[Discuss] Most common (or Most important) privacy leaks

[bill at horne.net (Bill Horne)]

On 2/19/2015 7:07 AM, Edward Ned Harvey (blu) wrote:
>> From: Discuss [mailto:discuss-bounces+blu=nedharvey.com at blu.org] On
>> Behalf Of Rich Braun
>>
>> Please, flippant answers like that aren't helpful.
> No, Rich.  Gordon is right.  Your argument was "thug gets bank statement, holds gun to head," and you want plausible deniability, which you lost at "thug gets bank statement."
>
> The tiny grain of truth in your argument was that by forcing you to log into *any* password manager, they've gained access to *all* your stuff.  Which is an argument against using any password manager, or anything other than memorizing different passwords for every site you ever use.  So your argument was pretty much bunk and the grain of truth is completely impossible to ever satisfy ... except as Gordon said ... basically don't own anything.
>
> Plausible deniability is important in some cases.  Not compatible with a password manager.

Nobody likes having to deal with thugs; it's a tragedy of the modern 
age. I sympathize with those whom have had to bear that weight.

This is the awkward place that Alice and Bob arrive at whenever we have 
to talk about security: cryptography-by-force is a recognized threat and 
must be considered. That is why bank safes have time locks, why 
safety-deposit boxes need two keys to open them, and why any effective 
computer security system must assume that any single individual can be 
compromised.

As far as the difference between password-locker programs and having 
individual passwords in my head, I don't see the point of eschewing the 
password-locker: I'm going to give a thug anything (s)he wants when my 
life is threatened.

FWIW. YMMV.

Bill


-- 
E. William Horne
339-364-8487