On Fri, Mar 23, 2012 at 1:34 PM, Sam Smith <smick...@hotmail.com> wrote: > Everything you said, you can do with LastPass: "make it more convenient, > access your files from anywhere (including the website), stream your own > music, share your files" > > Using secure encryption that occurs on the computer before it leaves for the > cloud does not prevent any of the things you seem to think it does.
The other gentleman is correct, for a service to be considered secure, in real world terms and real world application you would not have access to your data in decrypted form via a website, you would only be able to download the encrypted pieces. Secure encryption is not so secure when you decrypt it from a website using a server that you originally tried to avoid having encrypt it. What I am saying is, what is so secure about the encryption you are using if you let a third party decrypt it, one that can obviously intercept your key quite easily and decrypt it anytime they want to. It's no more secure then just having them encrypt it with their own keys that they make up for you, sort of like drop box. Actually, it's a false sense of security they are giving you at this point, and in my eyes a fraudulent claim of being more secure then others because 'you control the encryption key' when in all honest opinions, they could just intercept it anytime they wanted to so you are back to square one. At this point, secure is out the door, and it's just become another drop box, actually, one that just hasn't been called out about it yet. Be round-a-bout with your terminology all you want so people don't realise that they are no more secure then they were but the truth is still there when you read between the evasion. The short of the short is, for a service to be truly secure the company hosting it must not have access to any of the encryption keys and only the encrypted data, your data is either encrypted and unavailable, period, or your data is decrypted and available, not a false sense of security where Jim thinks he's secure because he controls the encryption key, not realising that the company claiming he's more secure because he controls the encryption key, can in fact intercept said key anytime they want to. It's not security, it's not-so-clever marketing. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss