encryption

Derek Atkins warlord at MIT.EDU
Mon Oct 1 13:59:10 EDT 2007


"Toan T Nguyen" <nguyenthetoan at gmail.com> writes:

> Can't say I agree with this. This kind of thinking is the main reason
> why Windows is much more user-friendly than Linux. Even a poor
> security implementation in gnucash is better than none. 

Sorry, I disagree.  Giving a user a false sense of security, or
security-through-obscurity, is just a disservice to the user.
It will also stop them from performing REAL crypto and using
real security systems.  Man, if I had a dollar for every time
I've heard someone say "but <Foo> already has security, so I don't
need to use <bar>".

>     Locks are
> intended to keep honest person honest!, they can not defer criminals.
> Same thing with a gnucash encryption implementation. A paranoid user
> can always add more security layer to a basic Gnucash implementation.

We already have basic locks:

1) File/Directory permissions
2) A Lock File (to inform a second user that the data file is present)

Sorry, I still stand by our choice to not dis-serve our users.

> Please remember to CC this list on all your replies.
> You can do this by using Reply-To-List or Reply-All.

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord at MIT.EDU                        PGP key available


More information about the gnucash-user mailing list