-----BEGIN PGP SIGNED MESSAGE----- bill.stewart@pleasantonca.ncr.com +1-510-484-6204 scribbles:
Beyond that, unrestrained encryption is dangerous to corporations, because what's to stop a ticked off employee from encrypting everything in the office
What to stop him/her from shredding everything in the office? This is a personnel/legal problem; there's nothing special about the use of cryptography (except that it might be reversable).
Reversability is the main difference - the disgruntled fired ex-sysadmin can encrypt everything and promise to restore it for big bucks plus amnesty. On the other hand, hiding the backup tapes and shredding everything is relatively reversable as well, and has the advantage that you can threaten to sell it to the competitors, so it's not much different.
OK. What's to stop this irked employee from simply *taking* everything? I just don't see how encryption has any special significance here. In either case, the person would probably find themselves in the middle of some fairly big criminal and civil litigation.
When I was an undergrad, an ex-sysadmin left the University, and a week or so after he was gone, the database system announced that it would self-destruct in a week. They had to keep the system shut down for a couple of weeks and change the system clock while they hunted for the time-bomb, and the same sort of thing could be done in many modern systems without crypto, though crypto makes it easier.
I'm still not sure how it makes it easier. If you're a programmer, it's probably easier to insert a trapdoor than to set up some kind of encryption to take place after the fact. If you are just hiding data, taking it is as effective and encrypting it. Safer, in fact, because it wouldn't be open for cryptographic attack. The only real use I could see is getting data out of a company to a competetor, and if security is lax enough to let encrypted email out, it's probably lax enough to walk out with a 8mm tape and 5+ GB of data. Bob -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLgcgguS0CjsjWS0VAQH6sQP/Wc1aWslwUYyLwQvKtpkXda2qqrjc9D70 PWx4FRwT+j1lXSGQvel3Aq+KDzW93qtCpEk7ugZCKssDiM4y/lZ0408CQVVSmccj jLEYbGrxP8/DIl9aT4mc6u4hU+UsJdT9fMLCMlplux0quUILOdg0JBRIdCb5pLii ibUgPkgL01A= =RGOW -----END PGP SIGNATURE-----