|
| From: | Jon Bright |
| Subject: | Re: [Monotone-devel] Transport encryption |
| Date: | Thu, 13 Oct 2005 09:59:03 +0200 |
| User-agent: | Mozilla Thunderbird 1.0.6 (Windows/20050716) |
Nathaniel Smith wrote:
So, e.g., for free software projects, encryption is basically meaningless, because the code is public anyway.
I can still think of a couple of cases where it might be useful --- private development of security fixes for foss stuff would be one example. Someone maintaining a website or set of local scripts (for anything, foss, proprietary, whatever) which includes DB passwords in its source might be another.
Aside from that, encryption is just nice to have. I don't really think there are eavesdroppers between me and the hosts I SSH to. Even if there are, I don't really transfer data of any great worth to those hosts*. I think this basic situation is true for a lot of people.
Using SSH is just as easy as using Telnet, though, and avoids me having to think too much about what I'm transferring, whether there are eavesdroppers, etc. The same can be said of encryption in monotone. If (for me as a user) it's nice and simple to use encryption and basically has no noticeable penalty, then I gain the same warm, fuzzy feelings I gain from using SSH --- even if I don't actually really need the encryption.
(* OK, there's the passwords for the hosts --- but if there are eavesdroppers monitoring large amounts of internet traffic, they probably have enough resources not to be too bothered about getting a shiny new shell account.)
-- Jon Bright Silicon Circus Ltd. http://www.siliconcircus.com
| [Prev in Thread] | Current Thread | [Next in Thread] |