[sandroyong]

Bruce Schneier was a great proponent of cryptography. In he lat 90's, he touted encryption as the end-all of security measures. Since then, he has backed off his claim. (He later went on and continues to be a proponent of legislative laws for proper surveillance and forcing companies to be more security compliant). So, even Bruce doesn't think encryption is a good idea.

Excerpt from a 1998 essay, "Security Pitfalls in Cryptography" that sums it all up:

"Strong cryptography is very powerful when it is done right, but it is not a panacea. Focusing on the cryptographic algorithms while ignoring other aspects of security is like defending your house not by building a fence around it, but by putting an immense stake into the ground and hoping that the adversary runs right into it. Smart attackers will just go around the algorithms."

[throwaway64]

that is not the same thing as him saying "encryption isn't a good idea"

[sandroyong]

I agree. Encryption is a good idea, but I just don't think it's all that practical. If people really wanted to crack encryption, the technology is there (and if the person has the patience and time) it will be cracked. And they don't want to spend the time and effort to get that encrypted info, there are other ways to really get at it. The user still remains the unpredictable variable and weakest link in network security. I just think there are better ways to secure networks and the internet...