Hacker News new | past | comments | ask | show | jobs | submit login

I understand the rightful distaste for backdoors. However, it occurs to me that any encryption system that could get widespread use would need some kind of mechanism to recover data in the event of loss of password/hardware/authentification device etc. The more valuable data is the more important backups are. I think that the general public would be reluctant to use any complete encryption product that could lead to loss of personal data such as email in the event of common human error. We need ways to recover data, and if those methods exist they could always be used by law enforcment. Encryption has to exist within the world as it is (with comprimises), not how you may want it to be. A secure encrypted backup recovery standard may actually make users safer, because what we have now is so much more vulnerable.



I think the real point to take out of this is how important it is to have secure backups of your encryption key. Making sure that the encrypted data is backed up is common sense. Backing up the encryption key is just as important.

If I were to lose my encryption key, I would absolutely expect to lose my data. That's how encryption works. That's how encryption should work. If I can get my data back without the encryption key, someone else can too.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: