State of the keys

I'm so busy at work at the moment that I'm not really getting much time to blog, so I thought I'd do the next best thing and talk about stuff that I've read which is worth a read. I'm sure Noel Coward said something about quoting someone else when you haven't got anything intelligent to say yourself, well this is that.

This article in Dark Reading made me sit up a bit when I thought encryption was being knocked as being unsafe. Actually it was specifically about whole disk encryption. The crack in whole-disk encryption?

“If you thought your sensitive data was safe with the encryption solution you’ve
chosen, think again. To quote the research abstract, “Though we discuss
several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.”

Follow this up with the Quote Of The Day from InformationWeek Daily:

"Fundamentally, disk encryption programs now have nowhere safe to store their keys."
-- Princeton computer science professor Edward W. Felten

And once again I feel safe and vindicated in my choice of employment. I made the jump into data integrity about 6 years too early, but I think it will be a big part of a new range of Information Sharing and Data Classification products. I even made the jump into encryption and key management products 6 years ago, but that was then, now everyone not only wants one, they need one.

OK, so I maybe struck a bit lucky, but from the crest of a wave you can see the next wave coming.