[Cryptography] Windows... Your choice but make it informed.

Phillip Hallam-Baker phill at hallambaker.com
Sat Aug 1 13:38:07 EDT 2015 

On Fri, Jul 31, 2015 at 10:11 PM, Tom Mitchell <mitch at niftyegg.com> wrote:

> On Wed, Jul 29, 2015 at 10:41 AM, Ray Dillinger <bear at sonic.net> wrote:
>
>>
>> What Microsoft is up to these days...
>>
>> http://thenextweb.com/microsoft/2015/07/29/wind-nos/
>>
>
>
> I am with you but it is more complex than just this.
> That alone is troubling.
>
> More interesting...
> The answer is unfolding and not 100% clear.
>

I think folk are not quite appreciating that what Microsoft is trying to do
here is actually very hard to do and as far as the typical user is
concerned, protecting their data for confidentiality is a lot less of a
concern for them than the risk they might lose their data.

None of the consumer products come with strong encryption turned on out of
the box. So what Microsoft is offering here needs to be compared to the
alternative of no encryption at all. It is a big improvement. When Vista
was launched, the main upgrade was to security which in turn meant a huge
increase in workload for system admins. So to avoid the need for all that
extra work, the system admins found it much easier to convince people that
what they really wanted to do was run Windows XP.


That said, I think Microsoft has to consider their position very carefully
because they are now caught between a rock and a hard place. On the one
hand they are going to have a huge blowback from the lazy system admins and
users upset at losing all their data if they try to force people to use too
much security. On the other they face a huge blowback from the privacy
advocates if their solution is to back everything up to a trusted Microsoft
cloud. And yes, there is a huge intersection between the two groups.

I think I have an answer for them. The problem with Microsoft's cloud is
that we are forced to trust it. But the Mesh I am working on provides the
same set of capabilities without requiring the end users to trust it.

Now my solution isn't for everyone, you would have to have enough skill to
be able to print out the recovery codes on paper and store them somewhere
safe. But offering it as an option would be a way to avoid the privacy
onslaught facing them.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150801/41bbdd99/attachment.html>

More information about the cryptography mailing list