake of argument, assume that foreign agents have access to the latest technology.

I’m sure just like you can open the cabinet of a desktop and remove the battery on the motherboard to wipe out the BIOS password, someone could open the TR and remove its battery too from the motherboard…I’m sure it must be using 1 :?

Best thing to do is probably use PGP to encrypt your secrets. If you’re using XP Pro and your HD is formatted NTFS, you can use Windows’ native encryption system. If you laptop ends up in the hands of Al Qaeda, Mossad, The People’s intelligence Service, Homeland Security or the Tal Shiar, there’s not much you can do about it. It may take them a while, but with the hardware in their hands, they’ve got a lot of options.

I have the same issue. I got a fingerprint ID PCMCIA card…if the card is not inserted the laptop will not boot and all files that I specify are encrypted. I don’t think they can get around that.

Erik

[quote author=“tifosiv122”]I have the same issue. I got a fingerprint ID PCMCIA card…if the card is not inserted the laptop will not boot and all files that I specify are encrypted. I don’t think they can get around that.

Erik

Just boot from a Linux CD that has an NTFS driver. Then find the encrypted files as well as indications of what sort of encryption you used. I assume the software doesn’t encrypt the entire hard drive.

[quote author=“Drachen”][quote author=“tifosiv122”]I have the same issue. I got a fingerprint ID PCMCIA card…if the card is not inserted the laptop will not boot and all files that I specify are encrypted. I don’t think they can get around that.

Erik

Just boot from a Linux CD that has an NTFS driver. Then find the encrypted files as well as indications of what sort of encryption you used. I assume the software doesn’t encrypt the entire hard drive.

Correct, it encrypts and hides, and they told me Linux is not an option as it splits the file into multiple parts.

Erik

Seems we are looking for the same thing .

[quote author=“Drachen”]If you’re using XP Pro and your HD is formatted NTFS, you can use Windows’ native encryption system.

The one thing I don’t like about EFS is that, unless the laptop is part of a domain (unlikely in this case, I think), the keys used to transparently encrypt/decrypt files are stored in your profile.  Meaning, as along as someone can guess your password, guess the local administrator’s password (default recovery agent), or hack root to change your password, they can access your files.  It’s probably faster to crack passwords than EFS keys anyway.
[quote author=“tifosiv122”]I have the same issue. I got a fingerprint ID PCMCIA card…if the card is not inserted the laptop will not boot and all files that I specify are encrypted. I don’t think they can get around that.

I like this idea.  If only the card integrated into Windows so that the EFS private key was your fingerprint ... that seems pretty safe ...  as long as someone doesn’t start lifting fingerprints from your TR. 

The TR has a webcam.  How hard would it be to put an iris scanner on the TR4?  :ph34r:

[quote author=“CRYPTiC”]
The TR has a webcam.  How hard would it be to put an iris scanner on the TR4?  :ph34r:

Not going to happen. I work with those at work, it will not fit in the TRs camera size and there isn’t a significant need for it on the TR.

If anyone is interested, the company I work for is: http://www.weguardyou.com . We specialize in security, etc. I am a programmer. If you have a chance check out RTPI.
http://www.weguardyou.com/products/rtpi.asp

If you need anything, e-mail me at .(JavaScript must be enabled to view this email address)

Thanks,
Erik

Just ran into this and thought I’d put it in this security thread.

USB Fingerprint Authenticator w/software

http://www.targus.com/us/product_details.asp?sku=PA460U

I heard PGP is a really weak encrytion method and is overated… is that true?  I mean, they have freeware versions of PGP encryptors. 

Is that an accurate rumor?

Just because something’s free doesn’t mean it’s not good. As long as you’ve got a decent key, you should be OK. Go ahead and pick a 4096-bit key. That will be fun to brute-force.

  LOL

Yea I know free doesn’t mean that it is bad… I LOVE freeware, but, you know… It usually isn’t the best.

PGP is open source software, this means that anyone can view the source code. This is done because they want people to trust PGP. Anyone can view the source code to check it for security holes, a back door, or a “master-key”. PGP is by no means weak! PGP algorithms encrypt using keys up to 4096-bits.

The fact that it is an open source software weakens it.  If someone made a backup of your hard drive, found out which version of PGP you were using, and looked around for the code for that version, they could find a hole and easily exploit it.  Open-source in this case has both some good and some bad, don’t you think?  :|

PGP is good enough that the US Government doesn’t like it. That’s enough for me. :wink: