encryption is (mostly) not magic | Benlog
4 weeks ago by sunpig
For the most part, encryption isn’t magic. Encryption lets you manage secrets more securely, but if users are involved in the key management, that almost certainly comes at the expense of usability and features. Web services should strongly consider encryption where possible to more strictly manage their internal access controls. But think carefully before embarking on a design that forces users to manage their keys. In many cases, users simply don’t understand that losing the key means losing the data. As my colleague Umesh Shankar says, if you design a car lock so secure that locking yourself out means crushing the car and buying a new one, you’re probably doing it wrong.
encryption
security
mozilla
firefox
privacy
users
usability
hashing
hash
password
key
voting
4 weeks ago by sunpig
encryption is not gravy | Benlog
4 weeks ago by sunpig
That last point bears repeating: if you design a system with encryption where users manage keys, you’re going to lose features. You want gravy on that turkey? Sorry, no stuffing for you. “What?” you say. But I want my stuffing and my gravy! I want to believe I can have it all!
mozilla
firefox
sync
crypto
encryption
data
user
password
security
loss
device
4 weeks ago by sunpig
Confirmation bias - GIANT ROBOTS SMASHING INTO OTHER GIANT ROBOTS
may 2011 by sunpig
RT @thoughtbot: Confirmation bias.
thoughtbot
giantrobots
password
email
confirmation
signup
register
clearance
rails
engine
may 2011 by sunpig
It’s Me, and Here’s My Proof: Why Identity and Authentication Must Remain Distinct
january 2009 by sunpig
Essay about security, specifically looking at the potential danger of biometrics being misunderstood and therefore misued. (via <a href="http://www.schneier.com/blog/archives/2009/01/identity_authen.html">Bruce Schneier</a>)
security
microsoft
identity
authentication
password
geeknotes
authorization
auth
factor
biometrics
january 2009 by sunpig
related tags
access ⊕ account ⊕ admin ⊕ administration ⊕ amazon ⊕ analysis ⊕ atlantic ⊕ auth ⊕ authentication ⊕ authorization ⊕ bcrypt ⊕ benadida ⊕ biometrics ⊕ blowfish ⊕ bruceschneier ⊕ change ⊕ clearance ⊕ cloud ⊕ confirmation ⊕ connect ⊕ cookies ⊕ crack ⊕ crypto ⊕ cryptography ⊕ data ⊕ database ⊕ device ⊕ email ⊕ emergency ⊕ encryption ⊕ engine ⊕ ericsink ⊕ experience ⊕ facebook ⊕ factor ⊕ fingerprint ⊕ firefox ⊕ funny ⊕ geeknotes ⊕ giantrobots ⊕ google ⊕ hash ⊕ hashing ⊕ hmac ⊕ identity ⊕ infosec ⊕ jamesfallows ⊕ key ⊕ local ⊕ login ⊕ logout ⊕ loss ⊕ mac ⊕ manager ⊕ memory ⊕ message ⊕ microsoft ⊕ movabletype ⊕ mozilla ⊕ mssqlserver ⊕ mt ⊕ myspace ⊕ mysql ⊕ name ⊕ new ⊕ openid ⊕ osx ⊕ passphrase ⊕ password ⊖ persistent ⊕ physical ⊕ primarykey ⊕ privacy ⊕ protocol ⊕ rails ⊕ rainbow ⊕ recovery ⊕ register ⊕ remote ⊕ reset ⊕ sa ⊕ salt ⊕ save ⊕ security ⊕ sercret ⊕ server ⊕ sha1 ⊕ signature ⊕ signup ⊕ simpletalk ⊕ software ⊕ sony ⊕ sql ⊕ sqlserver ⊕ sqltalk ⊕ sync ⊕ system ⊕ table ⊕ technology ⊕ temporarily ⊕ theatlantic ⊕ thirdparty ⊕ thoughtbot ⊕ troyhunt ⊕ usability ⊕ user ⊕ username ⊕ users ⊕ ux ⊕ voting ⊕ web ⊕ webdev ⊕ windows ⊕Copy this bookmark: