On 07/29/2015 07:40 PM, Chris Murphy wrote: > On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: > >> Security is *always* opposed to convenience. > False. OS X by default runs only signed binaries, and if they come > from the App Store they run in a sandbox. User gains significant > security with this, and are completely unaware of it. There is no > inconvenience. While I agree with you about the long-term viability of passwords, I'll disagree with this statement. There is a loss of convenience with signed binaries from a store: the user can no longer install directly from the program vendor's website but must go through the walled garden of the store, and developers are held hostage to having to meet the store's policy or get their signing key revoked and/or their app 'de-stored' or worse. There is significant inconvenience to users when their app is removed from the store for whatever reason and they cannot get updates (or reinstall their app, for which they may have paid a fee) anymore because the app is no longer in the store (and that could be for arbitrary reasons, including political ones). This is, of course, the case to a more limited degree with CentOS and signed packages, since packages can be removed from repositories and installation of packages by default requires signed packages (but it's not as inconvenient, nor is it as secure, as the OS X model of only allowing signed binaries to run). For that comparison, repository = store. > What is the inconvenience of encrypting your device compared to the > security? Zero vs a ton more secure (either when turned off and data > is at rest or a remote kill that makes it very fast to effectively > wipe all data) Or a hackable remote kill that allows an attacker to wipe you device out from under you. Or now the inconvenience of losing access to the encrypted volume because you forgot the exact spelling of that ten word seventy-five character passphrase and you're locked out and no data recovery tool out there will get your files back. Security and convenience are always at odds with each other; more secure = less convenient in some form or fashion; even if you have to dig for the loss of convenience there will be a loss of convenience somewhere for increased security.