From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ben Schmidt Date: Mon, 24 Mar 2014 20:32:32 +0000 Subject: Re: [mlmmj] Encrypted list Message-Id: <53309660.3050404@yahoo.com.au> List-Id: References: <20140320184234.GG23804@szaflik.hasiok.net> In-Reply-To: <20140320184234.GG23804@szaflik.hasiok.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: mlmmj@mlmmj.org On 25/03/14 6:19 AM, Chris Knadle wrote: > As such, putting some effort wards encrypting our own filesystems > seems like a worthwhile effort. This was the point I was just about to make. If someone *really* wanted your data, wouldn't they just seize your local machine and read the unencrypted stored copies? Or even if it is encrypted, they have a nice limited-size dataset there to hurl resources at to crack the encryption--and it might not take many if you've chosen a dumb password. Or if you're like most people and use the same password for everything, it can probably be got from something else (e.g. any unencrypted login, or some other app on the same machine storing it in plaintext or with a weak hash). The whole operation probably either needs to be done illegally or require a warrant of some kind, but it's still got to be easier/cheaper than a lot of other options, if encryption is employed. On 25/03/14 3:49 AM, Piotr Auksztulewicz wrote: > PPS. I like this list to go live - even if slighlty off-topic. Agree with that. There is also a relatively large amount of Mlmmj development going on at the moment, with most discussion happening on the bug tracker. Hoping for a new release in a handful of weeks with some bug fixes and new features. Just waiting for the dust to settle on a few current issues. Smiles, Ben.