Re: [Gnu-arch-users] diary application with tla

[Tom Lord]

    > From: Brian May <address@hidden>

    >     Brian> With vpn/sftp, if somebody breaks into the server, they get
    >     Brian> to read access to everything.

    >     Tom> Ack.  Don't get me wrong, I'm warming up to the idea.  Not
    >     Tom> convinced yet, but considering.

    >     Tom> Someone should pay for it or do it themselves, really:
    >     Tom> Non-commercial FOSS projects mostly don't care about this
    >     Tom> kind of stuff while companies, _especially_ with such heavy
    >     Tom> emphasis on outsourcing these days, are the more likely to
    >     Tom> benefit.

    > The issue here seems to be what non-commercial projects require this
    > level of security?

Sort of.  More like cost of effort vs. value to bulk of free software
users vs. value to companies doing proprietary development.

You go on to suggest the "diary app" -- a perfectly nifty free
software application for revision encryption.

Again, be aware that even if your enemies can't easily read your diary
entries, they will effortlessly be able to watch how often you make
them, when you make them, how big they are, and, depending on how you
name things, maybe even infer the gist of things from category and
branch names.  But sure -- the actual changesets could be encrypted.

Given the cost/value that I'm estimating, my inclination is still to
say "write it yourself".   It's not that hard, really -- dig around a
bit in src/tla/libarch/{archive-pfs,pfs}.c

-t