Floppy recovery

Mouse mouse at Rodents-Montreal.ORG
Thu Jan 7 18:13:07 CST 2016

>> I don't trust the vendor's internal security to keep the key from
>> leaking and I don't trust the vendor's HR security to prevent
>> malware authors from making it to the inside, and I *sure* don't
>> trust the vendor to resist a request from law enforcement [...]
> I donâ¿¿t know if itâ¿¿s typical or not, but every company that
> Iâ¿¿ve worked for that has managed crypto-keys has taken key security
> *very* seriously.

I find that easy to believe.  However:

(1) "[E]very company [you]'ve worked for" is almost certainly a heavily
    biased sample; if you have a tenth the clue you appear to, you
    would stay away from the dodgier ones.

(2) Taking key security seriously is a very different thing from being
    good at key security.  (They probably correlate positively, but not
    nearly as strongly as one might wish.)

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse at rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

More information about the cctalk mailing list