[bulibuta]

> Let's hope your office is secure since your security model relies on preventing physical access.

It doesn't have to be physical. I can just store documents on a server that I own and have control over. That still doesn't make it secure because I have to watchout for 0-days and what not. And even then it wouldn't be secure.

But at least I have controllability and observability. I can access and modify them anytime I want to and I also know when someone had unauthorized access to them.

Of course this is not entirely true in Mission Impossible like scenarios. And I'm not saying everyone should do what I do.

But I profundly dislike the superior attitude in articles such as these where the author tells me what to do and asks me why I'm not doing it yet.