Where does your data want to go today?

[Marshall Clow]

>From <http://www.pcweek.com/news/0527/27stor.html>:

>Helping pave the way toward cost-effective disaster recovery
>systems, MCI Communications Corp. this week will join a growing
>number of providers offering file backup and storage over the
>Internet.
[snip]

>MCI and Connected house data on servers at two mirrored sites.
>Both companies are adding an extra dimension of security over the
>Internet by encrypting data.
>
>MCI's networkMCI Backup software, for Windows 95 or 3.x, will
>scan a file for viruses, encrypt it using an RSA Data Security Inc.
>public key and compress it before it is uploaded onto MCI's Internet
>backbone network to a secure storage facility, said MCI officials in
>Atlanta.
[snip]


Some comments (off the top of my head):

* What kind of encryption? [The article says RSA. ] How big is the key?
* Why encrypt before compression? If the encryption is any good, then the
encrypted data won't compress much at all. However, compression before
encryption has its own problems.
* Who does the key management (if any)?
* Does MCI store copies of the keys used?
* How does MCI authenticate users who request copies of files, and do they
then return them encrypted or as plaintext? If encrypted, how does the
recepient decryt the files? (He/she just had a disk crash, and this is
their backup medium, remember?)

I looked on MCI's web site <http://www.mci.com>, but couldn't find
anything. Besides, it's slower than sludge. [ 90 secs/page over my 128K
link. :-( ]

-- Marshall

Marshall Clow     Aladdin Systems   <mailto:mclow at mailhost2.csusm.edu>

"We don't have to take it; never have, never will.
Gonna shake it, gonna break it; let's forget it: better still" --The Who,
"Tommy"