Hacker News new | past | comments | ask | show | jobs | submit login

I’d say the author is being so restrictive in the scope of threats that it isn’t very useful.

Regardless, even in their very restrictive scenario, it provides defense in depth as I said.




> I’d say the author is being so restrictive in the scope of threats that it isn’t very useful.

Loss of control of the hard disks may have many different ways it can manifest in the real world, but from a cryptography and software development perspective, is congruent to other flavors of the same underlying problem.

That's not being "restrictive", it's recognizing the common denominator.


The problem is that after that common denominator is recognized, the post implies that it is outside the threat model of "web applications and/or cloud services", when it is not.

It doesn't need in-depth discussion, and the way data is still highly exposed despite disk encryption is very important, but that implication is not great.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: