Woe is me...

[Ian Sidle]

> This reminds me, I have a clients Filemaker server making unique back
> ups every 30 minutues, 1 save per hour. So we have in effect 112 or so
> backup files spread out on two hard drives. I also make a CD-R backup
> whenever the mood strikes and give him the disk.
>
> So, the question is, what is the best method for encrypting the data on
> the CD or maybe creating a disk image with a password?
Well - define best. New Disk images (using mac os x) will use AES (the 
new US gov sponsored/created encryption standard).Supposed to be *very* 
strong encryption (even at "only" 128bit). For example - its hands down 
stronger then ssl (https) encryption which is used for online shopping 
(with credit cards and all). There is supposedly already software that 
can decode it (https). Although you have to in the right spot on the 
network path (which would be somewhat difficult to do). Some encryption 
is definitely better then none. I hope they come up with a new system 
for securing web traffic soon.

Disk image are quite convenient - open the file, and simply drag the 
files over. No encrypting each file by hand (so to speak). Gnupg 
(GPG)/PGP (pretty good privacy) is an public/private key encryption 
system using various different encoding systems. The main benefit is 
you can encrypt an email message to someone, using their public key. 
With that key, you can *only* write (encrypt/encode) messages - you can 
not read them. So you can hand that key out to everyone who sends 
messages to you. Then when you get a message encoded, you use your 
private key to decode and read the contents. This allows only *you* to 
read messages and preventing others (who have the key) to reading them. 
Normally, its one read/write key. Thats pretty much it in a nutshell.

Although it also depends on who you are securing your files from. If 
its just misc files you have and preventing the kids/random people from 
messing with them, then almost anything would work. Now if you want to 
prevent different business to getting to your trade secrets then use 
all you can get. You really can't protect against the government 
though. All you can do is make it inconvenient for them but they would 
eventually get into the data one way or the other. For example, reading 
the electrons emitted from your keyboard in order to find your 
encryption pass phrase used to encode/decode your files..


-------
> The US Army is destroying 31,500 tons of nerve agents and highly toxic
> blister agents at a projected cost of $24 Billion Dollars. Someone
> suggested they could make money selling it on eBay under the Weapons of
> Mass Destruction category.

Yeah. But then it would be used against us :(
Not that they could make it up on their own though..

thanks,
Ian