Re: Handling encryption safely

Crypto tech has sort of the same problems that they used to assign to car alarms. "They'll defeat amateurs, but a real professional will always find a way to steal your car." The good news is that 99% of the people attempting to attack your system are amateurs(no matter what they say about themselves). In most strategies needed to defeat a reasonably secure crypto system, the professional is going to have be on the same box, if not in the same room.

The question is, how many professionals are going to want your data?

However, in recent years, car alarms and other anti-theft devices have reached a point where even professionals are starting to be defeated, as such they've resorted to 'car jacking.' What would the equivalent be for a server?

Comment on Re: Handling encryption safely

Replies are listed 'Best First'.
Re: Re: Handling encryption safely by DrHyde (Prior) on Oct 29, 2003 at 13:36 UTC
Given how poor physical security is at so many data centres and commercial hosting buildings, there's already many cases of people just walking in, unplugging, and walking off with hardware. By the time the admins have taken a couple of minutes to notice that the machine is no longer responding, a few minutes to determine that it is unreachable and not responding to remote power cycling/LoM/whatever, another few minutes to phone the data centre to ask someone to have a look and for that person to get back to them and say "of course it's not responding, there's no such machine" - the machine is out of the building, in the back of a van, and disappeared.	[reply]
Re: Re: Re: Handling encryption safely by duffbeer703 (Novice) on Oct 29, 2003 at 14:09 UTC
I can attest to that... years ago while sitting around getting all of my belongings searched by guard because I didn't have a permament ID, I watched a man walk out with a handtruck stacked with Cisco gear and 4-5 laptops. Nobody challenged him because it had an ID card on his belt. He put the stuff in a Neon parked at the curb, left the handtruck on the sidewalk and drove away. I guess it took two weeks for anyone to notice that the stuff was gone...	[reply]