Ray Dillinger writes:
On Thu, 22 Feb 2001, Sampo Syreeni wrote:
Why not simply use encrypted hard drives? Make the driver forget key material in a fixed period of keyboard inactivity? This would be a helluva lot easier than making secure versions of every existing application out there...
Don't get me wrong -- I believe in encrypted drives. They provide a "mix" so you can't tell which bit was written by what application, and that's a valuable service. But there are limits to what they can do or should be relied on to do. Applications that write to (and more importantly, which read from) the encrypted drive should themselves be crypto-aware and do proper key management.
This is a case of letting the perfect be an enemy of the good: it ain't ever gonna happen. People that write MUAs or word processors or spread sheet programs or web browsers are good at and want to write those programs. They aren't going to have the time or interest in becoming expert enough in crypto to use it wisely. So, with a few exceptions, crypto is (and probably ought to be) done by wrapping the application, or putting a new front-end (or back-end on it) or encrypting the drive at the OS level. Crypto and key management is hard (particularly if you do it well); it just isn't realistic to expect that it will *ever* be designed in as a matter of course. - GH _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com