[erlang-questions] Twoorl: an open source Twitter clone

Joe Armstrong <>
Fri Jun 6 17:00:35 CEST 2008


On Fri, Jun 6, 2008 at 3:37 PM, Damien Morton <> wrote:
> On 6/6/2008 10:48 PM, Joe Armstrong wrote:
>>
>> Security has nothing to do with this argument - if a password is sent
>> over the network it has been
>> sent - nothing can alter that.
>>
>> A man in the middle might store the message forever so it would make
>> no difference if the
>> server stores the data  for a millisecond or a trillion years.
>>
>> The reason for storing things in an appended log is to be able to
>> replay the log later if things go wrong and
>> recover from errors - it has nothing to do with security. Security and
>> privacy has to do with the level of
>> encryption that is applied to the items in the log.
>>
>> /Joe
>>
>
> Yes and no - security against legal attacks depends on the information being
> deleted (irrecoverable) after a certain point.
>

If the man in the middle took all your data then deleting the data is
irrelevant - anyway most attacks
are illegal

/Joe



More information about the erlang-questions mailing list