The files on a local disk can be vulnerable to theft or modification. If you’re running any sort of server software, of course, you shouldn’t keep anything private on the server machine. Even a machine without server software, however, is vulnerable to viruses, Trojan horses, and other types of skullduggery. It doesn’t do much good to encrypt all your communications if someone can pull files off your local disk.
If you’re especially paranoid, you should encrypt any sensitive files on your local disk. Keep the key on a removable disk or a smart card, or use a passphrase (but don’t write it down anywhere!).
JDK 1.1 introduced the technique of object
, where Java objects can be written to
streams and read from streams. By itself, object
nothing in the way of security. If you write objects out to a file,
it’s pretty easy for almost anyone to read the file and find
out what’s in it. Several of the examples in this book, for
example, serialize a key to a file for later use. This offers no
protection for the key, as it is stored in the clear in the file. To
protect sensitive data, you can combine object serialization with an
encrypted data stream (that is, wrap an
ObjectOutputStream around a
CipherOutputStream). Alternately, you might use a
javax.crypto.SealedObject (see Chapter 7).
A more subtle security risk comes from deleted files. Suppose you receive an encrypted message from a fellow freedom fighter. Naturally, ...