Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

So... fundamentally, encrypting data on the very same machine that retains the related keys, is tantamount to simply encoding the data in plaintext form without any real protection, yes?


It's slightly better than that. You can't decrypt the data when the user isn't logged in.


bah, if one can install a password stealing program, then he can as well install a key logger. With both of those, you become virtually transparent.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: