GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Embed Notice

HTML Code

Corresponding Notice

  1. Embed this notice
    Tom Bortels (tbortels@infosec.exchange)'s status on Sunday, 15-Feb-2026 06:40:49 JSTTom BortelsTom Bortels
    in reply to
    • Soatok Dreamseeker

    @soatok

    I have an even simpler reason for why E2EE should simply be mandatory table stakes:

    Security is habits. If you consistently do things securely - you don't need to worry as much about mistakes causing an issue.

    I've historically done audit work in AWS. When someone says "do we encrypt EBS?" - the answer is yes. Always. "But what if we don't need it?" - irrelevant. If you always encrypt, it turns a week of audit questions about why you didn't encrypt into "yes it's all encrypted".

    If you use secure communications mechanisms with audited implementations and full end-to-end encryption - certain failure modes are greatly reduced or disappear entirely. Certain questions never need to be answered again. The impact of human mistakes on the part of the user are significantly reduced.

    If doing the right thing is a habit, it makes it harder to do the wrong one.

    I can't drive without a seatbelt. Feels weird. So "I forgot to put my seatbelt on" isn't a failure mode I need to think about. Habits. It's good to feel weird when you do the wrong thing.

    In conversationabout 5 months ago from infosec.exchangepermalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.