Home » blogs » sneakin's blog

Only the Paranoid Survive

  • user warning: Table 'nolan.comments' doesn't exist query: SELECT COUNT(*) FROM comments WHERE nid = 114 AND status = 0 in /home/sneakin/web/nolan.eakins.net/includes/database.mysql.inc on line 120.
  • user warning: Table 'nolan.comments' doesn't exist query: SELECT c.cid as cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users, c.thread, c.status FROM comments c INNER JOIN users u ON c.uid = u.uid WHERE c.nid = 114 AND c.status = 0 GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, u.picture, c.homepage, u.uid, u.name, u.picture, u.data, c.score, c.users, c.thread, c.status ORDER BY c.thread DESC LIMIT 0, 50 in /home/sneakin/web/nolan.eakins.net/includes/database.mysql.inc on line 120.
Submitted by sneakin on Sat, 2005/02/26 - 13:34.

I just got notified by Ralph's Mimír service about the Slashdot posting mentioning the lost customer records at the Bank of America due to some lost back-up tapes. I've mentioned public-key cryptography before, and I think this is a case where they should have been using it because those back-up tapes should have been encrypted.

The way that that should have been done is typical to PK crypto systems: encrypt the key for a symetric cipher used to encrypt the data using the public keys of the people allowed access to the data. That way even if someone snagged the raw medium, the information would still have been safe[r].

So I now ask, why don't corps come standard with a PKI? The tech has been around for a decade or more.

» sneakin's blog | add new comment

Ad's by Google