 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Mon, 2 Feb 2004, Steve wrote: > > I'd like to encrypt some info that could later be searched, but I'm > trying to figure out an optimal/safe way to go about doing it. > > For the actual encryption, I'd put the information in a plaintext file > > gpg -c foo.txt > foo.gpg (encrypt with gpg) > > shred -u foo.txt* (shred the old plaintext file and any backup copies > of it) > > If I wanted to search the file, I'd > > gpg --decrypt foo.gpg | grep whatever > > Modifying the file would be: > > gpg --decrypt foo.gpg > foo.txt > > joe foo.txt (and make modification) > > gpg -c foo.txt > foo.gpg > > shred -u foo.txt* (to get rid of plaintext file and any backup copies) > > And then I could script this so I wouldn't have to bother with typing in > everything. But I'm curious about the weaknesses of using such a method > for encrypted information. In particular, any sort of temporary files > which would have stuff during the plaintext post-decryption process (tmp > file from joe, for example). Is there a simpler, better way of going > about this? A self-encrypting program is a non-sequitur. Really, all you can do is obfuscate it a bit, to make casual copying impossible. If you want to protect it further, make it hardware (dongle) or network (license server) dependant. Or wait until the RIAA/MPAA pass the CPRM (http://www.eff.org/IP/DRM/CPRM/20010328_eff_cprm_alert.html).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
