Forwarded from: *Hobbit* <hobbit@private> "Encrypted data breach" ?? What a load of crap. If intruders have gotten in far enough to grab the data, it is very likely they've gotten in far enough to grab the keys, too. Don't most compromises happen at the user's desktop, where the first thing to go in is a keystroke snatcher? After which any "encrypted data" is just as valuable, it just takes one more small step. Leave the lazy corporate shucks a loophole like that, and they'll all immediately respond to a breach by saying "the data was encrypted, everything's okay, don't worry". Yeah, right. XORed against 0xFF, even if they paid *that* much attention, doesn't cut it. _H* _________________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Fri May 20 2005 - 02:37:00 PDT