Dnia środa, 28 maja 2014 22:07:40 Griffin Boyce pisze: > Andy Isaacson wrote: > > I'd be surprised if [ecryptfs] doesn't have critical > > implementation bugs in the parts that aren't broken by design. > > > > Please don't use ecryptfs. It's not even better than nothing. > > BRB, wiping my hard drive for totally unrelated reasons!* ;-) If I > remember correctly, ecryptfs was the default home directory encryption > option for Ubuntu until recently. > > Why is it that these things that thousands of people rely on are not > audited in any real way?
The right question is: Why do creators of things that are being used by thousands of people use solutions that are not audited in any real way? > I've used truecrypt with reservations and never > in a serious situation. But lots of people are relying on this to keep > their data safe while crossing borders, documenting human rights abuses, > etc. A company like Canonical should insist on audits before making > *anything* the default encryption scheme. > > These things tend to start as small projects and come to be ubiquitous > without most users caring about audits (or being open-source). We need > to have higher standards. Absolutely. -- Pozdr rysiek
signature.asc
Description: This is a digitally signed message part.
