Storing secrets on other people's computers
makrober at gmail.com
Thu May 5 04:24:19 CEST 2011
On 03/05/11 15:50, Daniel Kahn Gillmor wrote:
> Dropbox exposes your secret
> keys to dropbox employees (and anyone who can convince them to snoop):
That article makes no sense at all.
a) Storing files containing your secret data on somebody else's
computer makes sense only if *you* encrypt the data beforehand,
completely independently from the person or organization that
you will give the files to store.
b) Your data can not be considered safely encrypted, unless encrypted
with a competently written program that had its source inspected by
you or someone you trust, on the computer that you control at the
time of encryption.
Once these two extremely straightforward principles are observed,
it is perfectly OK to give the files containing your secrets to
someone/anyone else for safekeeping, provided you have no problem
that it will be known to him, to all those that he cooperates with
and to all those that monitor the traffic between the two of you
that you have given *some* secrets away for safekeeping. To imply
that one such service is better or worse than another based on what
*they* do (or they say they do) in order to protect your secrets
is utter nonsense.
More information about the Gnupg-users