[SC-L] Best practices for encrypting client-side data
Robin Sheat
robin at kallisti.net.nz
Wed May 9 20:01:14 EDT 2007
On Wednesday 09 May 2007 02:11:05 ljknews wrote:
> I would suggest two factor authentication, requiring some smart card
> (with built-in keypad, to prevent intercept of the pin) that actually
> provides the decryption. Make the user keep the smart card with them,
> such as by requiring it for entrance to the cafeteria or rest room.
That's not possible in this case. Mostly because it would involve more
investment on our part than the customers would be willing to pay for.
However, I'm interested in generalising the ideas in this thread to go beyond
my particular situation; "if you were storing data in an application on a
laptop, how would you keep it as safe as is feasible?" Especially in the case
of non-tech-savvy end users and machines out of our control, so we can't do
things like install truecrypt.
--
Robin <robin at kallisti.net.nz> JabberID: <eythian at jabber.kallisti.net.nz>
Hostes alienigeni me abduxerunt. Qui annus est?
PGP Key 0xA99CEB6D = 5957 6D23 8B16 EFAB FEF8 7175 14D3 6485 A99C EB6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://krvw.com/pipermail/sc-l/attachments/20070510/d009489b/attachment.bin
More information about the SC-L
mailing list