[erlang-questions] Twoorl: an open source Twitter clone
Fri Jun 6 18:19:52 CEST 2008
Joe Armstrong wrote:
>> Yes and no - security against legal attacks depends on the
>> deleted (irrecoverable) after a certain point.
> If the man in the middle took all your data then deleting the data is
> irrelevant - anyway most attacks
> are illegal
For MITM to work, the man has to be in the middle when the message is
sent. If you save things forever on your server, you present years worth
of potential value to anyone who breaks into your server.
This is exactly why your credit card has those three or four extra
printed digits on it. Merchants are contractually disallowed from
storing those longer than it takes to process the transaction, so anyone
who breaks into the server afterwards will be unable to use those cards
without the company doing additional checking.
This is why sshd changes its keys every few hours - old streams recorded
by attackers become unbreakable even if they manage to break into the
I believe a "legal" attack was meant to imply a subpoena. Mr Gates, for
example, was quite brutalized by email messages he had written years
earlier that would not have been available to his detractors had he a
policy of purging any emails more than a few months old.
Encrypting the data only helps if the court is unable to compel you to
decrypt the data. And if the system is processing it, it must be
decrypted, so a hacker is going to be able to see it anyway.
Darren New / San Diego, CA, USA (PST)
"That's pretty. Where's that?"
"It's the Age of Channelwood."
"We should go there on vacation some time."
More information about the erlang-questions