How about :- "Has HIV due to homosexual and drug use. Ongoing syphylus issues. Has lung cancer due to "black lung" from work in a local West Coast coal mine when younger. Occupation is a local government polititian. " A lot of information can be hidden in the detail. RP On 28 June 2012 08:28, Nily wrote: > I should add another varible to the problem. Data is important if it has = a > time of execution. If you know what is encryped after if has been done or > have no time to do something it is useless. > Of course you can get some knowledge about the encryption. > Sometimes, analyzing text you can understand and know the names. > If you would like 100% security, there is only one method available and t= his > is One Time Key. All other encryption methods are vulnerable and is a mat= ter > of computing time to break the code. > > Rodolfo > > -----Mensaje original----- > De: piclist-bounces@mit.edu [mailto:piclist-bounces@mit.edu]En nombre de > Herbert Graf > Enviado el: Miercoles, 27 de Junio de 2012 01:00 p.m. > Para: Microcontroller discussion list - Public. > Asunto: Re: [OT] Database encryption > > > On Wed, 2012-06-27 at 08:59 -0400, V G wrote: >> > >> No one's inventing encryption systems. I'm making use of standard AES >> encryption and choosing what gets encrypted and what doesn't. >> >> The data itself doesn't really matter. The important part is WHO the dat= a >> belongs to - the names. If the names themselves can't be deciphered, the= n >> it should be good enough. What data is related to the names doesn't > matter. >> The whole thing can be looked at as a key-value database with the key > being >> names and the value being a bunch of numbers/blob text/etc. The value >> itself is meaningless. >> >> Example data: smokes, has cancer, enlarged left atrium, is an electrical >> engineer. >> >> That data in itself is useless. This isn't some secret government >> organization thing, so no one really cares about it in the first place, > nor >> is anyone targeting it, nor would anyone spend any time trying to get it= .. >> I'm just being over cautious about this whole thing by nature. > > OMG, are you being serious here? > > This is MEDICAL data you are talking about. > > "Smokes, has cancer, is an electrical engineer". If your DB got out, > with this sort of stuff available you would be in ALOT of trouble. > > Maybe data like that doesn't matter much to you, but how about the > person it DOES belong to? Even without names (which doesn't say much due > to how easy it often is to associate "annonymized" data with names) this > is NOT the kind of data to be treated in such a half hazard way. > > I really think you need to consult someone who's familiar with what's > legally required as to the safe guarding of confidential medical data. I > think you will find that "removing the names" is not for one second > considered good enough. > > TTYL > > -- > http://www.piclist.com PIC/SX FAQ & list archive > View/change your membership options at > http://mailman.mit.edu/mailman/listinfo/piclist > > > ----- > No virus found in this message. > Checked by AVG - www.avg.com > Version: 2012.0.1913 / Virus Database: 2437/5096 - Release Date: 06/27/12 > > -- > http://www.piclist.com PIC/SX FAQ & list archive > View/change your membership options at > http://mailman.mit.edu/mailman/listinfo/piclist --=20 http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist .