home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!magnus.acs.ohio-state.edu!cis.ohio-state.edu!pacific.mps.ohio-state.edu!linac!att!princeton!athena!dla
- From: dla@athena (Don Alvarez)
- Subject: Re: Wordperfect file-locking (faq?)
- Message-ID: <1992Sep3.210835.27109@Princeton.EDU>
- Originator: news@nimaster
- Keywords: WordPerfect, encryption
- Sender: news@Princeton.EDU (USENET News System)
- Nntp-Posting-Host: athena.princeton.edu
- Organization: Princeton University
- References: <adamsd.715442992@crash> <6140@transfer.stratus.com>
- Date: Thu, 3 Sep 1992 21:08:35 GMT
- Lines: 24
-
- In article <adamsd.715442992@crash> adamsd@crash.cts.com (Adams Douglas) writes:
-
- >[...] Wordperfect 5.1 is easily broken.
- >Why is it so easily crackable? Were they just lazy, or what?
-
- Suppose they had used DES. The same people who regularly forget that
- they used their first name as their login password will forget that
- they used the name of the file as the encryption key. Now their
- 100 page annual report is completely lost, with no hope of ever
- getting it back.
-
- Suppose they use some nothing idiot encryption like rot-13. Most
- people in a given office probably don't know how to crack it, so it
- provides reasonable security. When the user forgets the key, however,
- it *is* possible to find a way to recover the data.
-
- Very few MIS departments would want to hand every secretary in the
- company an unrecoverable encryption option in a word processor.
- The damage it would inevitably do when the users forget their keys six months
- from now would generally far outweigh the security benefits in the mean time.
- A few people at a few companies may really need DES, and if they do
- they can go out and get a third party encryption package.
-
- -don alvarez
-
