On Tue, Apr 28, 2009 at 16:29, Ben Scott <[email protected]> wrote: > On Tue, Apr 28, 2009 at 7:02 PM, Kurt Buff <[email protected]> wrote: >>>Of course, the private key is kept on that same >>> removable media. I've got a strong passphrase, but XKCD "Security" >>> applies (http://xkcd.com/538/). >> >> XKCD, meet Rubber Hose Deniability: > > The problem is, if you deny you have anything, they'll just keep > beating you until you break (one way or the other). Deniability is > only useful if you can convince someone you have nothing to hide. If > people are torturing you to reveal your secrets, they almost certainly > have already concluded you have something of value. Like telling a > mugger you don't have any money. Even if it's true, he won't believe > you, and that generally ends badly for you. > > One can posit sacrificial assets, of course. Give up something of > lesser value (wallet) but keep the higher value item (money belt). > > But, frankly, in the real world, they'll just bug your > equipment/office to capture everything they need as you use it. > > Crowley's Law also applies. :-) > > -- Ben
As Schneier has said, encryption is like a huge spike in the middle of the road. Very impressive, but most will drive right around it... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
