> Why is it significantly easier to protect the key[s] > used for the encryption than the storage itself? one could always passphrase-protect the key, i.e. use symmetric encryption. admittedly, this could potentially be brute-forced, but ... should be good enough for most purposes? -- have-a-great-new-year, tav