|
Marc Clifton wrote:
The information on your computer is only fully protected by encryption when it is powered off or in hibernate mode. Simply locking your computer is not sufficient for encryption.
Yeah, information is definitely "protected" when the computer is off. But how encryption protects your data when the computer is off is beyond me. Maybe I'm not as smart as I thought. You don't necessarily need a password to get a locked running OS to do stuff for you as the current logged in user (e.g. via a USB attack), and since it can read the encrypted files...
If they've enabled the full-drive encryption, and especially the encryption build into the hardware of 2.5" drives, then even if you have physical access, you're going to need the password before you can read the data on the drive if the computer is off when you get there.
|
|
|
|
|
Marc Clifton wrote: Nonpublic information should only be saved to your network drive So "private" information then? If it's private to me, I'm not sure it should be made "publicly" available.
Marc Clifton wrote:
Dude. You really don't want to use "currently offline" and "Always Online" in the same sentence. I understand what you are saying, but perhaps since the latter is a proper noun (i.e., capitalized), it's not really referring to a state, thus those terms can co-mingle.
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|
|
David Crow wrote: but perhaps since the latter is a proper noun (i.e., capitalized), it's not really referring to a state, thus those terms can co-mingle.
Quite so, but the proper noun is a product that "guarantees" delivery of a cached static page when your server is down. Which (the cached static page) wasn't working.
|
|
|
|
|
Maybe that page falls outside of the "limited copy" range, or it's perhaps not considered "popular."
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|
|
Some people have a mouth that is Always Online™ even when their brain is currently offline
|
|
|
|
|
I think it was HP that had a laptop that was insanely secure, but may have been slightly less so if you were already logged in.
|
|
|
|
|
Quote: Nonpublic information should only be saved to your network drive
This means that only public (insensitive) data should be on your computer in case it is lost or stolen?
Quote: The information on your computer is only fully protected by encryption when it is powered off or in hibernate mode. Simply locking your computer is not sufficient for encryption.
As mentioned before, encryption keys are deleted from memory cache when computer is powered off. I gues that's how BitLocker works, this is talking about disk encryption!
|
|
|
|
|
The information on your computer is only fully protected by encryption when it is powered off or in hibernate mode. Simply locking your computer is not sufficient for encryption.
Yeah, information is definitely "protected" when the computer is off. But how encryption protects your data when the computer is off is beyond me. Maybe I'm not as smart as I thought. I guess this refers to some setup of encryption keys is done during boot up (for e.g. full disk encryption) or login (for private user files encryption). If someone can access the computer in other ways while it is still running, and with the keys set up, the intruder may be able to decrypt files. If the intruder can log in under another user name, full disk encryption doesn't protect the disk. If he can access the machine through a network, he may be able to impersonate himself as you, and retrieve your files regardless of keyboard and screen being locked.
If the full-disk encryption requires a password at boot time, the thief won't be able to boot up the machine. If you haven't logged in, the decryption of your personal files is not set up. So I am not laughing as much of it as you do.
I do laugh at Windows decrypting my personal files without me giving any decryption key, and I must have blind faith in Windows not doing the same encryption for someone else. But if you open an encrypted .zip archive in WinZip, and type in the secret password for retrieving one file from the archive, then WinZip will remember that password until you close WinZip, so that any passer-by could sit down at your desk and see other encrypted files without specifying the password. You must exit WinZip to avoid such peeking. Similarly, you must log out to avoid peeking into your Windows encrypted private files.
Even though it is old now: Security aware people should read the design documents for the Kerberos authentication system. There is a thorough discussion of all the considerations they made to make sure no eavesdropper would be able to pick up secret keys and passwords.
|
|
|
|
|
I have a project loaded with JScript calling ActiveX objects. Those are Windows objects. Silverlight was technically about putting the Windows object in a web page. Not sure I would go that route in any case, but what is the current status of Silverlight. (I'll probably do my AJAX thing. Have you ever used an Update Panel? )
|
|
|
|
|
|
I liked Silverlight. It was like WPF, but for the web.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
It worked for both desktop and web, and I found that extremely innovative. That's something I haven't seen before or since. Too bad they didn't continue down that road...
Anything that is unrelated to elephants is irrelephant Anonymous
- The problem with quotes on the internet is that you can never tell if they're genuine Winston Churchill, 1944
- Never argue with a fool. Onlookers may not be able to tell the difference. Mark Twain
|
|
|
|
|
The reason Silverlight deceased is that it needed a browser plugin to run. Most browser developers would not want to add that (they still trembling when ActiveX mentioned), and .NET wasn't supported on platforms other than Microsoft. So it made Silverlight a Microsoft/IE only thing...
Microsoft's decision (with others) was to push forward the HTML5 initiative instead...
"The greatest enemy of knowledge is not ignorance, it is the illusion of knowledge". Stephen Hawking, 1942- 2018
|
|
|
|
|
I think there was a Firefox plugin as well. I think the bigger problem was that there wasn't a Linux browser plugin.
|
|
|
|
|
Actually, Microsoft likes to get people enthused about a technology stack, and then completely abandon it once acceptance and use has become significant. To be honest, I'm surprised that Microslop is still supporting .Net...
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Silverlight is about more than playing videos.
|
|
|
|
|
|
Cutting Edge!
... such stuff as dreams are made on
|
|
|
|
|
Cool. I'm afraid I may get to be good at this toolkit.
|
|
|
|
|
HTML5 squeezed out the technically superior Silverlight.
VHS squeezed out the technically superior Umatic.
TCP/IP squeezed out the technically superior OSI protocol stack (USA: prevented OSI from entering).
XML squeezed out the technically superior ASN.1.
The x86 architecture squeezed out the technically superior PowerPC (you could even count 68K).
K&R C squeezed out the technically superior Pascal, and prevented other well designed languages from entering the scene.
I guess we could keep on for quite a while.
Engineers have some romantic ideas about competition causing the best candidate to win, pretending that by 'best' they mean the technical superiority. When it doesn't turn out to be true, we treat is as an exeption: VHS won because of the availablitly of porn movies on VHS; everybody knows that. But there are practically always exceptions: Usually, when a technologially superior solution wins, it is not due to competition, but rather to a cooperative joint effort. (If you ask for examples: The comittee-designed GSM kicked out the competing cellular phone technologies, even in the USA. The comittee-designed DAB digital audio brodacast is way superior to all those proprietary competitors - even the US winner, HD radio, is far behind from a technical viewpoint.)
Technical superiority is not significant for being the winner in a competitive market. Often it is a great disadvantage, because it won't allow making those shortcuts to cheapen it. The reason why TCP/IP protocols won was that any fourteen year old hacker can put together something that sort of works on his home PC. The OSI protocols required a professional, with professional competence to build high quality solutions, not a pile of random hacks. I always argued that the names are wrong: It should be TSMTP, TSFTP, TSNM...: TOO simple mail transfer protocol, TOO simple file transfer protocol, TOO simple network management. But the TOO-simple is what made these protocols win the battle.
|
|
|
|
|
|
Wasn't it a Microsoft flash in the pan?
|
|
|
|
|
Hi All,
Thing I need for operation cluster is a piece of software to monitor packets of data (video?) really a version of Wireshark that will let you look at the packets. I did offer to put one together for use (in C#) but was denied the chance...
One the major task is to create the IP packets loaded with test data...(#FF#01#FF#01) I'm guessing I should have lead with that...
modified 19-Jun-18 5:38am.
|
|
|
|
|
Maybe WireShark can help you...
"The greatest enemy of knowledge is not ignorance, it is the illusion of knowledge". Stephen Hawking, 1942- 2018
|
|
|
|
|
Maybe I should re-word the question...thanks.
|
|
|
|