On Thu, Dec 08, 2005 at 09:40:22AM -0800, Aram Perez wrote: > On Dec 7, 2005, at 10:24 PM, James A. Donald wrote: >> Aram Perez >>> James A. Donald: >>>> We can, and should, compare any system with the >>>> attacks that are made upon it. As a boat should >>>> resist every probable storm, and if it does not it >>>> is a bad boat, an encryption system should resist >>>> every real threat, and if it does not it is a bad >>>> encryption system. >>> I'm sorry James, but you can't expect a (several >>> hundred dollar) rowboat to resist the same probable >>> storm as a (million dollar) yacht. >> Software is cheaper than boats - the poorest man can >> afford the strongest encryption, but he cannot afford >> the strongest boat. > If it is that cheap, then why are we having this discussion? Why > isn't there a cheap security solution that even my mother can use?
Can your mother sail a boat? Worth noting that more expensive doesn't necessarily make the boat easier to sail (in fact there are more things to tune, in general), and at the point that you're getting a million pound yacht, you'll probably be hiring someone very qualified to skipper it for you... Is that a useful comparison then to security software? I would expect a competent sailor to be able to weather some storms in a rowboat, where, your mother (to use the example above) would fail. If we carry the discussion to its logical conclusion: I'd therefore expect someone who understands about security to be able to use available security software with a reasonable ability to keep their data safe. Useability and cost are not necessarily related. This discussion is conflating both things. In the security software case, the useability is not there yet at all, the cost is generally fine. The question you want to be asking is "what can be done to make the available software useable safely by my mother?" Cheers MBM -- Matthew Byng-Maddick <[EMAIL PROTECTED]> http://colondot.net/ (Please use this address to reply) --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]