request: encryption support on file open/save

Christopher Browne cbbrowne@hex.net
Thu, 07 Sep 2000 08:12:52 -0500


On Thu, 07 Sep 2000 08:49:12 EDT, the world broke into rejoicing as
John <jklar@projectplasma.com>  said:
> On 7 Sep 2000, Derek Atkins wrote:
> 
> > Robert Graham Merkel <rgmerk@mira.net> writes:
> > 
> > > Of course, I hope that anyone who encrypts their gnucash data
> > > remembers to also encrypt their swap file . . . 
> > 
> > Well, if you have enough RAM this isn't an issue... ;)
> 
> </lurk>
> 
> I've got 256Mb and I _still_ hit swap.  The main culprits are XFree
> 3.3.6 with GLX loaded and Netscape.  If I was that paranoid, I wouldn't
> even chance it.
> 
> <lurk>

... Which goes to imply, as far as I'm concerned, that people are
getting a bit _too_ paranoid.

If there were tools built to allow "script kiddies" to pull entertaining
info out of swap, that would be one thing.

But at present, lacking that, the primary sorts of folk that could
attack swap files are the Guys In Black Hats who would probably have
better targets for their efforts than _anything_ I have on my hard drive.

I'd think that using facilities like CFS to make _some_ serious and
ubiquitous use of cryptography to protect data to be beneficial.  Going
beynd that would mandate having someone that _really_ knows "signals
analysis" analyze systems in great detail.  We could all have B2-secured
systems, but that pretty much mandates everyone being a competent
security analyst that _really understands_ what "B2 secure" means...
I'd suggest leaving those analysts to the government agencies,
corporate data centres, and drug lords, as all of those pay better
than we will.  :-)
--
cbbrowne@hex.net - <http://www.ntlug.org/~cbbrowne/linux.html>
Rules of the Evil Overlord #155. "If I know of any heroes in the land,
I will not under any circumstance kill their mentors, teachers, and/or
best friends." <http://www.eviloverlord.com/>