Hacker News new | past | comments | ask | show | jobs | submit login

FIPS 140-2 is often used in the private sector as a source of security process inspiration even when there are no legal or contractual requirements to follow it.

Having a good security architecture is not obstruction of justice. Doubly so if the data is still accessible to you after the failsafe is tripped. All you've done is prevent their ability to access the data before informing you of the existence of the warrant, using access mechanisms that - to you - are indistinguishable from an unauthorized access attempts.

> "I did not even know it came with this feature".

A documented threat model and security policy that justifies physical tamper protection and pulls inspiration from FIPS is a much smarter legal strategy than perjury. Consult a lawyer.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: