I have a hard time understanding the emojis as measurement units here. If you u se from 1 to 5 I can easily follow, but emojis are abstract and open to different interpretations.
There are only two emoji in the table: “Neutral Face” and “Face Screaming in Fear”. It’s a rough measurement of feeling, not a detailed pain scale. If it helps, consider (in the “Passwords” line) the leftmost one to be 1 (“meh, don’t really care”) and the rightmost to be 5 (“oh no, huge loss”).
I would suggest using password-based encryption rather than anything that forces auto-generated keys or what-have-you (like an SSH private key). Can't guarantee you'll always remember that password, but you'll have a fighting chance. And if instead you still insist on using some gibberishy key, more than likely you'll end up using PBE to keep track of it in some sort of repo anyhow, right?
The answer to every single category is "yes" to whether its worth encrypting. The question isn't whether or not data is worth encrypting, it's whether it's worth encrypting in ways which have worse user ergonomics as a trade-off to potentially better security. There is literally no reason in 2023 why normal users should not have full-disk encryption enabled on every single device and be using a password manager, both tied to on-device secure biometrics (think TouchID).
There is a reason to avoid full disk encryption for average, "normal", users: What happens when the user loses/ forgets their password?
Most (in my experience) users don't have backups for their devices. Some data, like pictures, are maybe 'backed up" by the cloud provider of their choice via their phones. Further, some users may store important files in multiple places but most don't. And losing data is a real pita.
Windows stores the keys inside the cloud by default. This is not optimal, but reduces the lost key scenario a lot. But it also protects the data on a lost laptop, as long as the attacker doesn’t get access to your Microsoft account.
First I’m hearing of this, but I’m unsurprised given how it’s basically impossible to install windows without creating a Microsoft account.
I really respect Microsoft core engineers, but wish they’d revolt and quit over the team focused on driving profits via toxic behaviours like online account requirements, and embedding one drive into everything. I even get spam emails *from* Microsoft on newly created corporate o365 accounts, like what the actual fuck is wrong with them to think that’s okay?
I think their strategy makes a lot of sense. If you want to live off the grid, you can use Linux. Since everything is now a web app (also Microsoft products), that’s easier then ever.
Spoken like a true Microsoft marketing department employee two cups deep into the koolaid arrogant enough to think the only two roads are ‘my way or the highway’
For your average home user, it's probably the better option, even if I as an individual don't like it at all. Not every person's specific needs/wants are the same. I've had encrypted Linux volumes become inaccessible because of a changed password when I wasn't able to come back to that system for a few days after and frankly forgot the specific combination of words used.
Luckily I did have backups... but it could have been worse. A mom losing all the baby footage of their child because of lost/broken/damaged encryption is not a pleasant thing to explain to someone.
Stop buying into the perception that your computer, and the data on it belongs to the OS author, or the author of the software that is running on it.
It does not. It belongs to you. The person who bought it. It is yours to shove bits through as you please. The industry is just incessant on reserving that level of control over everyone's systems for themselves, and trying to convince you, that no, they really know best, and you should pay them and hand them your data. They'll swear up and down that isn't what they are doing, but their actions say otherwise.
You can force the installer to let you make a local account by killing your Internet connectivity (Airplane mode, toggle wifi adapter off with hardware cutout, or last resort, drop the network if the machine in question is one of those absolutely terrible) laptops without hardware kill switches.)
...That you have to go to such lengths to do so is a thing worthy of ridicule.
For now. You also have to go to great lengths to remove one drive on both desktop and 0365. The amount of times I’ve accidentally uploaded data to one drive cloud tenancies I do not own is insane. If I trigger a data breach, I’ll blame the Microsoft UI.
I know, but this scenario may soon be in the past. With smartphones and also ARM macs there is no feasible way to directly access the storage. And at least with apple devices encryption is the standard. It’s not even possible to run them unencrypted anymore.
Their issue wasn't encryption, it was that they didn't have backups (of the data and/or encryption key). Data without backups is already lost, you just don't know it yet.
But I think you're overestimating the capabilities of an average user.
I'd be comfortable guess 60%+ of users don't know how to manually copy files to an external drive with any sort of reliability. ETA: Unless you're willing to spend three or four hours a user teaching them, forever become their personal IT service, and recognize that there's _still_ a non-neglible chance they copy the wrong thing, it's not always worth it.
In other words, if your data is worth backing up, it's worth encrypting. Also, if you'd rather lose it than let it fall into wrong hands, it's worth encrypting.
Else it's just a jot pad containing nothing sensitive, and can as well be plaintext.
Eh, for me it’s more likely that I would mismanage the key to my photo backup than it is someone would steal my backup media or otherwise attack it. I would certainly much rather have unauthorized access to my photos than for me to lose access to them. That doesn’t mean I’m going to take zero precautions toward preventing unauthorized access, but I’m going to prefer unauthorized access to data loss.
Not true e.g. I have a large amount of bespoke ISOs/installers/etc I don't want to lose and have to find again but I don't really give a damn if someone got access to them and was able to e.g. install Sim City 4 without my permission. This is even true with a good amount of my unique data. I'm not worried if someone has access to my video game saves or anything in my dotfiles that isn't explicitly crypto (e.g. an SSH key) or so on but it'd be a real PITA to lose those.
I backup a good deal of things but I encrypt only a small subset.
Full disk encryption has been the default on iOS devices for nearly a decade and it hasn't really been a problem. People don't generally forget passwords they use several times a day.
A counter, or perhaps extension example to this: say I had a phone ten years ago that had full disk encryption. Since then, I've migrated to a new phone, but kept the old one around to have access to the pictures. Ten years on, I finally have the desire to go and look and... now I realize I have a paperweight because I can't remember the password.
Is this an actual issue? Who keeps an old phone around as a data vault like that? Both iOS and Android have had off-device photo syncing for at least a decade. The intersection of people that 1) leave an old phone in a drawer as a photo vault and 2) never used any sort of photo syncing is not nearly large enough that FDE is in any way problematic for most people.
Yes? I mean, it exists and I know of at least a half dozen people in immediate proximity to me that have kept old devices around in case they want their photos later. Some have them backed up elsewhere as well, sure. Contrary to your assertion, I'd guess the opposite - I suspect there's a large number of people, especially non-technical people, with phones in drawers with information they'd like to have available for "some day." Obviously speculation based on my own experience.
WRT the off device syncing being default, that is fine up to the Xgb that the provider offers free, anything beyond that is not synced without a monthly subscription, and the same people I know that are keeping phones around are also not paying for that.
> What happens when the user loses/ forgets their password?
When your password is the same password you use to login to your device and/or your fingerprint or faceprint, it's a bit hard to "lose". That's exactly what I mean by user ergonomics trade-offs. Technically, it might be better to have a different password for important things that are encrypted vs your login password, but in practice what matters is that the average user's device is basically a brick to a thief both from the perspective of using said device on the black market or stealing the user's data.
Maybe this is one of those weird splits that now exists in the world between people who operate in sane UX ecosystems like Apple-land vs those who continue to accept unending abuse from Microsoft and Google in the Windows/Android cesspit. I just don't see the issue you're describing occurring for most average users in 2023, at least in the West.
>There is literally no reason in 2023 why normal users should not have full-disk encryption enabled on every single device and be using a password manager, both tied to on-device secure biometrics (think TouchID).
Data recovery. Key loss. Being able to put the drive into another computer and get data off is more common to the average user than someone physically compromising their computer and trying to read their secrets.
This is not completely true... there were many cases where repair technicians went looking through peoples personal data when the computer (or tablet, phone,...) was brought in for repair. With an inability to physically remove the hard drive in some computers (ahem, the fruit ones), encryption is the only way to keep your data safe when you have to give your device to someone else (even if for repair).
I lost my encryption key for matrix recently and lost a few conversations because of it (despite saving them both as a file and as an email). Just this makes me want to never ever touch anything fully encrypted again with a ten kilometre pole.
I am technically competant enough to have full disk encryption and a whole bunch of other things.
If I were to die, is my wife though? No. She is not. So if I want her to access stuff if I die, then that means me leaving documentation for her. Which doesn't really result in better security - how can I encrypt stuff I've had to literally print out.
At a certain point encryption becomes useless (Full disk encryption with a short password, or one written on a sticky note near the device, etc).
I'm not familiar with how Mac does things, but some of those solutions
prioritize security over reliability and store the keys in a crypto processor that can't be backed up, leaving no way to recover the drive if they break.
I think a great middle ground for embracing the cloud but retaining control over your data is the ability to bring your own encryption key.
This makes it possible for the SaaS to do the thing that you pay them money to do, but retain control if you want to walk away. Plus it guarantees that they are doing some sort of field/row encryption to be able to mix in keys.
The crux is that to do BYOK securely, you need guarantees that the key is handled correctly and in an ideal world, some sort of verification. That doesn't mean code auditing by every customer...I favor granting access to a key that can only be released into a secure enclave for sensitive SaaS operations to reside within.
But for now, let’s just treat each piece of data as having a single copy that’s encrypted with a single text key
No. Let's not. That's not how encryption works. It's barely how encryption worked in the 1990s. The author of this piece has built a disproportionately strong connection in their mental model between ciphertext and some singular key. But we don't need advanced techniques and horcruxes and whatnot to break that link: you can just encrypt the key with another key, or several different keys.
If they assume they have a magic place to put their unencrypted priceless data which guarantees the data will never be lost, they could simply encrypt everything and put the key in the magic place.
I disagree. The author is trying to classify the actual value and sensitivity of data. I don’t agree with all of his assessments, but it’s a thought experiment worth having.
Crypto stuff is mostly bread and circus because the key isn’t controlled by the end user, and the end user usually isn’t qualified to handle the key. No commercial B2C service meets the standards required to store truly sensitive data, unless an informed user goes out of their way and has the discipline to do so.
Encryption is emphasized because it’s critical to offering services, not because people need it or it does what we think it does. Losing the ability to have removable, storage that’s physically manageable created most of this problem for people, and the industry solved the problem that it created for us. Your medical records 20 years ago only existed in plaintext as paper in a folder in an office. Now they are in a document management system exposed to exponentially more risk.
9/10 times, the most secure backup available to an ordinary person is a USB key placed in a secure place in your home. Criminals can’t get it, and if the police are after you they need a warrant, service of which is known to you, and it easy to make copies, destroy or relocate it.
No, the point he's making (and you're making) is orthogonal to the question of whether data should be encrypted. In fact, he goes out of his way to make the point that encryption necessitates all-or-none access control that puts data at risk, suggesting the tradeoff isn't worth it for, e.g., wedding photos. That's whack logic. Manage the keys for your wedding photos so it isn't all-or-none. That's just engineering; it's not the binary question of whether you need to expose plaintext to make the security model work.
Again: in serious cryptography, keys encrypt (or derive) other keys. You can have lots of keys, and you can unlock them lots of different ways.
This is a bit of a non-article. It barely makes any point, and I'm not even sure who the target audience is.
> But encryption may not be silver bullet we often treat it as. An encryption algorithm like AES doesn’t know if the file it’s concealing holds a wedding photo, a recipe, or a list of all your passwords.
Is the author just ignoring the fact that you can (and should!) have multiple encrypted backups, including password protected versions of the encryption key? The entire premise falls apart the moment you assume a reasonable backup strategy.
I would guess that less than 1% of the population has multiple encrypted backups, included password protected versions of the encryption key.
To some HN'ers what you describe is a "reasonable backup strategy". But to every person I know who doesn't work in tech, what you're describing, not only are they unaware of even these concepts, but they wouldn't have the slightest idea of how to even go about them. Multiple encrypted backups?
So if less than 1% of people do something, I don't think it's reasonable to call it reasonable. :)
> I would guess that less than 1% of the population has multiple encrypted backups, included password protected versions of the encryption key.
A quick search concludes that while the consumer-focused cloud backup market in the US is only seeing incremental growth (17% CAGR), it currently represents around $15B/yr. [1]
If you just do some back of napkin math based on the yearly cost of a Backblaze subscription ($70)[2] you can pretty easily come out with a rough estimate of the amount of devices/users utilizing "encrypted backups" which roughly applies to all major players in the consumer/device cloud backup space.
$15B / $70 = 200M devices. The population of the US is ~350M, so roughly 60% of Americans have an "encrypted cloud backup", and I'd say that is actually a /very/ conservative estimate, considering that iOS accounts for 55% of the mobile market share in the US currently and by default enables automated backups to iCloud for connected devices. It also doesn't capture variance in pricing structure, devices that are managed by businesses and have enforced backup policies, and non-cloud based backups (Time Machine, et al). Conservatively though, 2 out of every 3 computing devices (inclusive of tablets and smartphones) you interact with in the wild in the US have "encrypted backups" in addition to whatever default disk encryption is enabled.
There's a lot of stuff being slung around in this subthread that makes me think people's mental models are still set in 2008, not in 2023. My 70s parents have full disk encrypted devices which are backed up via encrypted cloud backups and use a password manager, and I've done little to no coaching, because it's the DEFAULT state of many of their devices and heavily encouraged for enablement during onboarding for devices where it is not default. Have you gone through the OOBE on a new Macbook lately? You are encouraged to connect it to your iCloud account, then enable FileVault 2 with a recovery key stored in iCloud, and then to enable iCloud backups. Of course, there's some dark patterns associated due to the revenue model of iCloud for Apple, but it's also something directly beneficial to the end user.
You're missing the "multiple" part. How many non-tech people are backing up their laptop to Backblaze and a second service or encrypted external drive?
You're also missing part of the "encrypted" part, where the whole point of the article is that it's only effectively encrypted if the cloud provider doesn't have the key (and therefore becomes riskier). And Backblaze doesn't enable private encryption keys by default. Apple doesn't either by default for things like iOS backup.
So yes, what's standard is a single cloud backup that is encrypted at rest, but where the provider still has keys to access it.
In contrast, I very much stand by my less than 1%, if it's encrypted with a private key to multiple backup destinations, which is what the parent I was responding to was describing.
If you have a single unencrypted backup, for the vast, vast majority of people they'll never lose data.
It's common for personal devices to break or get lost. It's also common to lose/forget a private key. So it's pretty easy to lose a device and then also discover already you'd lost/forgetten your key a while ago.
But it's vanishingly rare for big-name consumer cloud services to lose data. And then it's astonishingly unlikely that a cloud service loses your backup and you then you break/lose your personal device before making a new backup.
Does that clarify how you're much more likely to lose data because of encryption?
Super-good encryption seems to be something that is overkill. Obviously, a general flawed encryption scheme isn't good, hackers and states will collect it like crazy.
I think what I'd like is a toolkit for DIY encryption that I could break it if I had to, that I accept that if someone smart SPECIFICALLY targets me they can break it with effort, but the general dragnets/sweeps won't work on. If the government wants the info, they can assign some cryptographer who can break it in a day or two on a single machine if they put eyes on it.
Like here might be my personal encryption: Take some encryption scheme that can be cracked in a day (low bitrate DES or something) on a server. That I know how to break myself. Then maybe some one-off swap of the bit order or something that can be cracked if a human looks at it, but is so one-off that governments or crackers need to SPECIFICALLY target something.
One of the things that would be great would obviously be hiding it in images and the like.
There isn't a lot of guidance on this. IMO it's obviously better than unencrypted, and works in a lot of situations where X person is died, inheritor want to get to their Bitcoins but doesn't have the key. Inheritor knows from will to try X Y and Z to break it.
So we either have AES-256, or you write your passwords on a paper in a safe deposit box. Can we have some guidance on options in the middle?
Keep your keys in your physical wallet. You spend a lot of time managing your wallet and keeping it secure. You've also got strong legal protections over possessions on your person vs stored by a third party.
Your encrypt something on your desktop and you leave the key on the same computer. the hacker simply steals both the file an the key and decrypts it. This explains a lot of encryption failures.
If the data is important enough to you - can't you just guard against losing the key? write it down - put it in a saftey deposit box or something similar.
Framing the choice around an inevitable loss of key seems unecessary to me.
There’s a lot of other things that are interesting about the article, but I’m personally intrigued by the idea that SSNs exist here at all, and are categorized in the way that they are. The social security numbers of a decent percentage of the population have already been leaked and are fully compromised, and the multitude of places that a person needs to provide the SSN means for everybody else, they’re about as secret as their checking account number.
Not to mention that the only place in the world that uses SSN is the US. Other places have a similar identification number scheme, but are not private or secret.
Everything is worth encrypting by default. It's the digital equivalent of putting a lock on your front door.
In addition to having passwords (pass phrases), have multiple keys. Store master keys (for sets of disks) in a fireproof lockbox on a usb stick, refreshed occasionally. Store it in some secure third location.
It's like having the key to your storage box or your house. Encryption doesn't prevent someone from absconding with your data on the web- it prevents someone with physical access from taking off with your data.
Have multiple copies on different key chains. If it works in the real world, it works here just the same.
I rarely encrypt my files because it's usually much easier to recover data from crashes, stuffed disks etc. when data isn't encrypted. Simlpy, encrypted gobbledygook cannot be easily sorted out from random data, coherent data—even when broken into small chunks—is more recognizable than broken encrypted bits.
The most annoying aspect of many encryption programs is that they are not specified for recovery in cases when the encrypted data stream become broken. For example, you've a hard disk failure where a certain percentage of the sectors on the disk are irrecoverable then the question of how well the encryption program can recover the remaining data becomes important.
In my experience, recovering the remaining data from the remanents of the encrypted data is essentially nigh on impossible. My rule is to not encrypt unless I've guaranteed multiple backups.
I've often wondered why more attention isn't paid to this problem.
74 comments
[ 2.5 ms ] story [ 53.8 ms ] threadMost (in my experience) users don't have backups for their devices. Some data, like pictures, are maybe 'backed up" by the cloud provider of their choice via their phones. Further, some users may store important files in multiple places but most don't. And losing data is a real pita.
I really respect Microsoft core engineers, but wish they’d revolt and quit over the team focused on driving profits via toxic behaviours like online account requirements, and embedding one drive into everything. I even get spam emails *from* Microsoft on newly created corporate o365 accounts, like what the actual fuck is wrong with them to think that’s okay?
Luckily I did have backups... but it could have been worse. A mom losing all the baby footage of their child because of lost/broken/damaged encryption is not a pleasant thing to explain to someone.
Are you employed by Microsoft, or have any professional association with the company?
Stop buying into the perception that your computer, and the data on it belongs to the OS author, or the author of the software that is running on it.
It does not. It belongs to you. The person who bought it. It is yours to shove bits through as you please. The industry is just incessant on reserving that level of control over everyone's systems for themselves, and trying to convince you, that no, they really know best, and you should pay them and hand them your data. They'll swear up and down that isn't what they are doing, but their actions say otherwise.
...That you have to go to such lengths to do so is a thing worthy of ridicule.
The number of times I've had to bail someone out because they wrecked their computer and I had to pull their HDD/SSD is a _lot_.
If they didn't encrypt their cloud content but lost their password, it's recoverable, the same as from an unencrypted hard drive.
If they encrypt it, they're SOL.
If people are doing things right, everything should be encrypted.
"Average users" don't do things right.
I hate saying it, but experience has played this out for me time and time again.
Instead of discouraging encryption, use it as a way to encourage backups in the future.
But I think you're overestimating the capabilities of an average user.
I'd be comfortable guess 60%+ of users don't know how to manually copy files to an external drive with any sort of reliability. ETA: Unless you're willing to spend three or four hours a user teaching them, forever become their personal IT service, and recognize that there's _still_ a non-neglible chance they copy the wrong thing, it's not always worth it.
Else it's just a jot pad containing nothing sensitive, and can as well be plaintext.
I backup a good deal of things but I encrypt only a small subset.
Yes? I mean, it exists and I know of at least a half dozen people in immediate proximity to me that have kept old devices around in case they want their photos later. Some have them backed up elsewhere as well, sure. Contrary to your assertion, I'd guess the opposite - I suspect there's a large number of people, especially non-technical people, with phones in drawers with information they'd like to have available for "some day." Obviously speculation based on my own experience.
WRT the off device syncing being default, that is fine up to the Xgb that the provider offers free, anything beyond that is not synced without a monthly subscription, and the same people I know that are keeping phones around are also not paying for that.
When your password is the same password you use to login to your device and/or your fingerprint or faceprint, it's a bit hard to "lose". That's exactly what I mean by user ergonomics trade-offs. Technically, it might be better to have a different password for important things that are encrypted vs your login password, but in practice what matters is that the average user's device is basically a brick to a thief both from the perspective of using said device on the black market or stealing the user's data.
Maybe this is one of those weird splits that now exists in the world between people who operate in sane UX ecosystems like Apple-land vs those who continue to accept unending abuse from Microsoft and Google in the Windows/Android cesspit. I just don't see the issue you're describing occurring for most average users in 2023, at least in the West.
Right! Not to mention the users with memory problems. That is a lot of people. Dementia is common, just for a start.
Data recovery. Key loss. Being able to put the drive into another computer and get data off is more common to the average user than someone physically compromising their computer and trying to read their secrets.
If I were to die, is my wife though? No. She is not. So if I want her to access stuff if I die, then that means me leaving documentation for her. Which doesn't really result in better security - how can I encrypt stuff I've had to literally print out.
The ergonomics is a HUGE factor.
I'm not familiar with how Mac does things, but some of those solutions prioritize security over reliability and store the keys in a crypto processor that can't be backed up, leaving no way to recover the drive if they break.
This makes it possible for the SaaS to do the thing that you pay them money to do, but retain control if you want to walk away. Plus it guarantees that they are doing some sort of field/row encryption to be able to mix in keys.
The crux is that to do BYOK securely, you need guarantees that the key is handled correctly and in an ideal world, some sort of verification. That doesn't mean code auditing by every customer...I favor granting access to a key that can only be released into a secure enclave for sensitive SaaS operations to reside within.
No. Let's not. That's not how encryption works. It's barely how encryption worked in the 1990s. The author of this piece has built a disproportionately strong connection in their mental model between ciphertext and some singular key. But we don't need advanced techniques and horcruxes and whatnot to break that link: you can just encrypt the key with another key, or several different keys.
Another thing the author seems to have missed: You can distribute a key to multiple places in order to trade security for durability.
Crypto stuff is mostly bread and circus because the key isn’t controlled by the end user, and the end user usually isn’t qualified to handle the key. No commercial B2C service meets the standards required to store truly sensitive data, unless an informed user goes out of their way and has the discipline to do so.
Encryption is emphasized because it’s critical to offering services, not because people need it or it does what we think it does. Losing the ability to have removable, storage that’s physically manageable created most of this problem for people, and the industry solved the problem that it created for us. Your medical records 20 years ago only existed in plaintext as paper in a folder in an office. Now they are in a document management system exposed to exponentially more risk.
9/10 times, the most secure backup available to an ordinary person is a USB key placed in a secure place in your home. Criminals can’t get it, and if the police are after you they need a warrant, service of which is known to you, and it easy to make copies, destroy or relocate it.
Again: in serious cryptography, keys encrypt (or derive) other keys. You can have lots of keys, and you can unlock them lots of different ways.
> But encryption may not be silver bullet we often treat it as. An encryption algorithm like AES doesn’t know if the file it’s concealing holds a wedding photo, a recipe, or a list of all your passwords.
How's that a bad thing?
To some HN'ers what you describe is a "reasonable backup strategy". But to every person I know who doesn't work in tech, what you're describing, not only are they unaware of even these concepts, but they wouldn't have the slightest idea of how to even go about them. Multiple encrypted backups?
So if less than 1% of people do something, I don't think it's reasonable to call it reasonable. :)
A quick search concludes that while the consumer-focused cloud backup market in the US is only seeing incremental growth (17% CAGR), it currently represents around $15B/yr. [1]
If you just do some back of napkin math based on the yearly cost of a Backblaze subscription ($70)[2] you can pretty easily come out with a rough estimate of the amount of devices/users utilizing "encrypted backups" which roughly applies to all major players in the consumer/device cloud backup space.
$15B / $70 = 200M devices. The population of the US is ~350M, so roughly 60% of Americans have an "encrypted cloud backup", and I'd say that is actually a /very/ conservative estimate, considering that iOS accounts for 55% of the mobile market share in the US currently and by default enables automated backups to iCloud for connected devices. It also doesn't capture variance in pricing structure, devices that are managed by businesses and have enforced backup policies, and non-cloud based backups (Time Machine, et al). Conservatively though, 2 out of every 3 computing devices (inclusive of tablets and smartphones) you interact with in the wild in the US have "encrypted backups" in addition to whatever default disk encryption is enabled.
There's a lot of stuff being slung around in this subthread that makes me think people's mental models are still set in 2008, not in 2023. My 70s parents have full disk encrypted devices which are backed up via encrypted cloud backups and use a password manager, and I've done little to no coaching, because it's the DEFAULT state of many of their devices and heavily encouraged for enablement during onboarding for devices where it is not default. Have you gone through the OOBE on a new Macbook lately? You are encouraged to connect it to your iCloud account, then enable FileVault 2 with a recovery key stored in iCloud, and then to enable iCloud backups. Of course, there's some dark patterns associated due to the revenue model of iCloud for Apple, but it's also something directly beneficial to the end user.
[1]: https://www.prnewswire.com/news-releases/cloud-backup-and-re...
[2]: https://www.backblaze.com/backup-pricing.html
You're also missing part of the "encrypted" part, where the whole point of the article is that it's only effectively encrypted if the cloud provider doesn't have the key (and therefore becomes riskier). And Backblaze doesn't enable private encryption keys by default. Apple doesn't either by default for things like iOS backup.
So yes, what's standard is a single cloud backup that is encrypted at rest, but where the provider still has keys to access it.
In contrast, I very much stand by my less than 1%, if it's encrypted with a private key to multiple backup destinations, which is what the parent I was responding to was describing.
It's common for personal devices to break or get lost. It's also common to lose/forget a private key. So it's pretty easy to lose a device and then also discover already you'd lost/forgetten your key a while ago.
But it's vanishingly rare for big-name consumer cloud services to lose data. And then it's astonishingly unlikely that a cloud service loses your backup and you then you break/lose your personal device before making a new backup.
Does that clarify how you're much more likely to lose data because of encryption?
(Emoji won't go through HN's system.)
Old UTF-16, I think. 64K character set. Most languages, but not the astral planes where emoji live.
I think what I'd like is a toolkit for DIY encryption that I could break it if I had to, that I accept that if someone smart SPECIFICALLY targets me they can break it with effort, but the general dragnets/sweeps won't work on. If the government wants the info, they can assign some cryptographer who can break it in a day or two on a single machine if they put eyes on it.
Like here might be my personal encryption: Take some encryption scheme that can be cracked in a day (low bitrate DES or something) on a server. That I know how to break myself. Then maybe some one-off swap of the bit order or something that can be cracked if a human looks at it, but is so one-off that governments or crackers need to SPECIFICALLY target something.
One of the things that would be great would obviously be hiding it in images and the like.
There isn't a lot of guidance on this. IMO it's obviously better than unencrypted, and works in a lot of situations where X person is died, inheritor want to get to their Bitcoins but doesn't have the key. Inheritor knows from will to try X Y and Z to break it.
So we either have AES-256, or you write your passwords on a paper in a safe deposit box. Can we have some guidance on options in the middle?
Framing the choice around an inevitable loss of key seems unecessary to me.
In addition to having passwords (pass phrases), have multiple keys. Store master keys (for sets of disks) in a fireproof lockbox on a usb stick, refreshed occasionally. Store it in some secure third location.
It's like having the key to your storage box or your house. Encryption doesn't prevent someone from absconding with your data on the web- it prevents someone with physical access from taking off with your data.
Have multiple copies on different key chains. If it works in the real world, it works here just the same.
The most annoying aspect of many encryption programs is that they are not specified for recovery in cases when the encrypted data stream become broken. For example, you've a hard disk failure where a certain percentage of the sectors on the disk are irrecoverable then the question of how well the encryption program can recover the remaining data becomes important.
In my experience, recovering the remaining data from the remanents of the encrypted data is essentially nigh on impossible. My rule is to not encrypt unless I've guaranteed multiple backups.
I've often wondered why more attention isn't paid to this problem.