Comment Re:Another bad omen for privacy and security (Score 1) 309
OK so you define criteria and then have unspeakable problems with solutions meeting all of those and more.
OK so you define criteria and then have unspeakable problems with solutions meeting all of those and more.
Things you don't understand are that simple, you should redo your pre-school learning.
1. Using exquisite use of branching in git, it might be possible.
2. In your example, there was nothing "done since" the wrong paint so it is irrelevant.
Gmail satisfies all practical criteria you laid down for security in this post - http://slashdot.org/comments.p...
There is another type of criteria - the illiterate's criteria of "encryption" as a buzzword without any practical value. Using SSL, gmail satisfies that too.
Start using version control, and at least undoing becomes trivial.
There are 2 possibilities:
1. You want "encryption" (TM). SSL already gives you that.
2. You want security, defined such that it's is OK for some third parties to be able to read your email. Gmail already gives you that.
I don't see a problem
That security is already present for some years. Gmail is secure, period.
That depends entirely on it's use
GPG supports all this and more kinds of use. Some kinds of usefulness are independent of how many people use it. Hence number of people using GPG doesn't matter at all to how useful it is. QED.
from what I've read the Blackberry's model seems to be pretty good
Bruce Schneier put it perfectly - everyone wants you to be secure, just not from themselves. So Blackberry's model is great, safe from the government of India. But not safe from Blackberry and anyone capable of twisting Blackberry's arm. Don't worry, government of India also wants you to be safe - but not safe from government of India.
Google's security model is also very awesome. But Google's users are not safe from Google and anyone capable of twisting Google's arm. Microsoft's security model is also very awesome. But Microsoft's users are not safe from Microsoft and anyone capable of twisting Microsoft's arm. Such security has already been achieved some years ago, and it is demonstrably meaningless.
As long as you continue define as "secure" as something absolute, the security is meaningless.
Now show that it is possible to get meaningful security without understanding a lot more about security than the gadget freak joe sixpack.
I'm willing to bet if you polled all the people that use email, a significant majority would prefer that their email couldn't be spied on by governments or other snoops.
Not if there is a postscript mentioning they won't be able to read their own mail if they lose the key. Even less if there is a post-postscript with stats on hard disk failure rates in laptops, desktops, specifically their hard disk model in their PC model. Even less if followed by data backup advice.
guarantees that you access to your keys across platforms, at all times, and that your keys are safe and backed up. Even if it means trusting your private keys to a 3rd party like Lastpass or Google or Microsoft, and they could theoretically decrypt all of your files and communication, most people simply cannot be trusted to secure their own asses
We already have this. Just install a browser plugin to enforce HTTPS as much as possible - done. Use webmails, blogs. Since you want encryption to be only a buzzword, there you have it. Web pages will be "encrypted(TM)", so will their webmail and blogs.
I don't see any usability problem for a token usage of encryption already for a few years. Only problem is with real usage of encryption, and that necessitates third parties / intermediaries to be unable to decrypt.
How do you know how useful it is if you've never thought about how many people use it?
Wrong question. It doesn't matter if anybody else but me use it. It is still an enormously useful thing, with just me using it.
Amount of usefulness has nothing to do with how many people use it.
Did you even read the post to which you replied?
In case this was supposed to be an on-thread-topic post, apples have so many different types of matter. There is water, sugars both simpler and complex. There are trace amount of vitamins. There are proteins - both from the apple tree as well as any insects that might have made this apple their home.
Many of these are behind the scenes - i.e. under the apple skin. Why should an apple vendor have to weigh all of these to be able to sell a pound of apples? Data pipeline providers don't have to - T-Mobile is the only judge of how much data a customer used. Their "scale" or "meter" doesn't have to be approved by any regulator.
Why so much unfairness against apple vendors?
Then it's good for eBay that it's business model doesn't depend on buying laws. Even when it was new, it was far less illegal than uber is now in most places.
You don't need the shell of a nearly standard laptop - because buying the motherboard for it means you're dependent on that laptop's manufacturer for driver support. So any advantage of "build your own" is gone right there.
You need a shell for a small form factor non laptop motherboard.
Intel CPUs are not defective, they just act that way. -- Henry Spencer
