So-Called High Tech Solutions Re: "PGP Signatures for Electronic Documents?" (Ubiquity, June 6-12, 2000) In general, I must agree with David Ross as I too am an ardent user of PGP. But the problem is that with a properly composed Java bean entered as a Trojan Horse an invader can decrypt the PGP encrypted document, alter it and re-encrypt it, if it is located on the home hard disk. Of course, the obvious way to protect a document is not to store it on either a network server or a hard drive on one's desktop, but to store critical documents and data on floppy disk. Thus the ability to alter the document would not matter as the document would be unavailable to the intruder. This may sound like heresy to many readers who are in the habit of loading up their hard drives with all manner of documents, spreadsheets, in-and-out e-mail, etc. rather than doing occasional house cleaning to protect data and documents from destruction. For myself, I set the defaults to save to my removable media drive. Even with a PGP, digitally certified document, etc., what good does it do if something happens to the hard drive on which the document is stored? Perhaps an intruder would be unable to alter the document, but the holder would have lost it in the crash. There are times when so-called high tech should not supplant something as old-fashioned as hard copy. -- Paul D Lane Previous comments on "Electronic Signature Legislation."

[Home]   [About Ubiquity]   [The Editors]