Comment by JumpCrisscross
14 hours ago
> Why would I settle for a rough equivalence?
They're equivalent in security. The digital method is more convenient (albeit more error prone). What confers the security is the print-scan step. Whether one is redacting in between or before doesn't change much.
You'd still want to do a tabula rasa and manual post-pass with both methods.
> point was about the chance of making mistakes in redaction
Best practice is humans redacting in multiple passes for good reason. It's less error prone than relying on a "smart" redactor, which is mostly corporate CYA kit.
> They're equivalent in security
They aren't, security is defined as the amount of information you leak. If you have an inferior process where you're substituting the correct digital match with an in incorrect manual match, you're reducing security
> albeit more error prone
The opposite, you can't find all 925 cases of the word Xyz as efficiently on paper without the ease of a digital text search, my guess is you just have made up a different comparison (e.g., a human spending 100hrs reading paper vs some "smart" app doing 1 min of redactions) vs. the actual process quoted and criticized in my original comment
> Whether one is redacting in between or before doesn't change much
It does, the chance to make a mistake differs in these cases! Printing & scanning can't help you here, it's a totally set of mistakes
> Best practice
But this conversation is about a specific blogged-about reality, not your best practice theory!