Cryptography Isn't Security

This post originally appeared on the Software Carpentry website.

One topic that I've tried to include in this course a couple of times, without success, is security. I feel irresponsible not saying something about how to share safely, but I've never found something that (a) would fit into one hour, (b) wasn't platitudes, and (c) gave listeners something they could act on.

One reviewer suggested talking about public/private key pairs (to help people set up SSH), signing things digitally, and the like. I'm leery of going down that road, though, since it could easily leave people with a misplaced faith in technical solutions to security problems. As always, suggestions would be welcome...