Re: LUKS2 support for null/plaintext target

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Dec 16, 2019 at 19:24:33 CET, Chris Murphy wrote:
[...]
> But consider that as a direct consequence of the burden to
> backup->luksFormat>restore, quite a lot of users opt out of encryption
> entirely. The point of in-place conversion isn't perfect security.
> It's to get more users to opt in, by reducing the penalty of opting
> in.

But why would you _want_ users to "opt in"? It seems like entirely
the wrong thing to do to me. First consider that the users 
you are talking about do not have backups. Hence their data must
be basically worthless anyways! Second, their data is so little
in need of protection that something as simple and as a backup  
already makes them do without encryption. Hence their data must
actually not be sensitive in any way!

Given these two things, why on earth do you want these people
to use encryption?

Security comes at a price. That price has to be paid. 
No price - no security. There is _no_ way to fix this and trying 
to do so only does damage to the user by making things too complex
for them to handle.

Regards,
Arno

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@xxxxxxxxxxx
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
https://www.saout.de/mailman/listinfo/dm-crypt



[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux