← Back to context

Comment by lucb1e

9 days ago

You're assuming that this needs to protect...

> ... a countries' government entire data?

But the bulk of the data is "boring": important to individuals, but not state security ("sorry Jiyeong, the computer doesn't know if you are a government employee. Apologies if you have rent to make this month!")

There likely exists data where the risk calculation ends up differently, so that you wouldn't store it in this system. For example, for nuke launch codes, they might rather lose than loose them. Better to risk having to reset and re-arm them than to have them hijacked

> Is encryption, [in?] any form, really reliable protection

There's always residual risk. E.g.: can you guarantee that every set of guards that you have watching national datacenters is immune from being bribed?

Copying data around on your own territory thus also carries risks, but you cannot get around it if you want backups for (parts of) the data

People in this thread are discussing specific cryptographic primitives that they think are trustworthy, which I think goes a bit deeper than makes sense here. Readily evident is that there are ciphers trusted by different governments around the world for their communication and storage, and that you can layer them such that all need to be broken before arriving at the plain, original data. There is also evidence in the Snowden archives that (iirc) e.g. PGP could not be broken by the NSA at the time. Several ciphers held up for the last 25+ years and are not expected to be broken by quantum computers either. All of these sources can be drawn upon to arrive at a solid choice for an encryption scheme

3 comments

lucb1e

Reply
makeitdouble  9 days ago

A foreign gov getting all your security researchers and staff's personal info with their family and tax and medical records doesn't sound great.

That's just from the top of my head. Exploiting such a trove of data doesn't sound complicated.

  • lucb1e  9 days ago

    Yeah that ignores about two thirds of my point, including that it would never get to the "Exploiting such a trove of data doesn't sound complicated" stage with a higher probability than storing it within one's own territory

    • makeitdouble  9 days ago

      I'm in agreement with your second point, I think moving data in the country isn't trivial either and requires a pretty strong system. I just don't have much to say on that side, so didn't comment on it.