Local Encryption ... Why Not?
-
@scottalanmiller said:
Every extra character makes it quite a bit longer to crack. Complexity doesn't slow it down in any way.
Do you have statistics on how long it takes to guess passwords of a given length?
I looked through quite a few articles and the estimates are all over the place.
-
@scottalanmiller said:
@BRRABill said:
@scottalanmiller said:
@BRRABill said:
You are correct in that if the password is 1234 it's easy to crack. But it is not so easy if you are using the recommended letters, numbers, etc..
Studies show that those factors do absolutely nothing to slow cracking. It's purely for duping humans into feeling things are secure, it does nothing to secure against an attack. Only length does that in any meaningful way. Complexity is a direct enemy of security because it makes humans unable to remember it while making it no harder for a computer to crack.
Right.
If you are serious about it not getting cracked, it's gotta be looooooong.
Every extra character makes it quite a bit longer to crack. Complexity doesn't slow it down in any way.
That's not entirely true. If you KNOW that the character set doesn't have any special characters, that's like 30 points of entropy per character lost.
-
I think that we are mostly on the same page. In the OP the question was "why wouldn't you" basically asking why every machine everywhere shouldn't be encrypted. Many machines should be, some are a middle ground of it could go either way and many should not be. Encryption adds cost, complexity and certain types of risk while reducing other types of risk, mostly around theft. If your goal is blinding speed, data is not important or you need systems that can restart themselves, encryption is problematic. If you need systems that are highly secure against physical theft, you probably want encryption. It's not that I'm saying you shouldn't have encryption, you just shouldn't have it "everywhere".
-
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
@scottalanmiller said:
@BRRABill said:
You are correct in that if the password is 1234 it's easy to crack. But it is not so easy if you are using the recommended letters, numbers, etc..
Studies show that those factors do absolutely nothing to slow cracking. It's purely for duping humans into feeling things are secure, it does nothing to secure against an attack. Only length does that in any meaningful way. Complexity is a direct enemy of security because it makes humans unable to remember it while making it no harder for a computer to crack.
Right.
If you are serious about it not getting cracked, it's gotta be looooooong.
Every extra character makes it quite a bit longer to crack. Complexity doesn't slow it down in any way.
That's not entirely true. If you KNOW that the character set doesn't have any special characters, that's like 30 points of entropy per character lost.
Except you don't know that.
-
@BRRABill said:
@scottalanmiller said:
Every extra character makes it quite a bit longer to crack. Complexity doesn't slow it down in any way.
Do you have statistics on how long it takes to guess passwords of a given length?
I looked through quite a few articles and the estimates are all over the place.
that's because it depends on the algorithm, the password length and the hardware used. So there is no easy answer. If you are trying to crack something with a laptop or with a Tesla cluster, you get very different results.
-
@scottalanmiller said:
certain types of risk
Being catastrophic data loss?
But wouldn't a good backup cover you there?
-
@BRRABill said:
@scottalanmiller said:
certain types of risk
Being catastrophic data loss?
But wouldn't a good backup cover you there?
Presumably. If the assumption is that people need data in dangerous places (like laptop endpoints) because they have to work offline then the assumption is that there is data there that might not be easy to back up either.
-
BTW: I get what you mean about a place like a bank. If you are running updates in the middle of the night, and it needs to reboot, someone needs to be there to get it back up.
But for a doctor office, no one is working at 3 in the morning. I understand your feeling that the doctor him or herself won't ant to do it. But if it is important to them, don't they have to be given the option?
Of course for a bank you'd want it in a secured data center if possible.
I'm talking more the fringe cases. Smaller doctor offices. Accountant with tax returns. That kind of stuff.
-
@BRRABill said:
BTW: I get what you mean about a place like a bank. If you are running updates in the middle of the night, and it needs to reboot, someone needs to be there to get it back up.
But for a doctor office, no one is working at 3 in the morning. I understand your feeling that the doctor him or herself won't ant to do it. But if it is important to them, don't they have to be given the option?
Of course for a bank you'd want it in a secured data center if possible.
I'm talking more the fringe cases. Smaller doctor offices. Accountant with tax returns. That kind of stuff.
It's less about updates, you can schedule that. It's blips that cause reboots. You can run into problems if you have regular, unexpected updates because they are inconvenient. You can run into if you want to do scheduled weekly backups as we often recommend. And you can easily run into it if you go two years without a reboot and when it happens no one knows what is wrong with the system and it is just "dead".
-
@scottalanmiller said:
It's less about updates, you can schedule that. It's blips that cause reboots. You can run into problems if you have regular, unexpected updates because they are inconvenient. You can run into if you want to do scheduled weekly backups as we often recommend. And you can easily run into it if you go two years without a reboot and when it happens no one knows what is wrong with the system and it is just "dead".
But how often do servers just randomly reboot? Or do random updates?
So if the server doesn't ever reboot, what's the issue?
-
@scottalanmiller said:
and when it happens no one knows what is wrong with the system and it is just "dead".
Then they call their friendly MSP/Consultant and say "hey it's asking for some Bitlocker password" and you give it to them and all is good in the world.
Why wouldn't this work?
-
@BRRABill said:
@scottalanmiller said:
and when it happens no one knows what is wrong with the system and it is just "dead".
Then they call their friendly MSP/Consultant and say "hey it's asking for some Bitlocker password" and you give it to them and all is good in the world.
Why wouldn't this work?
It assumes...
- Good MSP records.
- That they still have the same MSP or can find the right one.
- They know enough to call the MSP.
- They consider this something for the MSP to fix and aren't mad at the MSP for breaking the system.
- The people who worked with the MSP are still around.
- The MSP is available immediately at the time needed and doesn't need time before responding.
Lots to go wrong there. Look at @Dashrender's description of a doctor's office. They can't even figure out what app to use to open a document. how could they possibly deal with knowing what vendor to call when. They'd far more likely call the NAS vendor and yell at them for not supporting their product.
-
@scottalanmiller said:
how could they possibly deal with knowing what vendor to call when.
There is only 1 vendor to call. The people who helped them with all their computer stuff.
-
@scottalanmiller said:
- The MSP is available immediately at the time needed and doesn't need time before responding.
That's the only issue I see there.
-
But again ... what are the odds a server is just going to reboot in the middle of the day. It doesn't happen on any of my servers. Is this something you see a lot?
-
@BRRABill said:
But again ... what are the odds a server is just going to reboot in the middle of the day. It doesn't happen on any of my servers. Is this something you see a lot?
This would suck in a data center environment. Remote reboots .. Having to hop into the Out of band management to get it booted up. No Thanks.
This is why physical security is important. Have audit trails for server room access.
Also not even sure how you do this with a large scale SAN setup like ours. It's just not practical.
-
I was reading that and saw it edited before my eyes! LOL.
-
@Jason said:
This would suck in a data center environment. Remote reboots .. Having to hop into the Out of band management to get it booted up. No Thanks.
This is why physical security is important. Have audit trails for server room access.
I've admitted that data center scenarios encryption is not such a big deal as the risk of theft is much less.
I'm talking more about the company that has a server locked in a server room, behind locked lobby doors, behind lock building doors. But you never know, right?
Low incidence of theft, true.
But I'm argiung if the pain of encryption is low enough, it;s worth it as an added security feature.
-
@Jason said:
This would suck in a data center environment. Remote reboots .. Having to hop into the Out of band management to get it booted up. No Thanks.
Definitely agreed.
WOuld have to be an environment where humans are able to get in front of the device easily.
-
I think SMBs tend to focus on the wrong thing when they have lots of other low hanging fruit. More complexity doesn't nessecerily mean more security. Also how big of a target are you anyway? A doctor doesn't go giving you medicine for something you have low risk for.
Most companies would freak out if they saw our logs and how many hacking attempts we get in just a few minutes.