On Thu, Mar 24, 2016 at 10:47 AM, Manuel Ortega <[email protected]> wrote: > > The purpose of *Vim*'s cryptography, as Bram is trying to stress and nobody seems to ever internalize, is to keep data secret from neighbors and family members, i.e., people not sophisticated enough or motivated enough to e.g., realize that it's VimCrypt, find that webpage, know what a perl script is, know how to apply it, etc.
I disagree. If that's the case, then why did Vim ever get a new cryptmethod at all? zip is just fine for those purposes. > It is pretty clearly implied in ":h encrypt" that the purpose of Vim's encryption is not to keep data secret from people who even partly know what they're doing. > I disagree here too. In :help encryption I see "The encrypted text cannot be read without the right key" and "You could do this to edit very secret text." In :help 'cryptmethod' I see blowfish and blowfish2 described as "medium strong encryption." Nowhere do I get the impression Vim's cryptography is not secure enough to keep data secret from people who know what you're doing. In fact I get the opposite impression, that Vim's cryptography is probably strong enough for most purposes if you use "blowfish2". > For this purpose, it works. > > But really: it shouldn't be Vim's job to encrypt files on disk anymore than it's Vim's job to do compression and decompression. There are plugins to use GPG transparently like there are for compressing and decompressing transparently. > And I disagree yet again here. If encryption is not built into the editor, then you cannot use features like swap files or undo files or you risk exposing decrypted text in those files. I think it's a great feature to support encryption in the editor itself to avoid exposing data like that. Additionally the editor could lock the memory to prevent unencrypted data in a buffer from getting saved off to swap space. I don't know whether Vim does that (it probably should), but there's no way you could do that outside of Vim. So either you need some sort of editor built into your encryption program with fewer features than Vim, or you need to do the encryption within Vim, or Vim needs to provide better hooks for external tools to encrypt in multiple places. -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
