Sure, as I mentioned in part of my last email, in some (few) cases this
is fine.
That case is this:
- I Have a bunch of secret data, in a file called "secrets.zip".
- I encrypt that data with some strong encryption mechanism.
- I post that file on http://www.example.com/secrets.zip.gpg -- it
is world readable.
- I meet you in a dark alley, we exchange a secret handshake and
password. I hand you a thumb drive with the encryption key for the
data. (repeat for each person i want to give the key to)
- You go download the data and decrypt it.
This is only marginally better than me giving you the data itself on the
thumb drive, as it saves me future trips to the scary alley.
If we use public-key cryptography, we can do away with the meeting in
the alley, though then I'd have to make a version of the encrypted file
for each recipient.
Firewalls are always going to be a fact of life, though they aren't
really necessary in any way relevant to the above scenario. Well, at
least for the server that's serving the files.. Of course, if your
machine where you're doing the decrypting is compromised, then the
hacker gets your key. Then they can go download the data from anywhere
and decrypt at will.
At the end of the day, encrypted data is useless unless at some point it
gets decrypted. Any machine that will do the decryption (and therefore,
even momentarily, hold a copy of the key and/or the unencrypted data)
needs to be suitably secured.
A machine that's *only* purpose is to hold the data in encrypted form
you could probably care less about. Unless it's the ONLY place where
the data is stored, in which case a malicious individual could destroy
your data, even if they can't steal it.
-Tim
Joe Leo wrote:
Here's another thought I wonder about encryption technology. Could one
day encryption technology replace the need for firewalls - either
partially or all together. Forget about those security policies, is my
firewall configured right, applying security patches & hardening the
OS, etc... If one can just encrypt there entire drive or the data
needed to be protected by encryption - Why need a fw if the data is
garbled and useless to those who can't decrypt it. Of course fw plays
other roles but from a pure "protect my data from the unwanted" to me
encryption may solve that. Just a thought!
Joe
On Sun, Apr 6, 2008 at 7:12 PM, Joe Leo <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Wow, I really appreciate the feedback and some of the many
comments i am getting to my original question. I ask my original
question not so much I have some secrecy of any kind of
application. As I mentioned, I'm not much of a programmer in
practice. I'm just getting interest in the encryption technology
as a whole and since I have not really used any of them I wanted
to get an idea how effective they are.
Now the feedback with the questions and comments I am getting are
good, in that, they make me think why would I use it and to
achieve what purpose. What I've been hoping to gain from asking my
question is then why & when to use such encryption tool -
especially, when hosting your data remotely by a hosting provider.
My thought is if encryption techniques like TrueCrypt works - Why
not use it regardless who is your hosting provider. Or, having to
consider questions like who you trying to protect data from. I
mean, when you buy a nice bran new expensive car you have a key to
lock the doors and some go further to put in a car alarm or car
tracking device. Who you're trying to prevent from stealing your
car is no brainer question to consider - IMO. One knows that
locking the door and/or having a car alarm is a deterrent - Though
not 100% guaranteed. Maybe my example is not the best but just
trying to raise a point.
In my question to deploy some encryption on my data would (help)
minimize people stealing private data - Why not use it, especially
if there's not much performance penalty.
David, regarding you comments below:
So are you worried about encryption during uploading or about
encryption while executing the scripts on the server and
serving up content - or both? What other security measures did
you include?
You've hit the right questions I am looking to understand. The
answer is both. From what I understand about a tool like TrueCrypt
I can encrypt say my webfolder (web site) and upload it to my
hosting provider. And, what I am trying to understand is can the
encrypted data remain encrypted and still serve content. Or, once
I upload the encrypted data must I need to decrypt it to serve the
content? I am not concern about data being encrypted out to the
users browser. SSL takes care of that - right? So, if it is that I
can encrypt and it remains encrypt while serving content then this
is not a bad solution. And, of course one can take other measures
like ssh to the server to actually keep access to it secure.
joe
On Sun, Apr 6, 2008 at 5:09 PM, David Krings <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Joe Leo wrote:
Well, you could wrap everything into PHP and use one of
these PHP
obfuscators.
Well, I am not much of a php/programmer and don't know how
and what it means to "wrap everything into php".
I mean that you need to use PHP to output static page content
if you want to encode / obfuscate everything.
Still, I wonder why you want to do that? Do you
distrust your
hosting company that much? In that case I'd look for a
different
provider.
Well, I am just looking into a solutions to encrypt data.
The question as to why I would want to do that is not the
question - But, thanks for asking.
Well, the reason for me asking is that there may be a better
approach than taking the big hammer. I speak from experience
as I often use(d) the big hammer and everything was a nail.
What are you trying to protect and who are you
protecting it against?
I'm looking to protect data/information that could be the
software code and/or customer's client info.. Protection
should be from anyone who does not need to have access to
the website data or the DB... Of course, data will be
shown to users (web client) who has been given access to
view this data from the application.
So who is your hoster? Every thought about self-hosting or
having the customer run the server? Any chance that this might
work via intranet rather than internet, because then you
probably want to add SSL to the pages. I do not know if that
is difficult to do. But keep in mind, anything that is
accessible via internet is not what I'd consider entirely secure.
I don't see why you need to protect the software code. PHP is
server side only and the client doesn't see anything from your
PHP code.
And yes, it is assumed that legitimate users are allowed to
see information, otherwise the whole setup would be quite
pointless.
What I am interested in is to find the most effective and
most secure way to upload my website & db to remote host
and the data is fully protected by encryption.
As mentioned above, hosting something offsite and have it be
available through the internet is IMHO not secure. Taking
stuff can be made more difficult, but most secure....well, I
leave that up to the experts, but I have my doubts - see
Hannaford, TJX, etc.
I will look into the ionCube suggested earlier - Though
this seems to be a PHP only base solution. From what I
gather, a product like TrueCrypt could be better as I can
encrypt an entire volume or folder and it's done -
Regardless of type of code or application that exist or
being encrypted.
Again, comes down to the hosting service that you have. Do you
have that much access and rights to the server that you can
just go ahead and run services that encrypt and decrypt entire
folders?
I know many software type companies package there software
where either partially or fully the code is encrypted and
protected. This is the similar type of solution I guess I
am looking for.
Nah, most companies distribute binaries that make it difficult
enough for people like me to re-engineer the code. But look at
the open source security applications. Their code is freely
available. Security through obscurity is one of the worst
approaches.
I don't want to rain on your parade, but taking into account
that you are "not much of a php/programmer" you may want to
take a step back and think this over if that application is
indeed that critical and demands such secrecy that code and
database have to be encrypted. I play around with PHP for
about five years now and I don't think that I'd be capable of
writing a secure application. I'm not saying that you are not
capable of that, but I have the impression that you think
slapping some encryption onto something makes it secure.
I am also wondering a bit about your statement that you want
"to find the most effective and most secure way to upload my
website & db to remote host". So are you worried about
encryption during uploading or about encryption while
executing the scripts on the server and serving up content -
or both? What other security measures did you include?
Kaptchas? Multiple time-limited passwords? Multiple access
levels? Effective session management to kick people out of the
system after a few minutes of inactivity? Or even other means
such as biometrics as identification? Your own certificate?
Also, does it have to be a web client? I'd guess there are way
more and way better means to encrypt data when working with
fat clients. Also, which database engine do you plan to use?
Does that database engine have means to encrypt entire tables
or data sets?
And what do you do for client security? There is not much
gained when your server is like Fort Knox, but the users can
access the application from any client on any network and then
do so from theit favourite internet cafe, leaving the PC
unattended while getting another beer. So you want to at least
restrict the IP address (ranges) that are allowed to get even
to the login page.
Sorry for asking that many questions, but I think those and
many more questions need to be asked and sufficiently answered.
David
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
------------------------------------------------------------------------
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
