Many security practices are boiled down and imposed by people that are not fully aware of the impracticality of the supposed exploit especially in a specific environment or the resources required to mitigate. I'm sure that the admins here at the time were displeased, but the response is a great study in how to respond to a breach correctly. Measured responses to difficult problems. This is a monastery, not a security fan club. From what I understand, the decision to encrypt the db was investigated, discussed, and dismissed. And revisiting the issue every so often is probably not a bad idea just because it starts making people think about security. But tunnel vision towards one specific problem / solution is not really helpful.

I like Linus's view Linus Interview - Washington Post