🪟 Windows ➡️ A Windows tool for emergency privacy: instantly deletes sensitive data and active logins to protect my information during unexpected searches or house warrants. - bugfishtm/bugfish-nuke
Your encryption might take the age of the universe to break with current computing hardware, but we wouldn’t be having this conversation if vacuum tubes were still a thing. 1024-bit DKIM used to be the gold standard, now it’s unusably weak and 2048-bit is king, due to advances in computing hardware.
Are you really going to bet we don’t make faster computers in the next 20 years? Or that you’ll be aware an adversary can break your encryption the instant they have the capability?
Uh-huh. Scenario: you’re breached and your encrypted data is exfiltrated. Please describe the update process for the encryption of the copy the attackers now hold.
And the point of my original comment is that encryption alone will not save you; please go read the thread from the start. All I’ve been saying is that sometimes destroying the data before an imminent breach, like this tool does, is the only way to be sure you haven’t been breached. The person I responded to clearly thinks encryption would be enough and this tool is unnecessary even in the event of a breach, as does every response after, including yours, and that is simply untrue. Encrypt, and consider using this tool or one like it. Like you said, hammer + nail (though that isn’t a guarantee 😋).
Sorry, I don’t mean to say it’s unnecessary in the event of a breach, you’re absolutely correct there, I was just spitballing on the idea of encryptions without self-destruct buttons in majority non I-am-highly-targeted-by-CIA scenarios, how vigilant you’d have to be. With house warrants for instance, I was like “well, as the likelihood of them going being able to decrypt increases you should be on the look-out for alternative methods or harder encryption yeah”
All good, thanks for clarifying! Yeah, the warrantless searches the government thinks they can do, along with the ability to change the rules to target anyone they don’t like, means that everyone is now in a “highly targeted by the CIA” scenario. At least, I’ve updated my threat model, and I’m ready to nuke everything at the first kick on my door. I don’t have anything to hide, but I also don’t plan to give anyone anything without my consent.
In a billion years I’m probably irrelevant. But is the data on my system right still relevant to anyone even in just 20 years time? I doubt it. No passwords or tokens will be valid anymore. Worst case they see some family photos or old browser history
That is assuming anyone still gives two hoots about your data by the time that lock can be cracked by anything that’s not a supercomputer
Your encryption might take the age of the universe to break with current computing hardware, but we wouldn’t be having this conversation if vacuum tubes were still a thing. 1024-bit DKIM used to be the gold standard, now it’s unusably weak and 2048-bit is king, due to advances in computing hardware.
Are you really going to bet we don’t make faster computers in the next 20 years? Or that you’ll be aware an adversary can break your encryption the instant they have the capability?
Modern solutions for modern problems, ie, update as needed (and algorithms potentially invented)
Alternatively hide it under the floorboards, with a nail over it and a hammer nearby as needed
Uh-huh. Scenario: you’re breached and your encrypted data is exfiltrated. Please describe the update process for the encryption of the copy the attackers now hold.
I was by no means saying this is an ‘after breach’ scenario. Modern solutions don’t save you retroactively, that wasn’t the point.
And the point of my original comment is that encryption alone will not save you; please go read the thread from the start. All I’ve been saying is that sometimes destroying the data before an imminent breach, like this tool does, is the only way to be sure you haven’t been breached. The person I responded to clearly thinks encryption would be enough and this tool is unnecessary even in the event of a breach, as does every response after, including yours, and that is simply untrue. Encrypt, and consider using this tool or one like it. Like you said, hammer + nail (though that isn’t a guarantee 😋).
Sorry, I don’t mean to say it’s unnecessary in the event of a breach, you’re absolutely correct there, I was just spitballing on the idea of encryptions without self-destruct buttons in majority non I-am-highly-targeted-by-CIA scenarios, how vigilant you’d have to be. With house warrants for instance, I was like “well, as the likelihood of them going being able to decrypt increases you should be on the look-out for alternative methods or harder encryption yeah”
All good, thanks for clarifying! Yeah, the warrantless searches the government thinks they can do, along with the ability to change the rules to target anyone they don’t like, means that everyone is now in a “highly targeted by the CIA” scenario. At least, I’ve updated my threat model, and I’m ready to nuke everything at the first kick on my door. I don’t have anything to hide, but I also don’t plan to give anyone anything without my consent.
Fair
In a billion years I’m probably irrelevant. But is the data on my system right still relevant to anyone even in just 20 years time? I doubt it. No passwords or tokens will be valid anymore. Worst case they see some family photos or old browser history