[mdlug] Password of DEATH

[Brian Brodsky]

And if it gets lost in the mail system?

On 6/21/2012 11:35 AM, Michael Mol wrote:
> On Sat, Jun 9, 2012 at 2:13 PM, Garry Stahl <tesral at wowway.com> wrote:
>> The general gist I'm getting is if you travel keep all data in the cloud
>> (Yes I know what the cloud is)  and nothing but publically avaialable
>> software on a cheap netbook.for travel.  If officially stolen it's a bog
>> stadnard netbook with nothing of interest.
>>
>> If it is away from you for any length of time dump the hard drive and
>> start over from a clean install.  Said clean install can be carred with
>> you as a DVD and external drive to install it.  A DVD becasue they
>> cannot be altered one fixed.   Flash drives can have stuff added.
>>
>> I wouild still use the idea of a bluetooth deadman and be very up front
>> about it.  For anti theft reasons this netbook will self destruct
>> without certain security measures present.  Thee is no data on the device.
>>
>> Even if they steal it from you, you walk into any electronics stone, get
>> another on your corporate card and conduct your business.
>>
>> And yes, it is theft even if they have a badge and uniforms.
>>
> I had another idea a day or so ago.
>
> Go with the standard "encrypt the drive" approach. Don't use a key you
> can remember; put it on a piece of paper. Before you cross the border,
> take that piece of paper and mail it to yourself. After you've crossed
> the border, pick it up.
>
> You can explain the entire thing clearly and honestly to whoever's
> demanding the key. AFAIK (but IANAL), they need probable cause to come
> back and demand the key after you've gotten home.
>
> (technical note: It may be saner to keep the main encryption key on
> the computer, itself encrypted with another key. That way, you can
> re-encrypt the main key using a different OTP any time you need to
> cross another boundary...recrypting a 1M block would take a far
> shorter time than an entire 160GB hard drive.)
>