[Cryptography] But it's encrypted so it must be OK

[Ray Dillinger]

On 10/29/23 07:25, Joshua Marpet wrote:
> You are vastly overestimating maturity of physical security. :-). I 
> can absolutely assure you that locks are not mature.
I take your meaning - physical locks aren't perfect by any means. But my 
point was that the level of effectiveness they've reached is not 
constantly changing.

The technology available to attack locks is not doubling in 
effectiveness every two years. Making a decision about the security of a 
lock today is just about the same as making a decision about the 
security of a lock half a century ago.  A thief facing a lock made today 
has about the same set of attacks and capabilities available that a 
thief facing a lock made half a century ago has.  Completely revising 
your knowledge and learning the latest facts about locks every few years 
is not a required part of making decisions about locks.  If you knew 
what there was to know about locks half a century ago, you're reasonably 
equipped to evaluate the security of locks today.  If you have some 
new-old-stock locks that were good when they were made half a century 
ago, they're still approximately as good today.

That's what being a mature technology is.

"Mature" doesn't mean absolutely effective.  "Mature" means decisions 
made half a century ago are about as valid today as when they were 
made.  In a mature technology your decision making doesn't need constant 
revision in light of changes in the underlying technology.