Arnie: Why is a weak cipher worse than no cipher at all?

The cipher that Mary Queen of Scots used in this chapter was able to be broken, and in this case, having no cipher at all would have been better than the weak one that was used. He says that because they believed their communication was secure, the Queen and her accomplices became too complacent. The contents of their letters were far more incriminating because the conspirators believed that even if the letters were found, they would most likely just look like gibberish. With frequency analysis, even a somewhat strong cipher can be cracked over time if someone has the right resources, which the Queen of England most definitely did. If Mary had just used cryptic language that was vague and concealed the letters in the same manner, even if they were found, they would have been much less incriminating and she would most likely not have been sentenced with the death penalty. Because of her complacency and her blind trust in the cipher she was using, she let down her guard, and this ultimately led to her demise. This is what Singh means by the fact that sometimes a bad cipher is worse than no cipher at all.

I think that the same thing could be said about passwords on the internet today. If something has a weak password it may be worse than having no password at all. If there is a hacker trying to get your data, they are probably more likely to try and hack into password protected websites, because that is where more sensitive information is normally stored. If your password is “12345678,” it may be worse than having the same information on a non password protected website because hackers may be less likely to look there. I think even in the modern era, the idea that no cipher is better than a weak one is still applicable in some senses.