This ‘compress’ everything is such a waste of CPU and energy. Plus “oops, all your files are gone, tee hee”. GZ everywhere is fucking stupid. More complexity for zero benefit.
I still stand by full disk encryption accomplishing almost nothing for the average user but separating them from their own files
If you don’t have data on your PC that someone might be willing to kill you for, you probably don’t need it, and Microsoft enabling it by default for Win11 installs is crazy
I mean, I think it’s a good idea to enable it on a laptop.
I mean if someone steals your laptop they can access all your files without it, and even though 90% of files may be useless there’s always chances to find passwords (often reused, even if encrypted can be decrypted if they aren’t strong), bank details, documents, etc oh and cookies for your browser sessions etc etc. If I were a laptop thief (which I’m not) I’d probably look for those too before formatting everything, that could be extra money.
That’s why I encrypt my laptop’s drive. That way even if it’s stolen the only thing I have to really worry about is not having a laptop anymore.
Yeah but I don’t think the average smash and grab thief is going to be smart enough to recognize the potential value of the data on the laptop, they’re just going to pawn the thing off as quickly as possible
Anyone smart enough to want the data probably doesn’t need to smash a window, they’ll just access the data remotely when the computer is on and the drive is unencrypted
So even then, it only protects you from the very narrow overlap of thieves who are dumb enough to need to break into cars for a living, but smart enough to harvest data off of stolen laptops
I’m inclined to somewhat agree. As someone who enjoyed snooping around a mostly unencrypted and insecure internet 25 years ago, I can wholeheartedly tell you that most people’s files are pretty boring.
When it’s not E2EE, maybe they are right. What’s the point of encrypting something that gets decrypted midway by an organization with hundreds of employees, many of them with access, not even talking about law enforcement and accidental criminals.
EDIT: I mean, illusion of security may be sometimes worse that lack of that little security which comes with it. Everything is complex.
The point of encrypting something that gets decrypted midway by an organization is that there are worse actors than the organization out there. I’m not really scared of Steam abusing my credit card info, but I am afraid of random internet strangers.
Also remember that https doesn’t just protect your data, it also verifies that you’re actually on the website you think you are. The internet is basically unusable without this guarantee, especially on a network you share with others.
Encryption everywhere isn’t about the individual content. By making it ubiquitous, it’s harder for bad actors to separate the encrypted data they want from the one’s they don’t. If only special content is encrypted, then just the fact that it’s encrypted is a flag for them. It also makes it much harder to ban. It’s pretty much impossible to ban the algorithms in TLS at this point. Too much depends on it.
it’s a good thing the entirety of https traffic has encrypted headers than…
Regardless, if it’s properly encrypted it doesn’t matter if they have it, and are able to confirm who it’s from, unless we’re talking about a governmental agency or an org with access to one of those mythical quantum computers. In which case it’s probably a significant portion of future security.
TLS already has algorithms hardened against QC. The effects of QC against encryption are greatly exaggerated, anyway. The number of qubits that would be needed to break encryption may be too large to ever be feasible.
Get IPv6 going and stuff like SNI becomes unnecessary.
I’m actually gonna give the benefit of the doubt and assume this is actually a grown idiot lol
This ‘compress’ everything is such a waste of CPU and energy. Plus “oops, all your files are gone, tee hee”. GZ everywhere is fucking stupid. More complexity for zero benefit.
- CTO at my previous company
To be fair: there are many things where compression is a waste of CPU time, like fonts and about 90% of non-text media as they’re already compressed
What, you don’t love downloading a zip file that contains an msi (which is perfectly capable of internally compressing much of its internal data)?
I only tar my game backups, because compression time for 0.5% is wasted time.
Found the thread and wow, this person goes on to desperately defend this dumb stance…
I still stand by full disk encryption accomplishing almost nothing for the average user but separating them from their own files
If you don’t have data on your PC that someone might be willing to kill you for, you probably don’t need it, and Microsoft enabling it by default for Win11 installs is crazy
I mean, I think it’s a good idea to enable it on a laptop.
I mean if someone steals your laptop they can access all your files without it, and even though 90% of files may be useless there’s always chances to find passwords (often reused, even if encrypted can be decrypted if they aren’t strong), bank details, documents, etc oh and cookies for your browser sessions etc etc. If I were a laptop thief (which I’m not) I’d probably look for those too before formatting everything, that could be extra money.
That’s why I encrypt my laptop’s drive. That way even if it’s stolen the only thing I have to really worry about is not having a laptop anymore.
Yeah but I don’t think the average smash and grab thief is going to be smart enough to recognize the potential value of the data on the laptop, they’re just going to pawn the thing off as quickly as possible
Anyone smart enough to want the data probably doesn’t need to smash a window, they’ll just access the data remotely when the computer is on and the drive is unencrypted
So even then, it only protects you from the very narrow overlap of thieves who are dumb enough to need to break into cars for a living, but smart enough to harvest data off of stolen laptops
And even then i prefer to encrypt only the folder, less hassle that way.
Sounds like the whole hard drive recovery industry is about to go poof.
I’m inclined to somewhat agree. As someone who enjoyed snooping around a mostly unencrypted and insecure internet 25 years ago, I can wholeheartedly tell you that most people’s files are pretty boring.
Corporate computers on the other hand…
Hackers mad
Hackers mad
Hackers mad
When it’s not E2EE, maybe they are right. What’s the point of encrypting something that gets decrypted midway by an organization with hundreds of employees, many of them with access, not even talking about law enforcement and accidental criminals.
EDIT: I mean, illusion of security may be sometimes worse that lack of that little security which comes with it. Everything is complex.
The point of encrypting something that gets decrypted midway by an organization is that there are worse actors than the organization out there. I’m not really scared of Steam abusing my credit card info, but I am afraid of random internet strangers.
Also remember that https doesn’t just protect your data, it also verifies that you’re actually on the website you think you are. The internet is basically unusable without this guarantee, especially on a network you share with others.
Wait what I saw that comment like a week ago
it depends on the application, if you’re just serving a static site, or talking on a public chatforum, yeah encryption is pointless.
If you’re talking an SSH tunnel? Yeah no this is stupid.
Encryption everywhere isn’t about the individual content. By making it ubiquitous, it’s harder for bad actors to separate the encrypted data they want from the one’s they don’t. If only special content is encrypted, then just the fact that it’s encrypted is a flag for them. It also makes it much harder to ban. It’s pretty much impossible to ban the algorithms in TLS at this point. Too much depends on it.
it’s a good thing the entirety of https traffic has encrypted headers than…
Regardless, if it’s properly encrypted it doesn’t matter if they have it, and are able to confirm who it’s from, unless we’re talking about a governmental agency or an org with access to one of those mythical quantum computers. In which case it’s probably a significant portion of future security.
TLS already has algorithms hardened against QC. The effects of QC against encryption are greatly exaggerated, anyway. The number of qubits that would be needed to break encryption may be too large to ever be feasible.
Get IPv6 going and stuff like SNI becomes unnecessary.