Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

And it will always be happening, as long as data gets stored.

The only way to prevent it is to not store data.



That's not entirely true. Take for example, passwords. If your requirement is "store passwords securely, so they can only be used to check logins", then you implement that as salted, one-way encryption. But if you add the shadow requirement "and be able to retrieve anyone's password when the government requests it", then your password storage will inevitably be much more vulnerable.


Short of a one-time pad, there's no such thing as truly secure, only theoretically secure according to time and processing constraints.

I'm not trying to be pedantic, I'm just saying, it's not mathematically impossible to crack a salted encryption without the cipher key.


Agreed, data not stored is more secure than data that's stored, but I stand by my point that data stored in such a way as to provide the minimal necessary access can be substantially more secure than data stored in such a way as to provide that access, plus additional back-door access for spooks.


The only way? I beg to differ.

There is always more than one way to skin a cat.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: