I think the fact that it's not possible to be perfectly safe is not a good reason to not earnestly consider what you _can_ do to try to protect yourself. Of course you won't stand a chance if a nation-state is determined to get you, but that doesn't mean you should just give up and wing it, because the most relevant threats are probably much less capable in most cases. It's still a good idea to try to quantify one's threat model and what it would take to protect yourself, and then make a (somewhat) educated decision on how much effort one is willing to spend on it.
On Tue, 25 Jun 2019, 01:14 Ralf Mardorf via arch-general, < firstname.lastname@example.org> wrote:
You want to make the packages available for general use. Does general use require behavioral biometric verification and spring guns?
Black hats are able to hack Google and Facebook, what ever you will do, you never ever will be able to reach the level of security those and the other most successful computer related companies are able to accomplish.
IMO an averaged "strong" but still memorizable passphrase, even when following obsolet rules, is ok.