From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: To: 9fans@cse.psu.edu Subject: Re: [9fans] writing code Date: Fri, 18 Feb 2005 19:21:35 +0000 From: rog@vitanuova.com In-Reply-To: <757aedc53b1bcb951617d3cc6b4ebce9@telus.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Topicbox-Message-UUID: 0e78c3d2-ead0-11e9-9d60-3106f5b1d025 > This is why I'd like to see the key served from a smart dongle - A more > secure handshake model can be used, and the dongle typically lives > separated from the data. i agree a smart dongle is a good idea, but mainly because it can subvert dictionary attacks if someone gets direct access to the disk. if someone jumps in before you in the boot process, they can still ask your dongle for the relevant information to enable them to decrypt the data, so a secure boot is still necessary.