Todd Walton wrote: > > I'm not getting your point. What are you trying to say? Are you > saying encryption is not worth it, because someday it'll be cracked so > people should just get over it and not use encryption?
Let me add to this, as I thought about this some more whilst feeding my cat. I would say to someone that does not understand encryption, what it does, what it does not do, what its risks, and what its benefits are: do not use it. I would also say to not use it in a production environment (such as your laptop) until you do understand it. We love car analogies! Encryption is kinda like those air bags; used properly they are great. Used improperly, and they are worse than if you did not have them. In the car's case, the proper way to use them is to always year your seatbelt, and never ever put a rear facing car seat in the front seat with an airbag. To properly use encryption is a bit tougher. It is not as simple as ``encrypt, and use your passphrase to access.'' There is the whole realm of key management. There are the failure modes. There are the mitigation techniques. To play with encryption on non-sensitive, easily reproduceable data? Absolutely! Test away, and learn what you need to. Once you know, you can use it on your live, non-reproduceable data. Encryption is just another tool, and you have to know how to use that tool in order to use it effectively. I was hearing a lot of things here that screamed to me that people did not understand the tools. -john I used the word _not_ too much in this email. -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
