(In reply to Niklas Hambüchen from comment #9) > > because the default on Windows and macOS systems these days is that the entire main drive is encrypted anyway > > This is not the case according to my research <snip> > The encryption doesn't protect your data unless you sign in with a Microsoft account Microsoft is making it harder and harder **not** to do this, so I still expect this to cover a large portion of Windows users. > > opt-in, given the performance impact > > My argument above is that the performance impact of encryption is negligible. Even 10-year old CPUs can perform it at > 2GB/s _per core_ (see my numbers above); this is much faster than the speed of any download (and again, per core). Your use of "performance" is about the ultimate speed of the download; mine was about the CPU use, which is non-negligible for decent encryption (that is sort of the point). Anyway, I think the cost/benefit here is not great. In particular: > (Though performing a streaming encryption while doing simple linear writes/reads is not super complicated.) I don't think adding this encryption, ensuring it is strong enough (what does that mean), failsafe, and transparent to the user, and the CPU load is acceptable, is "not super complicated". And it adds benefits for people who... sometimes (but not always) use strongly encrypted data storage for some files, but don't use full disk encryption for any drive they use as the default downloads location. That's a pretty small set of people. Anyway, we can keep the bug open, and I would consider an appropriate patch, but I don't expect people inside Mozilla are likely to have time to work on it / fix it.
Bug 1823139 Comment 11 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
(In reply to Niklas Hambüchen from comment #9) > > because the default on Windows and macOS systems these days is that the entire main drive is encrypted anyway > > This is not the case according to my research <snip> > The encryption doesn't protect your data unless you sign in with a Microsoft account Microsoft is making it harder and harder **not** to do this, so I still expect this to cover a growing portion of Windows users. > > opt-in, given the performance impact > > My argument above is that the performance impact of encryption is negligible. Even 10-year old CPUs can perform it at > 2GB/s _per core_ (see my numbers above); this is much faster than the speed of any download (and again, per core). Your use of "performance" is about the ultimate speed of the download; mine was about the CPU use, which is non-negligible for decent encryption (that is sort of the point). Anyway, I think the cost/benefit here is not great. In particular: > (Though performing a streaming encryption while doing simple linear writes/reads is not super complicated.) I don't think adding this encryption, ensuring it is strong enough (what does that mean), failsafe, and transparent to the user, and the CPU load is acceptable, is "not super complicated". And it adds benefits for people who... sometimes (but not always) use strongly encrypted data storage for some files, but don't use full disk encryption for any drive they use as the default downloads location. That's a pretty small set of people. Anyway, we can keep the bug open, and I would consider an appropriate patch, but I don't expect people inside Mozilla are likely to have time to work on it / fix it.