Increasing Computer Security through Hardware? 69
Audiostar asks: "I am interested in adding some security to several of my computers, but am unsure as to which product to go with. I would like to use some sort of external security measure, such as a pen drive token or something similar. I had considered custom building a key card and reader to install on all my machines, but once I started thinking about the cost and time of building a card reader for each of my computers it became rather impractical. Does anyone have any suggestions for external locking devices or software? I would prefer something that I could use on both my Windows and Linux machines, but protecting the Windows machines are the top priority. I don't need anything too fancy, just an added layer of protection from the multitude of various people who come in and out of my place of business everyday. I own a 128mb flash disk watch, so possibly using that as a token would be both easy and geek chic. Any suggestions on what to install?"
Re:Smart Card (Score:2, Informative)
It'll definitely handle Windows... (Score:4, Informative)
Re:Huh? (Score:3, Informative)
Re:Huh? (Score:3, Informative)
Yes, you can open the case, and fiddle with the lose bios settings jumper, but one hopes you'ld notice when they open the case.
*Many bioses have a backdoor password, make sure yours doesn't, or at the least it's not a common one.
What are you protecting against? (Score:3, Informative)
up the settings, deleting stuff, whatever) or against information theft? The
solution will be completely different.
To protect against vandalism, nothing beats nightly offsite backups, nothing.
To protect against information theft, how about storing the informationg in
question on an external device that you keep on your person? Then when they
go to steal it, it's not there. Hard to beat that.
Re:Er? Bad question! (Score:2, Informative)
Haha. No, seriously, the concept behind NTFS encryption is great. It keeps keys with login creditials, and they're decrypted with your login password. I forget the algorythm, but it's not some snake oil crap, it's a real, heavy duty encryption thing. Linux could use something like it, it's so amazingly transparent and just works correctly.
The problem, of course, is that administrator has all the keys, and administrator isn't anywhere near protected enough to be allowed that kind of power...a single spyware and all everyone's super secret files are free for the taking.
Basically, NTFS encryption on Windows is about the same concept asking people their names before they board a plane, but doing a really good check on the name they gave, with absolutely no check to see if that's actually their name. They've bolted working security on a system with completely broken authentication. You can only get 'your own' files, but it's rather easy to be someone else, or even the administrator, so it's really goofy.
Abit SecureIDE (Score:4, Informative)
Re:Huh? (Score:2, Informative)
That is truly +2 insightful. You got me. I want to protect my computer mostly from my annoying RA and frat buddies, not the freelance graphic designers I occasionally employ that aren't monitored constantly while they are working. I can only guess that you are making this assumption based on the fact that my email address on my slashdot profile is a University address, but this stems only from the fact that I have had this
Its pretty amazing that someone can ask a simple question and a sarcastic and rude response can get +2 Insightful. Did it get +2 because of the Ctrl+alt+Del comment? Because I actually was already aware of that function, believe it or not. I know that as a college student it could be assumed that certain subtle nuances of computer usage could slip past you in all those hungover mornings from the previous night's sorority function, and you bringing this to my attention has been a great service to me. Flamebait.
ibutton.com (Score:1, Informative)