request: encryption support on file open/save
Derek Atkins
warlord@MIT.EDU
07 Sep 2000 08:38:17 -0400
Robert Graham Merkel <rgmerk@mira.net> writes:
> That all sounds quite solid reasoning to me. I've taken a security
> class, which didn't teach us all that much about how to design
> secure systems, but was quite good at showing just how easy it was
> to make insecure ones.
Yea.. I do computer security for a living (I do Linux hacking in my
free time ;) It is way too easy for someone to create an insecure
system. There are just too many pitfalls for someone to fall into.
Mind if I ask where you took a class and who taught it?
> Of course, I hope that anyone who encrypts their gnucash data
> remembers to also encrypt their swap file . . .
Well, if you have enough RAM this isn't an issue... ;)
There was a good paper at Usenix Security Symposium last month
about Swapfile Encryption. The code may even be available..
Please, don't ask me for a URL, I don't have one.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
warlord@MIT.EDU PGP key available