Safeboot - a couple of questions
Goto page 1, 2  Next  :||:
Networking/Security Forums -> Cryptographic Software and Hardware

Author: Brinta PostPosted: Mon Oct 06, 2003 10:24 pm    Post subject: Safeboot - a couple of questions
    ----
Dear all,

I am new to this forum. So please forgive me if I make a mistake.

I have to implement Control Break Safeboot into our organisation, we want to use it for all our laptops (1500). I have read the whole forum and found some very helpfull tips. The problem is that I have to use the Safeboot app. I cannot switch to another one.
I am testing the application quite a while now, but still I am afraid of the real thing. Putting this thing into production. On my test machines I can work with it and don't have any problems. But that's only a test machine, not the real life.
My feeling of this application is quite good, but I am afraid of the LIVE situation, when a lot of people will complain about this application when they have problems.

What about applications like SMS and defragmentation applications? Can they still access the fully encrypted disks?

Are there any members here with a lot of knowledge and experience in this application? Do you have suggestions for me? Or tips in configuration?

I think that the implementation isn't that hard, but the whole support will be the issue here.... HUGE i think.

I hope you can help me with this Safeboot baby here Wink

Author: sobel PostPosted: Tue Oct 07, 2003 11:57 am    Post subject:
    ----
Think again if you are going to use SafeBoot! Search for "safeboot" in other posts or read the topic SafeBoot - Is it really safe? ASAP!!

Author: Brinta PostPosted: Tue Oct 07, 2003 4:15 pm    Post subject:
    ----
Oke, we are using the Enterprise edition...

I still have a question. To use the rescue disk we will still need the key to access the features to unlock it. I am talking about Safeboot 4.2

When I insert the disk and boot from it, I cannot acces all parts on the disk... for some parts I need a key.

I called Safeboot and they've told me that this password changes every day. To obtain it, you'll have to call them. And the Safeboot Admin will give you the key after you are validated.

This looks safe in my ears.

I mean, when Windows is corrupted you cannot change someones password so you cannot decrypt the disk (Windows have to start to retreive the latest updates from Safeboot)...
So that is where the rescue disk comes on. With the rescue disk you decrypt the disk to obtain all data on it.

But I think that the key you'll receive from Safeboot is specific for you as a customer.. That should be safe!

Author: chewiepmLocation: hellbound PostPosted: Tue Oct 07, 2003 4:38 pm    Post subject:
    ----
Its kind of ok when you create administrative key recovery for your organisation but when the developers have the ability to decrypt your data, then this is insecure. Who is to say that safeboot cannot leak the decryption keys.

So, what your effectively telling me is that to compromise any safeboot installation, however many of them there are around the world, you just have to attack safeboot servers since they have a password to decrypt each customer's data.

I'm sorry mate but I think it is a mistake doing business with them. Nothing personal like, you understand.
________
Uhwh


Last edited by chewiepm on Sat Feb 19, 2011 4:56 am; edited 1 time in total

Author: sobel PostPosted: Tue Oct 07, 2003 6:11 pm    Post subject:
    ----
Brinta, I agree with chewiepm.

I would suggest stay away from them. It's absurd really for that kind of backdoor. I've never heard anything like that in my life! I don't know what to say more.

Author: Brinta PostPosted: Wed Oct 08, 2003 9:03 am    Post subject:
    ----
Oke, fair... the problem is that the application is already bought by our mothercompany and we have to implement this.

Tell me, I only know the Safeboot application, how is this done with other centrally managed 'Safeboot-a-like' encryption applications?

They have to have a backdoor as well? When Windows is corrupted you'll need a way to decrypt this disk...
There have to be an solution to decrypt the complete disk when the operating system failes to start?! Rolling Eyes

Safeboot's solution for this is the protected rescue disk.... which works in two ways... the password for the floppy disk to access the hidden parts on it (receive the daily-changing-key) by consulting Safeboot and when you've obtained this key (specific for your company) you can access the hidden parts on the disk and do a complete decryption of the disk.

Don't understand me wrong. I agree on the fact that encryption needs to be secure.. but you'll always need a kind of backdoor.
I.E. The encrypted laptop from my boss is brought in. Windows is completely corrupted an cannot start, he also forgot his password. This way we cannot access the VPN client via the LAN. So we cannot reset his password. This is where the rescue disk comes in. I don't think he would be pleased if I would say to him that the I cannot tetrieve the data on his laptop.

So how is this done with other encryption applications?

[oftopic]I read the post were you all suggest container encryption instead of Full Disk encryption. But I don't understand this. We want full disk encryption on laptops only, so in case they are stolen no one can retrieve the data on it. We also want to have a solution which is centrally managed, like Safeboot.[/oftopic]

So how is this done with other encryption applications

Author: sobel PostPosted: Wed Oct 08, 2003 2:21 pm    Post subject:
    ----
You should not forget your password. IMHO there is no excuse when you use encryption and forget your password.

You should be able to connect the corrupted disk to another PC, install your encryption software on it, and access the corrupted disk using the correct key (which you must never forget), decrypt every sectors of the disk (or partition), connect it back to its PC, and then fix the problem as you didn't use any encryption software.

As for what software, I would recommend you to try DriveCrypt Plus Pack. I'm trying it myself. It doesn't have "backdoor feature for enterprise" but I think it might suit your environment. You can have a user password and a master password. The employee boots up the PC using the user password. With that password he can encrypt/decrypt HD but can't mess around with the configuration of DCPP. You can have the master password in a sealed envelope put in a safe box and only use it in case of emergency.

You might also want to try Encryption Plus Hard Disk. It does have some features for enterprise but I wouldn't use it if there's any kind of backdoors. Besides, it's one of US encryption products and some said the NSA ruled for some backdoors in those products.

As for container encryption I don't know if other people like it but I prefer full disk encryption. I heard some people use both.

Author: Brinta PostPosted: Wed Oct 08, 2003 3:46 pm    Post subject:
    ----
Oke, thank you for your comment.
I will ask what the intention for this product was, when they bought it: save data for the man on the street who steels the laptop, or save data for hackers who want to find specific data.

Within Safeboot you can assign a specific admin levels for different support departements. That is how we will use it as well. First Line support, ofcourse, will have less rights to make changes in the configuration then second line support.

You are talking about a user account and a admin account. So you mean two accounts? This way every user access his laptop with the same account/password? That would be inacceptable for me. I need one account for every user and 1 or 2 different level of admin accounts.

But maybe I understood you wrong?

Author: sobel PostPosted: Wed Oct 08, 2003 4:42 pm    Post subject:
    ----
Brinta wrote:
You are talking about a user account and a admin account. So you mean two accounts? This way every user access his laptop with the same account/password?
Yes, that's right. It's not meant for that kind of enterprise usage. It's for personal use. So it may not suit you after all.
Brinta wrote:
That would be inacceptable for me. I need one account for every user and 1 or 2 different level of admin accounts.

But maybe I understood you wrong?
Why would you need multiple "user" accounts at boot level when you can do it at OS level?

Author: Brinta PostPosted: Wed Oct 08, 2003 6:35 pm    Post subject:
    ----
sobel wrote:
Why would you need multiple "user" accounts at boot level when you can do it at OS level?


Mmm, that is a good point. But could imagine that it is much more secure then only one user. This way our users can access other data stored on other laptops. We have around 1500 laptop users. So this way every laptop user can access all data.
Also it is very likely that one default password for all these users is communicated to the outside (one employee is enough, children who wants to play a game on daddy's laptop,...) you know there are a lot of manners how this user account and password can leave the company.

With a userpassword for every user this is not likely to happen and the password is only applicable for that laptop. Not for the other ones.
But that will bring a lot of administration with it.

Next week I have setup a meeting with our security departement. Then they can give their opininion on this discussion.

Thanks for all your feedback. But I think we have to stick with this application (Safeboot) as it is already bought by other mother-company. Evil or Very Mad

Thanks again.

Author: chewiepmLocation: hellbound PostPosted: Wed Oct 08, 2003 9:46 pm    Post subject:
    ----
The likes of pgp, safehouse, encryption plus hard disk etc employ a method known as an administrative recovery key. For each installation of the software in a particular company, the software is branded and tied to a particular extra decryption key that is kept by the system admin. When a user needs to recover data when they have forgotten their password, the additional decryption key is invoked. The sys admin comes along and opens the encrypted data.
However, it should only be the sys admin for a particular company that has this ability. There should never be a master key available from the developer. This master key is created by the sys admin for a company in the first place when the software comes in.
________
P50


Last edited by chewiepm on Sat Feb 19, 2011 4:56 am; edited 1 time in total

Author: Brinta PostPosted: Wed Oct 08, 2003 10:15 pm    Post subject:
    ----
And that is also a good point.

I will take that into account when I'll have te meeting next week. I shall post the outcome of it.

Thanks again all...

Edit:

You are mentioning the fact that you can access the hidden content on the rescue disk (Safetech) with a password that is changing every day.
Still you cannot decrypt the data on the laptop as you need a valid username and pasword to do this.

Author: Johan MarkusseLocation: The Netherlands PostPosted: Mon Oct 13, 2003 2:06 pm    Post subject: SafeBoot
    ----
Initial setup of SafeBoot Enterprise 4.2 might take some time. But in the end it is very easy to support. There are company's around with more than 12000 installs with only one full-time employee.

Author: chewiepmLocation: hellbound PostPosted: Mon Oct 13, 2003 4:24 pm    Post subject:
    ----
Those companies should have read this thread before buying then...
________
EXTREME VAPORIZER REVIEW


Last edited by chewiepm on Sat Feb 19, 2011 4:56 am; edited 1 time in total

Author: U977 PostPosted: Thu Nov 20, 2003 4:33 pm    Post subject: Bringing this topic back to life
    ----
The rescue disk is a bad thing if it's "universal" and can decrypt any Safeboot protected laptop.

If it has a dynamic component depending on your own installation (a random factor for each install of the main database), then there is no security issue with it. Except that this disk contaisn an important decryption key, and should be well protected, kept in a safe when not used.
In that case, you can not consider it as a backdoor. The daily PIN has no added value for security, thats' true.

I don't know if the SAfetech disk is dependant on the install, though. Its' a general comment.
Furthermore, if you still need a valid username and password to decrypt teh disk content, this should also be taken into account and is anotehr argument against considering the existence of a backdoor.

Note: you can't blame someone who forget a password. It's human. In a company of several hundreds of users, it will happen. You can't expect everyone to be perfect.
Personally, I have to remember about 20 important different passwords (long and complex ones, using the whole ASCII range of characters). How can you be sure not to forget any?
This note is again a general one. There are "additional decryption keys" mechanisms to recover data of users who forgot their passowrd in PGP, and it's something differnet than what comes with Safeboot.

Author: Brinta PostPosted: Thu Nov 20, 2003 5:54 pm    Post subject:
    ----
Oke,

Tnx for your comment.
The Safetech "rescue" disk is not a disk with which you can use to decrypt the data on the laptop. The daily changing key is only there to access hidden content on this rescue disk. Even with the use of this disk you'll need an validate user account and passw to decrypt the data.

So in my opinion it is safe.

I would like to discuss with you about some other Safeboot features. The Single Sign-On. When you use this, you'll only sign in into safeboot at boottime and then if the password is cached into memory it wil automatically login into Windows. Is anybody familiar with this feature?

I know if you use this feature you'll not have a possibility to use the Dial-Up networking before logon (because you're automatically logged on)
Are there other security threads that might come up?



Networking/Security Forums -> Cryptographic Software and Hardware


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Goto page 1, 2  Next  :||:
Page 1 of 2

Powered by phpBB 2.0.x © 2001 phpBB Group