

Six Common Internet Privacy Myths - ddent
https://www.danieldent.com/blog/six-internet-privacy-myths/

======
valarauca1
This blog post is a complete joke.

SSL and Full Disk Encryption are not secure, but gmail is because gmail is a
leader in email encryption. What does gmail use to encrypt emails between its
server you ask?

SSL/NSS the cryptographically standard... Which the blog post already said was
insecure. It reeks of corporate cargo-cult mentality. Google said this is
secure, therefore it is secure.

The truth about security is you are never secure. If somebody wants to hack
you, they will given enough time. All you can do is force them to spend more
time. There will always be the _first time_ an academic attack vector is used
in the wild.

It maybe used on you.

:.:.:

One positive note. The blog post didn't use, "Freeze the ram with liquid
nitrogen" Paper to talk about Full Disk Encryption being broken.

~~~
ddent
I agree that you are never fully secure.

I also agree that not even Gmail is "fully secure". But for the average
person, it poses _less_ of a risk to their privacy than the realistic
alternatives.

~~~
valarauca1
Yes but on the same argument the _average person_ is more secure trusting the
TLS/SSL icon on their browser than not.

This is one of my problems with the blog post is its self contradictory.

On one hand, "We should herd the ignorant sheep to the most secure plateform."

On the other hand, "We need to whine about how insecure and buggy TLS/SSL is."

Self contradiction.

If the point of gmail is to herd people to the _most_ secure platform, then
you can't tell people to not trust TLS since its really is the _most_ secure
platform for web communication.

