[PYTHON-CRYPTO] AES in M2Crypto advice
Jason H. Smith
jason at OES.CO.TH
Thu Jun 5 09:12:02 CEST 2003
On Thursday 05 June 2003 01:46 pm, Ng Pheng Siong wrote:
> IMHO, it is more important that the thief who steals the CEO's laptop
> or the subsequent black market buyer do not get access to the files on
> it.
>
> Install a crypto filesystem type thingy on the laptop and train the CEO
> to use it properly. Then just backup the disk image normally; sensitive
Surely. But these days, that might be a tall order. CEOs aren't known
for openly accepting security technology (and its implied
inconveniences). So we'll start small; and when it dawns on him or her
that the backups are more secure than the laptop itself, that's when we
make our move!
But joking aside, I think your average corporate executive understands
meatspace security much better. For example, most will implement a good
security system, perhaps with guards. They will lock their office when
they leave, and (presumably) they will never let their laptop out of
their site, because they know how important it is.
But computer security is more mysterious and confusing, so I think it's
harder for some executives to make a good informed decision (witness IIS
deployment statistics). That's why it's very important for crypto and
security in general to be as user-friendly as possible as the mainstream
world becomes dependent on it. For example, bad passwords are human
nature; and I think no amount of education will solve it. That's why
token-based authentication is smarter. People know not to lend out
their credit card or house keys; and so they'll naturally guard their
smart ID card for accessing the financial database or whatever.
Personally, I can't wait for every PC to come with a smart card reader.
Anyway, that's enough OT for me for one day ;)
--
GPG: 03EE 9EB8 E500 874A F509 7B95 9B9A 84A1 26E9 4F79
http://www.ece.utexas.edu/~jhs/public_key.gpg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20030605/061c88cb/attachment.pgp>
More information about the python-crypto
mailing list