| Walt Mankowski via plug on 2 Dec 2021 09:11:37 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] kernel, rpm, croc, du, encrypted |
We have a bunch of encrypted USB drives at work. The newer ones can be opened via hardware buttons on the drives, but the older ones required software that only runs on Windows. That software is on the drives, but our IT setup won't let us run it because it's untrusted. There was a driver for the Mac, but it's no longer supported and won't run on my Mac because it's so old it's still 32 bits. There's a third-party Mac solution, but I could never get it to work. On Thu, Dec 02, 2021 at 11:59:35AM -0500, Keith C. Perry via plug wrote: > Interesting that flash drives were brought up. Here's a quick story... > > In a previous life, I was involved with testing and reviewing a bunch of secure flash drives for an IT department. Back then IronKey was all the rage. I didn't really care for them because 1) they could only be using in Windows 2) needed a management console to reasonably control and management a fleet of them. > > Of course, no one cared other I that these were Windows only units but even the folks that were fan of them got sick of the management process. As I recall the software was pretty crappy and unreliable anyway (the typical, "I upgraded Windows and everything broke" issue back then). > > We dropped them pretty quickly and switched to only deploying a few flash drives with the built-in key pad. That caused an issue of device availability and of course data sizes were growing very quickly for users in the '00's. That led me to eventually write an application for this task that was user system agnostic, scalable on the back end and connected to the local LDAP directory so that any user could login and "send" ginormous files without any restrictions. > > What surprised me on that journey was how quickly users the outpaced technology of the time. Flash drives were too small and software options were poor at best. Jump ahead 10+ years and we have good solutions all around. I have several 1Tb SSD drives and my last "build" was an NVMe type so its the smallest AND the fastest since the enclosure is USB-C. That one is totally encrypted but my others are partitioned so that a Windows system can see and use the unencrypted part while Linux (and probably Macs) can use either. I still have and use a couple flash drives that are 128Gb or bigger. None of them are full and its been years. I will say though that I have seen flash drives continue to fall out of favor. Centralized IT wants control and I know some companies are baning USB drives or are doing things to prevent their use. > > We're in a good place with this type of tech. Typical consumers even have access to NAS systems which I suspect handles a lot of the "sharing" duties. I think, even in Windows you can create an encrypted file that is mountable if you don't use the NAS' built-in encryption. > > > > ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ > Keith C. Perry, MS E.E. > Managing Member, DAO Technologies LLC > (O) +1.215.525.4165 x2033 > (M) +1.215.432.5167 > www.daotechnologies.com > > ----- Original Message ----- > From: "Rich Freeman via plug" <plug@lists.phillylinux.org> > To: "Walt Mankowski" <waltman@pobox.com> > Cc: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org> > Sent: Thursday, December 2, 2021 9:38:46 AM > Subject: Re: [PLUG] kernel, rpm, croc, du, encrypted > > On Thu, Dec 2, 2021 at 9:01 AM Walt Mankowski via plug > <plug@lists.phillylinux.org> wrote: > > > > Or, as I said, you could use a flash drive to share the file. > > Yeah, I touched on that in my reply to Keith. I don't dispute that > there are other options. > > Flash drives do have issues. croc transfers one file in one > direction. Flash drives could contain other files, or the remnants of > deleted files on them. The receiving host could modify other data on > the drives or insert malware onto them. > > It is a bit less of an issue on Linux where it is a bit harder to > execute malware from a flash drive, but it is still possible. > > Honestly I can't see many IT departments embracing croc, but I'd think > it would be an easier sell than flash drives. I think they're more > likely to cling to fairly cumbersome solutions that people just find > ways to avoid. > > -- > Rich > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
Attachment:
signature.asc
Description: PGP signature
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug