|
|
|
|
11-28-2005, 01:13 AM
|
#1 |
Re: Truecrypt 4.1
nemo_outis wrote:
> Borked Pseudo Mailed <> wrote in > news: d.net: > > > > Utopian? Me? Believe me, I'm no dewy-eyed ingenu; I am as worldly-wise > and cynical as they come. Then maybe you're just objectivity impaired by your attachment to a piece of software. Or maybe you're so jaded by bad experiences that you find the commonplace noteworthy. Whatever the reason, you seem to feel that the authors of TrueCrypt doing what everyone understands they had to do, is something special. It's not. In fact there's some questions about how they went about it that should be answered. Minor questions, but questions in any case. Borked Pseudo Mailed |
|
|
|
11-28-2005, 02:39 AM
|
#2 |
|
Posts: n/a
|
Re: Truecrypt 4.1
Borked Pseudo Mailed <> wrote in
news: d.net: > nemo_outis wrote: > >> Borked Pseudo Mailed <> wrote in >> news: d.net: >> >> >> >> Utopian? Me? Believe me, I'm no dewy-eyed ingenu; I am as >> worldly-wise and cynical as they come. > > Then maybe you're just objectivity impaired by your attachment to a > piece of software. Or maybe you're so jaded by bad experiences that > you find the commonplace noteworthy. Whatever the reason, you seem to > feel that the authors of TrueCrypt doing what everyone understands > they had to do, is something special. It's not. In fact there's some > questions about how they went about it that should be answered. Minor > questions, but questions in any case. What the authors had to do? Are you stark barking (not borking) mad? First of all, only a very small coterie of crypt aficionados is even aware of the CBC versus LRW issue, and only a much smaller subset of them truly understands the issues and intricacies (which, I might add, apply only with regard to plausible deniability, not disclosure, and then only under conditions of repeated observation that are either unlikely, or that would result in other, much easier to perform, forms of compromise. IOW, we are talking about a second-order subtlety and refinement.) No wonder the authors did not move heaven and earth to start another forum to discuss such arcana; the issue was eminently deferrable. As corroboration of this point I invite you to name how many commercial encryption products use LRW or which even discuss the issue. No, the authors need have done nothing whatsoever; they could then, as now, discontinue the project at a whim and be none the worse for it. They have no obligation to anybody. They may continue with the project if it pleases them to do so - or not, if it doesn't. They owe you, me, and everyone else exactly nothing. To the contrary, we should be glad and grateful for what has been graciously given so far, even if they shut up shop tomorrow. And, if the authors continue to support and develop Truecrypt, we should be doubly grateful - since they would be doing it despite the churlish attitudes of those who attack them. Now that doesn't mean that I consider Truecrypt to be above criticism - far from it. But only constructive criticism - surely the authors have earned that much! However, most (but not all) of the criticism directed against them has been mere carping and whining, and can by no means be construed as constructive. One example of this petty whinging has been regarding the Truecrypt forums being down. Well, Truecrypt 4.1 is now out and yet the forums continue to be down. The site says "The forum is temporarily closed due to maintenance." I choose to believe that statement rather than the bullshit conspiracy theories about the forums having been taken offline to "hide" the CBC versus LRW issue. Regards, PS And I am heartened to note that the authors have, in fact, been extremely responsive to constructive criticism - that we have an LRW implementation just three weeks after the issue was first raised amply attests to that! nemo_outis |
|
|
