[Swizec]

> The problem is that quite often security professionals say "No", provide reasons, and the person doing the asking insists that convenience is more important than security.

The real problem is that this is true. Just like the fastest and most error-free code is an empty file.

So you are left with tradeoffs.

[andrewflnr]

When security breaches can kill people, you'd better be able to prove that lack of convenience kills even more people, and that there are no other options.

[fabulist]

It seems to me like refusing to provide this convenience did lead to a dangerous breach of protocol.

Without endorsing Clinton's actions, lets learn from this.

[andrewflnr]

Without endorsing the NSA's actions, no. Clinton's reckless disregard for security led to a dangerous breach of protocol. The fact that anyone else might have done the same in that situation makes not the slightest difference to me. If no one will give you a parachute, do you say "screw it" and go skydiving anyway? No, that would be stupid. The reason for the refusal is immaterial.

[jack9]

Until that empty file has the inode edited so it replaced . in a folder, leaving a particularly difficult-to-notice/find backdoor in an SPARC system.