anyone used disk encryption & fingerprint id software?



jim sturtz
07-10-2005, 12:39 AM
i am thinking i would like to encrypt my harddrives to prevent anyone who
might manage to get on it from reading things.

how severe of a performance hit does the system take having this
encrypt/decrypt happen on the fly?

also using a fingerprint scanner to generate my username/passwords so that
any offsite access is more confidential.

how easy are these systems to use. for example my bank requires me to put
in a username and password, does the scanner somehow create both of these?

how do they manage this in that often websites have a variety of schemes for
how long the username or password is supposed to be.

thanks for any info.

jim

kurttrail
07-10-2005, 12:39 AM
jim sturtz wrote:
> i am thinking i would like to encrypt my harddrives to prevent anyone
> who might manage to get on it from reading things.

Paranoid, or are you developing a NextGen Nuke?

> how severe of a performance hit does the system take having this
> encrypt/decrypt happen on the fly?
>
> also using a fingerprint scanner to generate my username/passwords so
> that any offsite access is more confidential.
>
> how easy are these systems to use. for example my bank requires me
> to put in a username and password, does the scanner somehow create
> both of these?
>
> how do they manage this in that often websites have a variety of
> schemes for how long the username or password is supposed to be.
>
> thanks for any info.

This is not a Windows problem, and I suggest you start doing some
research on your own.

Ever hear of Google?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

jim sturtz
07-10-2005, 12:39 AM
hi kurt,

just paranoid.

didnt know that posting to this forum restricted my question to an operating
system issue, but thought it might be anything related to also using xp and
the peripherals or software that would go on it.

i did some research via google and other search tools. found lots of
advertisements from vendors about their hardware, software. if you're
interested i could list some of them for you.

none of the software vendors mentioned how they would impact performance, i
only presume there would be some.

then i thought perhaps i could find someone who actually used some of the
hardware or software and could get better info from the consumer.

i guess you havent any advice about my particular issues, but i appreciate
your reply.

jim

"kurttrail" <dontemailme@anywhereintheknowuniverse.org> wrote in message
news:e0MGFqvXFHA.3712@TK2MSFTNGP09.phx.gbl...
> jim sturtz wrote:
> > i am thinking i would like to encrypt my harddrives to prevent anyone
> > who might manage to get on it from reading things.
>
> Paranoid, or are you developing a NextGen Nuke?
>
> > how severe of a performance hit does the system take having this
> > encrypt/decrypt happen on the fly?
> >
> > also using a fingerprint scanner to generate my username/passwords so
> > that any offsite access is more confidential.
> >
> > how easy are these systems to use. for example my bank requires me
> > to put in a username and password, does the scanner somehow create
> > both of these?
> >
> > how do they manage this in that often websites have a variety of
> > schemes for how long the username or password is supposed to be.
> >
> > thanks for any info.
>
> This is not a Windows problem, and I suggest you start doing some
> research on your own.
>
> Ever hear of Google?
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com/mscommunity
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei"
>
>

kurttrail
07-10-2005, 12:39 AM
jim sturtz wrote:
> hi kurt,
>
> just paranoid.
>
> didnt know that posting to this forum restricted my question to an
> operating system issue, but thought it might be anything related to
> also using xp and the peripherals or software that would go on it.
>
> i did some research via google and other search tools. found lots of
> advertisements from vendors about their hardware, software. if you're
> interested i could list some of them for you.
>
> none of the software vendors mentioned how they would impact
> performance, i only presume there would be some.
>
> then i thought perhaps i could find someone who actually used some of
> the hardware or software and could get better info from the consumer.
>
> i guess you havent any advice about my particular issues, but i
> appreciate your reply.
>

See, I don't see a need to add another layer of crap that can screw up,
just to placate my paranoia.

I'd be more paranoid the it would secure my computer data, and files
from me one day.

Unless you are committing criminal acts that you don't want anyone to be
able to see with your computer, I say to leave well enough alone. Find
some way to lock up the computer in a safe or something, when you aren't
around. I just wouldn't trust encrypting everything.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

Frank Saunders, MS-MVP, IE/OE
07-10-2005, 12:39 AM
Only encrypt something if you'd rather lose than have anyone else see it.

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/


"jim sturtz" <jim@sturtzs.com> wrote in message
news:eq9rKnvXFHA.2540@tk2msftngp13.phx.gbl...
>i am thinking i would like to encrypt my harddrives to prevent anyone who
> might manage to get on it from reading things.
>
> how severe of a performance hit does the system take having this
> encrypt/decrypt happen on the fly?
>
> also using a fingerprint scanner to generate my username/passwords so that
> any offsite access is more confidential.
>
> how easy are these systems to use. for example my bank requires me to put
> in a username and password, does the scanner somehow create both of these?
>
> how do they manage this in that often websites have a variety of schemes
> for
> how long the username or password is supposed to be.
>
> thanks for any info.
>
> jim
>
>

NobodyMan
07-10-2005, 12:40 AM
On Sun, 22 May 2005 14:12:35 -0400, "jim sturtz" <jim@sturtzs.com>
wrote:

>i am thinking i would like to encrypt my harddrives to prevent anyone who
>might manage to get on it from reading things.
>
>how severe of a performance hit does the system take having this
>encrypt/decrypt happen on the fly?
>
>also using a fingerprint scanner to generate my username/passwords so that
>any offsite access is more confidential.
>
>how easy are these systems to use. for example my bank requires me to put
>in a username and password, does the scanner somehow create both of these?
>
>how do they manage this in that often websites have a variety of schemes for
>how long the username or password is supposed to be.
>
>thanks for any info.
>
>jim
>

Unless you are protecting State level secrets I'd stay away from using
encryption on your home data. It's just an accident waiting to
happen.

jim sturtz
07-10-2005, 12:40 AM
hi all,

thanks for the replies. surprised the essence is to distrust the software
so much, altho we have all been bitten by software that doesnt work or work
right, i figured this would be something that the vendors did better being
that it is so critical.

im not doing anything super-secret just trying to avoid someone downloading
my bank info, or other private stuff. i have a firewall up but there still
is lots of stuff leaving my computer during the do going out to sites that i
have connections to or software from them 'touching base'. i am online 24X7
and am not sure how easy/hard it is to get to my computer but have a
suspicion that a determined hacker could get in via a trojan or something
and i would never know it.

i presumed that encrypting the drive would avoid having the data 'readable'
should they manage to get to it.

the fingerprint thing is a lazy man's way of trying to get a strong username
password combo without having to continually figure out and record (and
change often i guess if done right) them.

thanks again.

jim


"NobodyMan" <none@none.net> wrote in message
news:54d291de6jmigd7dm22bemjitelnlbgirq@4ax.com...
> On Sun, 22 May 2005 14:12:35 -0400, "jim sturtz" <jim@sturtzs.com>
> wrote:
>
> >i am thinking i would like to encrypt my harddrives to prevent anyone who
> >might manage to get on it from reading things.
> >
> >how severe of a performance hit does the system take having this
> >encrypt/decrypt happen on the fly?
> >
> >also using a fingerprint scanner to generate my username/passwords so
that
> >any offsite access is more confidential.
> >
> >how easy are these systems to use. for example my bank requires me to
put
> >in a username and password, does the scanner somehow create both of
these?
> >
> >how do they manage this in that often websites have a variety of schemes
for
> >how long the username or password is supposed to be.
> >
> >thanks for any info.
> >
> >jim
> >
>
> Unless you are protecting State level secrets I'd stay away from using
> encryption on your home data. It's just an accident waiting to
> happen.
>

Kerry Brown
07-10-2005, 12:40 AM
"jim sturtz" <jim@sturtzs.com> wrote in message
news:%23DSCcC6XFHA.1404@TK2MSFTNGP09.phx.gbl...
> hi all,
>
> thanks for the replies. surprised the essence is to distrust the software
> so much, altho we have all been bitten by software that doesnt work or
> work
> right, i figured this would be something that the vendors did better being
> that it is so critical.
>

The problem is that it works exactly as it is supposed to. If you somehow
loose the key to unencrypt the data it is lost forever. With EFS on a
standalone computer something as simple as changing your password by the
wrong method can cause the loss of the key. The most common scenario is when
some one reinstalls Windows without backing up the key. All the encrypted
data is lost. There are ways to back up the key, but restoring it is a
fairly complicated process that can go wrong. If you use EFS you must
understand and test the procedures to restore a lost key before relying on
it. I have found the best procedure is to use it only for very sensitive
data. Implement and test a key recovery procedure. Keep an unencrypted copy
of the data on a removable media. If the data is really sensitive then you
must implement a procedure to destroy old copies of the removable media and
make sure the current copy is stored in a secure place. As you can see the
procedures involved with EFS are cumbersome. You must have a backup copy of
the key stored in a safe place at all times. Most people that try it either
get lazy and loose data or finally get tired of the cumbersome procedures
and decide the data wasn't really that sensitive to start with.

Kerry


> im not doing anything super-secret just trying to avoid someone
> downloading
> my bank info, or other private stuff. i have a firewall up but there
> still
> is lots of stuff leaving my computer during the do going out to sites that
> i
> have connections to or software from them 'touching base'. i am online
> 24X7
> and am not sure how easy/hard it is to get to my computer but have a
> suspicion that a determined hacker could get in via a trojan or something
> and i would never know it.
>
> i presumed that encrypting the drive would avoid having the data
> 'readable'
> should they manage to get to it.
>
> the fingerprint thing is a lazy man's way of trying to get a strong
> username
> password combo without having to continually figure out and record (and
> change often i guess if done right) them.
>
> thanks again.
>
> jim
>
>
> "NobodyMan" <none@none.net> wrote in message
> news:54d291de6jmigd7dm22bemjitelnlbgirq@4ax.com...
>> On Sun, 22 May 2005 14:12:35 -0400, "jim sturtz" <jim@sturtzs.com>
>> wrote:
>>
>> >i am thinking i would like to encrypt my harddrives to prevent anyone
>> >who
>> >might manage to get on it from reading things.
>> >
>> >how severe of a performance hit does the system take having this
>> >encrypt/decrypt happen on the fly?
>> >
>> >also using a fingerprint scanner to generate my username/passwords so
> that
>> >any offsite access is more confidential.
>> >
>> >how easy are these systems to use. for example my bank requires me to
> put
>> >in a username and password, does the scanner somehow create both of
> these?
>> >
>> >how do they manage this in that often websites have a variety of schemes
> for
>> >how long the username or password is supposed to be.
>> >
>> >thanks for any info.
>> >
>> >jim
>> >
>>
>> Unless you are protecting State level secrets I'd stay away from using
>> encryption on your home data. It's just an accident waiting to
>> happen.
>>
>
>

Plato
07-10-2005, 12:41 AM
jim sturtz wrote:
>
> im not doing anything super-secret just trying to avoid someone downloading
> my bank info, or other private stuff. i have a firewall up but there still

Assume anything you do on your pc will be published on the front page of
tomorrows newspaper.







--
http://www.bootdisk.com/

Plato
07-10-2005, 12:41 AM
jim sturtz wrote:
>
> i am thinking i would like to encrypt my harddrives to prevent anyone who
> might manage to get on it from reading things.

NOt recommended.







--
http://www.bootdisk.com/

jim sturtz
07-10-2005, 12:41 AM
how bout encrypting only the files/folders i am concerned about? i make a
backup of those to other machines daily (which in turn would have the same
files/folders encrypted) so i wouldnt be worried about losing the data just
having it scanned w/o encryption.

<< btw from a reply i received from one vendor

<Most people on that new group probably used Microsoft's EFS. which is still
having a lot of problems. It still gives a bad name to the industry.
However, Gartner believes that full hard disk encryption problems is a 90s
issue' and todays products are easy and very functional. We have almost 4
Millions licenses out there and the Hard Disk encryption market is growing
at over 50% per year. I can give you hundreds of thousands of users who say
its 'great' Try our demo at www.utimaco.us tell me if its not easy, fast and
secure.

General Manager
10 Lincoln Road Suite 102
Foxboro, MA 02035
508-543-1008 X 240
Fax 508-543-1009
www.utimaco.us
Support Line 800-688-1199>
>>



"jim sturtz" <jim@sturtzs.com> wrote in message
news:%23DSCcC6XFHA.1404@TK2MSFTNGP09.phx.gbl...
> hi all,
>
> thanks for the replies. surprised the essence is to distrust the software
> so much, altho we have all been bitten by software that doesnt work or
work
> right, i figured this would be something that the vendors did better being
> that it is so critical.
>
> im not doing anything super-secret just trying to avoid someone
downloading
> my bank info, or other private stuff. i have a firewall up but there
still
> is lots of stuff leaving my computer during the do going out to sites that
i
> have connections to or software from them 'touching base'. i am online
24X7
> and am not sure how easy/hard it is to get to my computer but have a
> suspicion that a determined hacker could get in via a trojan or something
> and i would never know it.
>
> i presumed that encrypting the drive would avoid having the data
'readable'
> should they manage to get to it.
>
> the fingerprint thing is a lazy man's way of trying to get a strong
username
> password combo without having to continually figure out and record (and
> change often i guess if done right) them.
>
> thanks again.
>
> jim
>
>
> "NobodyMan" <none@none.net> wrote in message
> news:54d291de6jmigd7dm22bemjitelnlbgirq@4ax.com...
> > On Sun, 22 May 2005 14:12:35 -0400, "jim sturtz" <jim@sturtzs.com>
> > wrote:
> >
> > >i am thinking i would like to encrypt my harddrives to prevent anyone
who
> > >might manage to get on it from reading things.
> > >
> > >how severe of a performance hit does the system take having this
> > >encrypt/decrypt happen on the fly?
> > >
> > >also using a fingerprint scanner to generate my username/passwords so
> that
> > >any offsite access is more confidential.
> > >
> > >how easy are these systems to use. for example my bank requires me to
> put
> > >in a username and password, does the scanner somehow create both of
> these?
> > >
> > >how do they manage this in that often websites have a variety of
schemes
> for
> > >how long the username or password is supposed to be.
> > >
> > >thanks for any info.
> > >
> > >jim
> > >
> >
> > Unless you are protecting State level secrets I'd stay away from using
> > encryption on your home data. It's just an accident waiting to
> > happen.
> >
>
>

NobodyMan
07-10-2005, 12:41 AM
The problem here is that the encryption is transparent. It is only as
strong as how well you protect your account. Many home users don't
even bother with a password; a very large majority of those who do use
passwords use one that is usually absurdly easy to crack if you know
anything at all about the person. Once I've logged on as you, I can
look at any of your data I want, whether you encrypted it or not.

On Mon, 23 May 2005 10:06:43 -0400, "jim sturtz" <jim@sturtzs.com>
wrote:

>hi all,
>
>thanks for the replies. surprised the essence is to distrust the software
>so much, altho we have all been bitten by software that doesnt work or work
>right, i figured this would be something that the vendors did better being
>that it is so critical.
>
>im not doing anything super-secret just trying to avoid someone downloading
>my bank info, or other private stuff. i have a firewall up but there still
>is lots of stuff leaving my computer during the do going out to sites that i
>have connections to or software from them 'touching base'. i am online 24X7
>and am not sure how easy/hard it is to get to my computer but have a
>suspicion that a determined hacker could get in via a trojan or something
>and i would never know it.
>
>i presumed that encrypting the drive would avoid having the data 'readable'
>should they manage to get to it.
>
>the fingerprint thing is a lazy man's way of trying to get a strong username
>password combo without having to continually figure out and record (and
>change often i guess if done right) them.
>
>thanks again.
>
>jim
>
>
>"NobodyMan" <none@none.net> wrote in message
>news:54d291de6jmigd7dm22bemjitelnlbgirq@4ax.com...
>> On Sun, 22 May 2005 14:12:35 -0400, "jim sturtz" <jim@sturtzs.com>
>> wrote:
>>
>> >i am thinking i would like to encrypt my harddrives to prevent anyone who
>> >might manage to get on it from reading things.
>> >
>> >how severe of a performance hit does the system take having this
>> >encrypt/decrypt happen on the fly?
>> >
>> >also using a fingerprint scanner to generate my username/passwords so
>that
>> >any offsite access is more confidential.
>> >
>> >how easy are these systems to use. for example my bank requires me to
>put
>> >in a username and password, does the scanner somehow create both of
>these?
>> >
>> >how do they manage this in that often websites have a variety of schemes
>for
>> >how long the username or password is supposed to be.
>> >
>> >thanks for any info.
>> >
>> >jim
>> >
>>
>> Unless you are protecting State level secrets I'd stay away from using
>> encryption on your home data. It's just an accident waiting to
>> happen.
>>
>


anyone used disk encryption & fingerprint id software?