[gdal-dev] using encrypted data

[Russell McOrmond]

On Wed, 3 Mar 2010, Yilmaz Arslanoglu wrote:

> Hi Russell;
>
> Yes, you are right, actually we are also considering the option that
> you have mentioned.
> Because even the best technical option will be hackable in theory, anyway...

   The theory is pretty simple:  In order to make the data useful you need 
to deliver the encrypted data as well as the decryption key and the 
decryption algorithm to the end user (embeded in software or elsewhere). 
The only thing stopping a minimally technical person from putting these 3 
things together and getting out the plaintext is in fact the law, not any 
technological limitation.

   Encryption hides the plaintext message from a third party, not the 
source or intended destination of a message.  Any time you see encryption 
attempted to hide information from the source or destination you are 
noticing a mis-use of technology, most often attempting to substitute 
technology for clear and enforceable legal constructs.

   Sorry to dive into this, but I worry whenever companies attempt to do 
these things as it tends to encourage people to circumvent the 
technological measure.  In effect, this (mis-)use of cryptography 
backfires where clear contracts would have worked well.  Avoid this if you 
want to protect your valuable data.

-- 
  Russell McOrmond, Internet Consultant: <http://www.flora.ca/>
  Please help us tell the Canadian Parliament to protect our property
  rights as owners of Information Technology. Sign the petition!
  http://digital-copyright.ca/petition/ict/     http://KillBillC61.ca

  "The government, lobbied by legacy copyright holders and hardware
   manufacturers, can pry control over my camcorder, computer,
   home theatre, or portable media player from my cold dead hands!"