[Discuss] Most common (or Most important) privacy leaks
Bill Horne
bill at horne.net
Thu Feb 19 09:33:18 EST 2015
On 2/19/2015 7:07 AM, Edward Ned Harvey (blu) wrote:
>> From: Discuss [mailto:discuss-bounces+blu=nedharvey.com at blu.org] On
>> Behalf Of Rich Braun
>>
>> Please, flippant answers like that aren't helpful.
> No, Rich. Gordon is right. Your argument was "thug gets bank statement, holds gun to head," and you want plausible deniability, which you lost at "thug gets bank statement."
>
> The tiny grain of truth in your argument was that by forcing you to log into *any* password manager, they've gained access to *all* your stuff. Which is an argument against using any password manager, or anything other than memorizing different passwords for every site you ever use. So your argument was pretty much bunk and the grain of truth is completely impossible to ever satisfy ... except as Gordon said ... basically don't own anything.
>
> Plausible deniability is important in some cases. Not compatible with a password manager.
Nobody likes having to deal with thugs; it's a tragedy of the modern
age. I sympathize with those whom have had to bear that weight.
This is the awkward place that Alice and Bob arrive at whenever we have
to talk about security: cryptography-by-force is a recognized threat and
must be considered. That is why bank safes have time locks, why
safety-deposit boxes need two keys to open them, and why any effective
computer security system must assume that any single individual can be
compromised.
As far as the difference between password-locker programs and having
individual passwords in my head, I don't see the point of eschewing the
password-locker: I'm going to give a thug anything (s)he wants when my
life is threatened.
FWIW. YMMV.
Bill
--
E. William Horne
339-364-8487
More information about the Discuss
mailing list