> I am, however, much less afraid of a wipe that's not a wipe!
I don't remember, but there was a story about deleted photos on iPhones resurfacing by mistake. Or deleting a file on Windows or Linux most likely removes the entry for that file, not the contents of the file itself. Or the "quick" format or whatever it was called in Linux. Or not being able to delete everything from an SSD because it moves things around and deallocates some regions. But even if a wipe is a wipe, a random employee is more likely to insert a hardware or firmware malware targeted to someone than the company is likely to insert just malware to every computer sold. Using "paranoid" in this case implies that there aren't many people with actual secrets to keep who could be targeted.
> Not everyone has someone with technical skills in their family, so making policy that fits only that minority doesn't make sense to me. The majority will, as you say, "hand over their devices willy-nilly".
Sure, offer both options then. Also, notwithstanding the fact that
I agree with offering both options, not having technical skills should be frowned upon. Everything is computers. Not knowing (someone who knows) how to use a screwdriver or a heat gun is inexcusable.
> I'd rather pursue this as a two-part problem: get the best accommodation we can for hardware, and also impose (very, very) strict data-privacy rules.
Data privacy rules don't accomplish much when the adversary doesn't care about rules. Reminds me of the "We don't have any criminals in Sweden because it's a crime to break the law" meme.
> Trying to do too much at once risks accomplishing too little.
I don't remember, but there was a story about deleted photos on iPhones resurfacing by mistake. Or deleting a file on Windows or Linux most likely removes the entry for that file, not the contents of the file itself. Or the "quick" format or whatever it was called in Linux. Or not being able to delete everything from an SSD because it moves things around and deallocates some regions. But even if a wipe is a wipe, a random employee is more likely to insert a hardware or firmware malware targeted to someone than the company is likely to insert just malware to every computer sold. Using "paranoid" in this case implies that there aren't many people with actual secrets to keep who could be targeted.
> Not everyone has someone with technical skills in their family, so making policy that fits only that minority doesn't make sense to me. The majority will, as you say, "hand over their devices willy-nilly".
Sure, offer both options then. Also, notwithstanding the fact that I agree with offering both options, not having technical skills should be frowned upon. Everything is computers. Not knowing (someone who knows) how to use a screwdriver or a heat gun is inexcusable.
> I'd rather pursue this as a two-part problem: get the best accommodation we can for hardware, and also impose (very, very) strict data-privacy rules.
Data privacy rules don't accomplish much when the adversary doesn't care about rules. Reminds me of the "We don't have any criminals in Sweden because it's a crime to break the law" meme.
> Trying to do too much at once risks accomplishing too little.
That's another sad part of our reality, I agree.