Free email Crypto
Dave Bird
dave at xemu.demon.co.uk
Sun, 1 Aug 1999 18:44:32 +0100
In article <199907301714.NAA22316@domains.invweb.net>, William H. Geiger
III <whgiii@openpgp.net> writes
>There is an old saying in the security field:
> "No security is better than poor security"
>The reasoning behind this is if a user knows that his messages can be read
>by others he will be more cautious in what he writes while if he thinks he
>is "secure" but is really not then he may compromise himself.
>Giving the end user "warm fuzzies" and a false sense of security may sell
>products but it does a great disservice to the user.
I thought, when I first read that, you had written "poor security
is the best security." But with a similar intent... think that you
are using physical locks, suck as crypto, why are good but by no
means perfect. Therefore real security lies in secure behaviour;
in not disclosing the existence of that which may be subject to
attack, to those who don't need to know it.
--
^-^-^-@@-^-;-^ http://www.xemu.demon.co.uk/
(..)__u news:alt.smoking.mooses