> All encryption is breakable ... Yes, but this specific situation requires encrypted storage that _must_ be readily breakable as part of the application design. All you need to do is own the box and know how to peek into process memory. There's no application-level method of hardening the situation that I can think of. . . the primary objective, a battle seemingly lost, is stopping people from owning the box in the first place. With keystroke loggers already out there on these zombies, even entering the AUTH password on every session would not help (though a hardware token would).
--Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/ http://www.mailmage.com/products/software/freeutils/ldap2aliases/download/release/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
