Ok, while i have a vague idea what's going on here, I'm simply not geek enough (to my shame) to identify exactly what gaping great security hole these codes represent. Are they corporate networks laid open?
Mmm. An analogy is that these files being publically available (and indexed by google) is a bit like having a nice high-security lock fitted, then hanging the key on a hook on the front door when you go out. At eye level.
The kind of encryption they're for uses two files - a public key and a private key - you're meant to keep the latter one very secret indeed :)
There are a range of potential misapplications of the data - reading encrypted email is one, sending encrypted email that very convincingly appears to be from a particular (perhaps highly trusted) person is another, signing software installation files with them is another one. I'm sure the list of fun you could have with them is quite long, if you get one for the right person.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
(no subject)
Date: 2006-03-01 07:56 pm (UTC)- perhaps thats why the US government wants access to googles records...?
(no subject)
Date: 2006-03-01 08:25 pm (UTC)(no subject)
Date: 2006-03-01 11:25 pm (UTC)(no subject)
Date: 2006-03-02 12:33 am (UTC)The kind of encryption they're for uses two files - a public key and a private key - you're meant to keep the latter one very secret indeed :)
There are a range of potential misapplications of the data - reading encrypted email is one, sending encrypted email that very convincingly appears to be from a particular (perhaps highly trusted) person is another, signing software installation files with them is another one. I'm sure the list of fun you could have with them is quite long, if you get one for the right person.