At 10:57 PM 10/24/95, Marshall Clow wrote:
I also just checked this out, and I as the engineer currently responsible for StuffIt (and having worked on it for a number of years), I can tell you that the thing simply won't work as documented. I'll even explain why...
StuffIt actually encrypts data (it doesn't just password protect it), but it does so using a COMPLETELY RANDOM key and then that random key is encrypted using the password that the user entered (user key) and then stored in the MKey resource. We do this so that the same file encrypted with the same "user key" doesn't generate the same data (and therefore aid in easier breaking). So by replacing an archive's MKey resource, only means that you can manipulate an encrypted archive (delete things, etc.) BUT it still won't decrypt your data, since the original encryption key is not present. If you know the person who wrote or posted the information, please feel free to forward my message along to him. Thanks, Leonard Rosenthol ----------------------------------------------------------------------------- Leonard Rosenthol Internet: leonardr@aladdinsys.com Director of Advanced Technology AppleLink: MACgician Aladdin Systems, Inc. America Online: MACgician