Nine years ago, Wolf Djupedal catalogued over 14,000 books and magazines written in New Norwegian and stored the catalogue in a password-protected dBase IV file. He died without revealing the password. Recently, Kirsti Langstoyl , librarian at the Ivar Aasen Centre for New Norwegian Culture in Oresta, Norway appealed for help in unlocking the database, and security specialists across the Internet have come to her aid.
Fortunately, dBase IV encryption is not very strong, and experts already seem to have succeeded in accessing the data. Data protected by strong encryption could easily be lost forever in similar circumstances, constituting a denial of service attack. Organisations should consider this issue carefully whenever data encryption is proposed. Firstly - is the encryption necessary? It is unclear in this case why the catalogue ever needed to be encrypted - it was intended to be a public resource. Secondly, how can the keys be managed to protect the data and still permit authorised access when staff leave suddenly or die.