Information Security News mailing list archives
Re: Swindle: 'Somebody Has Got to Pay'
From: InfoSec News <isn () c4i org>
Date: Fri, 20 May 2005 00:11:25 -0500 (CDT)
Forwarded from: *Hobbit* <hobbit () avian org> "Encrypted data breach" ?? What a load of crap. If intruders have gotten in far enough to grab the data, it is very likely they've gotten in far enough to grab the keys, too. Don't most compromises happen at the user's desktop, where the first thing to go in is a keystroke snatcher? After which any "encrypted data" is just as valuable, it just takes one more small step. Leave the lazy corporate shucks a loophole like that, and they'll all immediately respond to a breach by saying "the data was encrypted, everything's okay, don't worry". Yeah, right. XORed against 0xFF, even if they paid *that* much attention, doesn't cut it. _H* _________________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
Current thread:
- Swindle: 'Somebody Has Got to Pay' InfoSec News (May 18)
- <Possible follow-ups>
- Re: Swindle: 'Somebody Has Got to Pay' InfoSec News (May 20)