Re: Should I use gbde or geli?

--- Christian Baer <christian.baer@informatik.uni-dortmund.de>
wrote:
> The idea is to use a software similar to
> truecrypt. The backups would be made in
> some sort of container and then copied to
> DVD-RAM. After that the backups would be
> locked away.
> 
Hiho Christian!

I have heard of kidnapping in Altenholz, SH, F.Rep.GERM (the
family was held as hostage and the father was supposed to open the
safe of his bank but than he thought he was already there and
exited the car and the robbers/kidnappers disappeared and then the
state attorney looked like the kidnappers)...

I wonder why the discs should not be protected like the backups...
Can't u put the discs with sensitive data into a box, that can be
locked down? I mean: Just trying to implement a physically safe
environment should be enough...

Passwords (the legislative of F.Rep.GERM likes/demands them) are
not so funny, because the employees should be ordered to tell them
everybody who wants to know them (this reminds me on my time in a
formerly known to be state-owned building where we found an
Operation Procedure about questions one should ask, if a
bomb-threat enters via voice call through a german telecom net)...

A former p闤ice officer or so might be good for physical security,
too.

It might be interesting to look at the protocols, that u use to
access the sensitive data... I mean: When u use NFS just with
IP-based authentication, nobody needs the discs, because one could
put an evil NFS client with a specially crafted IP address into
the network...

Bye
Arne

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"