On Sat, 17 Oct 2009 19:48:46 -0400, geremy condra wrote: > For the love of baby kittens, please, please, please tell me that you do > not believe this securely encrypts your data.
Surely that depends on your threat model? If you think that the NSA is interested in your data, then no, obviously they'll break it in probably minutes. If you're using it to obfuscate (say) dialog strings in a game, so that game players can't trivially open the data files in an editor and read ahead, then this may be enough security against your threat model, so the answer may be "Yes". But that depends on the game -- if there is real money involved, then probably "No". "Secure" is not a binary state. It's always "secure against what?". You might have the latest, most powerful encryption software, but what are you going to do if the authorities hit your hand with a hammer until you give up the passphrase? (Figuratively or literally.) If you live in a country where this is a risk, then your threat model is different and AES, 3DES or other standard cryptosystems won't make you any more secure than rot13. -- Steven -- http://mail.python.org/mailman/listinfo/python-list
