On 2014-06-16 14:01, Thorsten Glaser wrote: > Russell Stuart <ras <at> debian.org> writes: > >> messages. One of the reasons raised for not doing it is some felt >> uncomfortable carrying around their GPG keys when travelling. >> >> My initial reaction was "that's being overly cautious" particularly >> given there signing every message doesn't mean you have to carry around >> your master key. However, it did make me wonder just how safe a GPG key >> (or indeed any file) is, if it is protected by a password and nothing >> else. > > You completely miss http://xkcd.com/538/
The $5 wrench people could also break into my apartment anytime they wanted; that doesn't mean I don't lock the doors anyway. When I take security precautions, I'm mostly thinking about the person who might steal my laptop, or rob my apartment when I'm on vacation. Those are very real threats and for data, they can be mitigated very easily, to some extent. There is nothing irrational about that. That comic is just a stab at *irrational* people. Like, people who actually believe a government would build a multi-million-dollar computer just to brute-force *their* keys. > and the fact that some > legislations may require you, with jail penalty, to hand over > any encryption keys, passwords, etc. you have with you when > inside their territory. While that is sadly true, AFAIK all those legislations still require at least good cause, but more usually a court order, to do so. Christian -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/539f177d.1020...@kvr.at
