[Cryptography] Liberty Safe reveals that it has backdoor access to it's physical safes and provides access to law enforcement.

[sybershock.com]

On Sat, 16 Sep 2023 00:52:19 +0200 (CEST)
efc--- via cryptography <cryptography at metzdowd.com> wrote:

> This is very interesting to me, because the trend the last couple of
> years in my opinion have been ever more factors added, be they sms,
> email, google authenticator, apps and so on.
> 
> Another trend in recent years, is increasing consolidation into
> centralized, online, password repositories like lastpass who then
> become very attractive targets.
> 
> Would you say that long, high-quality password _only_ overall are
> more secure?

I like to compare it to having one basket of eggs in one spot, and many
baskets of eggs in many places. If your one basket of eggs has the
master key to all the other stronger keys, is it easier to get the one
basket, or the many baskets with weaker keys? So in this scenario
cipher strength is not the most important factor for security. With a
single basket one fox or pick-pocket or one search warrant can own all
of your eggs for all your services.

> And if not, what would be your choice when it comes to protecting a
> internet connected server in todays day and age?

Do you mean protecting the server itself, or protecting the user's
authentication credentials, or do you mean protecting data at rest?

As a catch-all, I think that sensitive data should not be stored on
Internet-connected servers or any device that responds to incoming
requests. Public servers should only relay such data between clients,
not store it.

-- 
SugarBug  | https://sybershock.com | NNTP | Usenet | Forum
Fediverse | https://syfershock.com/users/syfershock
NightBulb | https://nightbulb.net  | Flip the night switch.