[thelist] how secure is reasonable

Shawn K. Quinn skquinn at speakeasy.net
Sat Oct 6 10:28:37 CDT 2007


On Sat, 2007-10-06 at 09:02 -0600, Bob Meetin - www.dottedi.biz wrote:
> However, here's something I have not done for years, most of a
> decade.  
> When I worked with a UNIX company I occasionally use 'DES' to encrypt 
> and unencrypt files. 

The DES cipher has been obsolete for a few years now. This is the whole
reason NIST had a selection process between five different ciphers for
AES. See
<http://en.wikipedia.org/wiki/Advanced_Encryption_Standard_process>.

Similar tools exist to the original DES-based crypt but (single-)DES
itself should no longer be used.

> It does not appear to be loaded on the hosting company server, but it
> or something similar would certainly add another level of complexity
> to anyone who was able to get to the files.  This is out of my
> expertise, but I could probably set up des to encrypt the files as
> soon as they are uploaded.  Or would it be smarter/safer to find a
> utility that would do this on the desktop.

If you decide to do this at all, look at PGP and/or the free software
equivalent GNU Privacy Guard (GPG).

-- 
Shawn K. Quinn <skquinn at speakeasy.net>




More information about the thelist mailing list