"Barton L. Phillips" <barton@applitec.com> (06-04-10 19:21:21):

> > In Linux there are several ways in which you can encrypt your data.
> > I have an encrypted hard-disk (via dm-crypt), encrypted email
> > traffic (via GnuPG) and of course encrypted remote shell sessions
> > (via OpenSSH). To keep it short, I encrypt everything, where
> > encryption is appropriate.
>
> When I was in the military I noticed that everything transmitted from
> my Air Base was first encrypted. I mean everything from the dinning
> hall menu to the laundry list. I asked some of our crypto guys why
> they wasted time encrypting such worthless junk. Their answer was a
> revelation: If you encrypt only sensitive information then the enemy
> only has to work on the encrypted stuff, but if you encrypt everything
> the enemy has to spend enormous amounts of them decrypting junk. It is
> the needle in the haystack theory. If you have millions of billions of
> bytes of funk it will be pretty hard to find that 16 digit credit card
> number in the noise.

If this level of communication secrecy and authenticity would be
required, then I would use other methods. When I talk with people not
much related to me in IRC, then I don't see the point in encrypting
that. I still do it, but it's pointless. It's not even secure. The
server administrators can still decrypt the traffic, as well as the evil
MITM.


> But then again you have to be pretty paranoid -- but for this group?

I am. =)

Since this group deals with security, paranoid points of view are not
fully inappropriate. It depends on who you would like to defend
against. Personally I like defending against every attacker, if
possible.


Regards.