Right, this is an example of a minor change in approach - you recompromise after the phone is rebooted, or wait until you knew earnings are about to be released. Would you agree that lack of long term persistence does not prevent those two attacks?
It *is* the reality that we have to choose which mitigations and security boundaries we want to support. The benefit of non-persistence is negligible, and only applies in very contrived scenarios.... Is that really "defense-in-depth"? The term has lost all meaning lol.
-
-
The cost to develop/support each security measure is not equal. I'd rather have non-persistence now and perfect security in 10 years than have persistence now and perfect security in 9.5 years.
-
Yes, I get that you are all-in on this buzzword. If the contrived scenarios you have to invent to justify it don't convince you that's all it is, then I don't know what will!
- 14 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.