First, just to make clear, those were separate events...
Yup.
Also have seen that comic. So, you were basically saying:
encryption helps, and the actual encryption is the strongest point
the weak points are the people (prone to messing up) and (filling in my own list) things like leaving your computer on and unattended, only locking your screen vs. shutting down, having non-encrypted swap/var/etc, and the like.
further, trying to strengthen the weak points is generally accomplished via a method that further increases susceptibility to human error, whereas the encryption itself was fine as it its.
That’s correct, except your last bullet (to be clearer, if this is what you meant) should say that you can strengthen the weak points by making the system less susceptible to human error.
I was about to say no, but realize that I did write that incorrectly. To re-write, it would have redundantly said:
trying to strengthen the strong points is generally accomplished via a method that further increases susceptibility to human error (you have to implement “hand-done” encryption), whereas the encryption (the existing strong point) was fine as it was.
Does that help? I did have it wrong, thinking that implementing some form of hand-done encryption was an attempt to strengthen the weak points… but such activity would actually be in the “already-strong” category.
Yup.
Also have seen that comic. So, you were basically saying:
encryption helps, and the actual encryption is the strongest point
the weak points are the people (prone to messing up) and (filling in my own list) things like leaving your computer on and unattended, only locking your screen vs. shutting down, having non-encrypted swap/var/etc, and the like.
further, trying to strengthen the weak points is generally accomplished via a method that further increases susceptibility to human error, whereas the encryption itself was fine as it its.
Sound good?
That’s correct, except your last bullet (to be clearer, if this is what you meant) should say that you can strengthen the weak points by making the system less susceptible to human error.
I was about to say no, but realize that I did write that incorrectly. To re-write, it would have redundantly said:
Does that help? I did have it wrong, thinking that implementing some form of hand-done encryption was an attempt to strengthen the weak points… but such activity would actually be in the “already-strong” category.
You have it correct now. :)