SSL and Full Disk Encryption are not secure, but gmail is because gmail is a leader in email encryption. What does gmail use to encrypt emails between its server you ask?
SSL/NSS the cryptographically standard... Which the blog post already said was insecure. It reeks of corporate cargo-cult mentality. Google said this is secure, therefore it is secure.
The truth about security is you are never secure. If somebody wants to hack you, they will given enough time. All you can do is force them to spend more time. There will always be the first time an academic attack vector is used in the wild.
It maybe used on you.
:.:.:
One positive note. The blog post didn't use, "Freeze the ram with liquid nitrogen" Paper to talk about Full Disk Encryption being broken.
I also agree that not even Gmail is "fully secure". But for the average person, it poses _less_ of a risk to their privacy than the realistic alternatives.
Yes but on the same argument the average person is more secure trusting the TLS/SSL icon on their browser than not.
This is one of my problems with the blog post is its self contradictory.
On one hand, "We should herd the ignorant sheep to the most secure plateform."
On the other hand, "We need to whine about how insecure and buggy TLS/SSL is."
Self contradiction.
If the point of gmail is to herd people to the most secure platform, then you can't tell people to not trust TLS since its really is the most secure platform for web communication.
SSL and Full Disk Encryption are not secure, but gmail is because gmail is a leader in email encryption. What does gmail use to encrypt emails between its server you ask?
SSL/NSS the cryptographically standard... Which the blog post already said was insecure. It reeks of corporate cargo-cult mentality. Google said this is secure, therefore it is secure.
The truth about security is you are never secure. If somebody wants to hack you, they will given enough time. All you can do is force them to spend more time. There will always be the first time an academic attack vector is used in the wild.
It maybe used on you.
:.:.:
One positive note. The blog post didn't use, "Freeze the ram with liquid nitrogen" Paper to talk about Full Disk Encryption being broken.