On 11/21/07, Paul Louden <[EMAIL PROTECTED]> wrote:
>
> Exactly what is your intent with such a plugin? Why is encrypting the
> information on the device considered better than encrypting them on the
> host, and decrypting them on the destination?


It is preferable to do the encryption/decryption on the device for a couple
of reasons off the top of my head.  First, I may not even have permission to
install the decryption routines on the computer (most public computers, a
lot of "work" computers, etc.).  Second, I may trust the "public" computer
with say my password to slashdot.org, but I certainly don't want them to
have access to all of my passwords and private data.  Basically it's just a
way limiting the information given out to the bare minimum, and would be
much more convenient for me personally, and I assume for others.  Also I
have private data that I never really need to enter into other machines, but
I like to be able to access (financial data).

Surely if both the host and destination are secure enough for making use
> of the unencrypted files, encrypting and decrypting them there are also
> valid? And much, much, faster?
>

That would sometimes work, yes, but I am unconvinced that it will be
real-world faster for small amounts of data (If it takes .5 seconds, vs .01
seconds, who cares?  Especially if I'd have to spend 5 minutes downloading
and installing software on the public machine).  If we're talking about
gigabytes of data, then yes, you are certainly correct (this is definitely
not my target use case).

-mud

Reply via email to