- From: Dirk Pranke <dpranke@chromium.org>
- Date: Mon, 16 Aug 2010 16:31:26 -0700
On Mon, Aug 16, 2010 at 3:58 PM, Ian Hickson <ian at hixie.ch> wrote: > On Tue, 30 Mar 2010, Dirk Pranke wrote: >> >> Nicholas is almost certainly discussing the case where the service >> provider requires any data stored on a customer's computer to be >> encrypted, not the provider's own computers. (e.g., this could be a >> Yahoo! policy that data stored on Yahoo! users' computers must be >> encrypted). >> >> Hence they cannot enforce anything like "use FileVault". > > If you can't enforce whole disk encryption, but you are concerned that an > attacker could have access to your machine, it seems that there is no > solution, since an attacker could just install a rootkit and then carry > out arbitrary attacks remotely, including simply replacing the browser > with one that intercepts all the user's data as it is written. > While it is true that it would not defend against all attacks, it will still defend against some classes of attacks (e.g. casual snooping), and may still be valuable. -- Dirk > > On Tue, 30 Mar 2010, Dirk Pranke wrote: >> >> Perhaps we should instead focus on a set of JS Crypto APIs, since that >> is largely orthogonal to the storage APIs? > > That would make more sense, I think. It would be useful in other scenarios > too (such as replacing <keygen>). I would encourage people interested in > such an approach to get vendors together and write a spec. > > -- > Ian Hickson ? ? ? ? ? ? ? U+1047E ? ? ? ? ? ? ? ?)\._.,--....,'``. ? ?fL > http://ln.hixie.ch/ ? ? ? U+263A ? ? ? ? ? ? ? ?/, ? _.. \ ? _\ ?;`._ ,. > Things that are impossible just take longer. ? `._.-(,_..'--(,_..'`-.;.' >
Received on Monday, 16 August 2010 16:31:26 UTC