undefined | Better HN

0 pointssurgical_fire6mo ago0 comments

Convenience and security are not opposite to one another, they are orthogonal. Inconvenient means to prove your identity may be terribly insecure, and still be inconvenient.

0 comments

flir6mo ago

Ok. Well I gave a couple of examples of what I'm getting at.

So how can a convenient way to establish a digital identity also be secure? To run with the see-saw analogy, what element would of that process would make the process both more convenient and more secure? (make the see-saw rise at both ends).

surgical_fireOP5mo ago

My point of them being orthogonal is that both ends of the seesaw can come down together. The logical conclusion is that they can come up together. In other words, it is not a seesaw.

Counter example - the usage of a password manager so that you have strong passwords on every service. It is extremely convenient (I don't have to remember passwords anymore, just the one for the password manager). It is also inherently more secure, as I can now use a different strong password for every service.

flir5mo ago

Random follow-up thought:

If the password manager is cloud backed, you're at risk of a LastPass-style data breach. If it's local only, you're at risk of someone confiscating your device also removing your access to all your online tools.

(I think I'm edging towards "measuring secureness is really hard", which isn't where either of us came in).

1 more reply

flir5mo ago

I think that's a really good counterexample that proves that my model isn't universally true.

j / k navigate · click thread line to collapse

0 comments

flir6mo ago

Ok. Well I gave a couple of examples of what I'm getting at.

surgical_fireOP5mo ago

My point of them being orthogonal is that both ends of the seesaw can come down together. The logical conclusion is that they can come up together. In other words, it is not a seesaw.

flir5mo ago

Random follow-up thought:

(I think I'm edging towards "measuring secureness is really hard", which isn't where either of us came in).

1 more reply

flir5mo ago

I think that's a really good counterexample that proves that my model isn't universally true.

j / k navigate · click thread line to collapse