When I'm Dead, How Will My Loved Ones Break My Password? - Cory Doctorow, The Guardian
When I'm Dead, How Will My Loved Ones Break My Password?
Cory Doctorow, The Guardian
"Tales from the encrypt: If you care about the integrity of your data,
it's time to investigate solutions for accessing and securing it -- and
not just for the here and now... Like an increasing number of people who
care about the security and integrity of their data, I have encrypted
all my hard-drives -- the ones in my laptops and the backup drives,
using 128-bit AES -- the Advanced Encryption Standard. Without the
passphrase that unlocks my key, the data on those drives is unrecoverable,
barring major, seismic advances in quantum computing, or a fundamental
revolution in computing. Once your data is cryptographically secured,
all the computers on earth, working in unison, could not recover it on
anything less than a geological timescale...
But what if I were killed or incapacitated before I managed to hand the
passphrase over to an executor or solicitor who could use them to
unlock all this stuff that will be critical to winding down my affairs
-- or keeping them going, in the event that I'm incapacitated? I don't
want to simply hand the passphrase over to my wife, or my lawyer. Partly
that's because the secrecy of a passphrase known only to one person and
never written down is vastly superior to the secrecy of a passphrase
that has been written down and stored in more than one place. Further,
many countries's laws make it difficult or impossible for a court to
order you to turn over your keys; once the passphrase is known by a
third party, its security from legal attack is greatly undermined, as
the law generally protects your knowledge of someone else's keys to a
lesser extent than it protects your own..."
http://www.guardian.co.uk/technology/2009/jun/30/data-protection-internet
Regards,
Tarek Hoteit
+1 (214) 770-9691
http://tarek.hoteit.org
Cory Doctorow, The Guardian
"Tales from the encrypt: If you care about the integrity of your data,
it's time to investigate solutions for accessing and securing it -- and
not just for the here and now... Like an increasing number of people who
care about the security and integrity of their data, I have encrypted
all my hard-drives -- the ones in my laptops and the backup drives,
using 128-bit AES -- the Advanced Encryption Standard. Without the
passphrase that unlocks my key, the data on those drives is unrecoverable,
barring major, seismic advances in quantum computing, or a fundamental
revolution in computing. Once your data is cryptographically secured,
all the computers on earth, working in unison, could not recover it on
anything less than a geological timescale...
But what if I were killed or incapacitated before I managed to hand the
passphrase over to an executor or solicitor who could use them to
unlock all this stuff that will be critical to winding down my affairs
-- or keeping them going, in the event that I'm incapacitated? I don't
want to simply hand the passphrase over to my wife, or my lawyer. Partly
that's because the secrecy of a passphrase known only to one person and
never written down is vastly superior to the secrecy of a passphrase
that has been written down and stored in more than one place. Further,
many countries's laws make it difficult or impossible for a court to
order you to turn over your keys; once the passphrase is known by a
third party, its security from legal attack is greatly undermined, as
the law generally protects your knowledge of someone else's keys to a
lesser extent than it protects your own..."
http://www.guardian.co.uk/technology/2009/jun/30/data-protection-internet
Regards,
Tarek Hoteit
+1 (214) 770-9691
http://tarek.hoteit.org
Post a Comment