On Wed, 3 Mar 2010, Yilmaz Arslanoglu wrote:
Hi Russell; Yes, you are right, actually we are also considering the option that you have mentioned. Because even the best technical option will be hackable in theory, anyway...
The theory is pretty simple: In order to make the data useful you need to deliver the encrypted data as well as the decryption key and the decryption algorithm to the end user (embeded in software or elsewhere). The only thing stopping a minimally technical person from putting these 3 things together and getting out the plaintext is in fact the law, not any technological limitation.
Encryption hides the plaintext message from a third party, not the source or intended destination of a message. Any time you see encryption attempted to hide information from the source or destination you are noticing a mis-use of technology, most often attempting to substitute technology for clear and enforceable legal constructs.
Sorry to dive into this, but I worry whenever companies attempt to do these things as it tends to encourage people to circumvent the technological measure. In effect, this (mis-)use of cryptography backfires where clear contracts would have worked well. Avoid this if you want to protect your valuable data.
-- Russell McOrmond, Internet Consultant: <http://www.flora.ca/> Please help us tell the Canadian Parliament to protect our property rights as owners of Information Technology. Sign the petition! http://digital-copyright.ca/petition/ict/ http://KillBillC61.ca "The government, lobbied by legacy copyright holders and hardware manufacturers, can pry control over my camcorder, computer, home theatre, or portable media player from my cold dead hands!" _______________________________________________ gdal-dev mailing list gdal-dev@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/gdal-dev
