|
On 12/4/19 6:59 PM, John M. Harris Jr
wrote:
Defending against threat model allowing physical access and malicious insiders, who e.g. install a screen/keyboard capturing camera in the target office, is an entirely different ballgame, requiring multi-factor authentication, etc. --- and even those are not infallible (c.f. wikileaks).On Wednesday, December 4, 2019 12:38:20 PM MST Przemek Klosowski via devel wrote:- stolen/lost laptop: I think this is the most important one for most people; it is mitigaged by a trusted-network-based decryption, unless the device is in unencrypted sleep mode and the new 'beneficial owner' manages to read the disk before the system goes down.That may be the case for home users, but not for businesses. Let's take this example. Employee A has files from a given project, but Employee B doesn't have access to that project. Employee B is malicious, and takes Employee A's laptop, gets it on the network, it unencrypts itself and then takes it. Same argument as above. Again, we're talking about taking care of the low hanging fruit like hard disks stripped from equipment and sold on Ebay.- someone breaks into your home/office/hotel room and extracts the data: important to some people but not very common scenario.This is important to most businesses. |
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
