This is all somewhat useless without knowing what your actual security threats/concerns are. File encryption with key escrow/recovery (PGP/EFS both support this) works, unless the user creates and starts using a new key. BIOS passwords are a pain in the ass (and can be circumvented), keeping track of them/etc, I don't even bother with them anymore. Of course an attacker may load a key sniffer to recover key passwords and passphrases, like I said, without more details I can only really guess. Kurt Seifried, kurtat_private A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://www.seifried.org/security/ ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Dec 14 2001 - 11:07:55 PST