Re: Truecrypt 4.1

Discussion in 'Computer Security' started by Borked Pseudo Mailed, Nov 28, 2005.

  1. nemo_outis wrote:

    > Borked Pseudo Mailed <> wrote in
    > news::
    >
    >
    >
    > Utopian? Me? Believe me, I'm no dewy-eyed ingenu; I am as worldly-wise
    > and cynical as they come.


    Then maybe you're just objectivity impaired by your attachment to a piece
    of software. Or maybe you're so jaded by bad experiences that you find the
    commonplace noteworthy. Whatever the reason, you seem to feel that the
    authors of TrueCrypt doing what everyone understands they had to do, is
    something special. It's not. In fact there's some questions about how they
    went about it that should be answered. Minor questions, but questions in
    any case.
    Borked Pseudo Mailed, Nov 28, 2005
    #1
    1. Advertising

  2. Borked Pseudo Mailed

    nemo_outis Guest

    Borked Pseudo Mailed <> wrote in
    news::

    > nemo_outis wrote:
    >
    >> Borked Pseudo Mailed <> wrote in
    >> news::
    >>
    >>
    >>
    >> Utopian? Me? Believe me, I'm no dewy-eyed ingenu; I am as
    >> worldly-wise and cynical as they come.

    >
    > Then maybe you're just objectivity impaired by your attachment to a
    > piece of software. Or maybe you're so jaded by bad experiences that
    > you find the commonplace noteworthy. Whatever the reason, you seem to
    > feel that the authors of TrueCrypt doing what everyone understands
    > they had to do, is something special. It's not. In fact there's some
    > questions about how they went about it that should be answered. Minor
    > questions, but questions in any case.




    What the authors had to do? Are you stark barking (not borking) mad?

    First of all, only a very small coterie of crypt aficionados is even
    aware of the CBC versus LRW issue, and only a much smaller subset of them
    truly understands the issues and intricacies (which, I might add, apply
    only with regard to plausible deniability, not disclosure, and then only
    under conditions of repeated observation that are either unlikely, or
    that would result in other, much easier to perform, forms of compromise.
    IOW, we are talking about a second-order subtlety and refinement.)

    No wonder the authors did not move heaven and earth to start another
    forum to discuss such arcana; the issue was eminently deferrable. As
    corroboration of this point I invite you to name how many commercial
    encryption products use LRW or which even discuss the issue.

    No, the authors need have done nothing whatsoever; they could then, as
    now, discontinue the project at a whim and be none the worse for it.
    They have no obligation to anybody. They may continue with the project
    if it pleases them to do so - or not, if it doesn't. They owe you, me,
    and everyone else exactly nothing. To the contrary, we should be glad and
    grateful for what has been graciously given so far, even if they shut up
    shop tomorrow.

    And, if the authors continue to support and develop Truecrypt, we should
    be doubly grateful - since they would be doing it despite the churlish
    attitudes of those who attack them.

    Now that doesn't mean that I consider Truecrypt to be above criticism -
    far from it. But only constructive criticism - surely the authors have
    earned that much! However, most (but not all) of the criticism directed
    against them has been mere carping and whining, and can by no means be
    construed as constructive.

    One example of this petty whinging has been regarding the Truecrypt
    forums being down. Well, Truecrypt 4.1 is now out and yet the forums
    continue to be down. The site says "The forum is temporarily closed due
    to maintenance." I choose to believe that statement rather than the
    bullshit conspiracy theories about the forums having been taken offline
    to "hide" the CBC versus LRW issue.

    Regards,

    PS And I am heartened to note that the authors have, in fact, been
    extremely responsive to constructive criticism - that we have an LRW
    implementation just three weeks after the issue was first raised amply
    attests to that!
    nemo_outis, Nov 28, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. nemo outis

    Truecrypt 3.0 has been released

    nemo outis, Dec 10, 2004, in forum: Computer Security
    Replies:
    4
    Views:
    594
    Anonymous
    Dec 11, 2004
  2. Ari Silversteinn

    Re: Truecrypt 4 Released!

    Ari Silversteinn, Nov 2, 2005, in forum: Computer Security
    Replies:
    1
    Views:
    544
    traveler
    Nov 2, 2005
  3. nemo_outis

    Re: Truecrypt 4.1

    nemo_outis, Nov 26, 2005, in forum: Computer Security
    Replies:
    0
    Views:
    464
    nemo_outis
    Nov 26, 2005
  4. nemo_outis

    Re: Truecrypt 4.1

    nemo_outis, Nov 27, 2005, in forum: Computer Security
    Replies:
    8
    Views:
    722
    Anonymous via the Cypherpunks Tonga Remailer
    Nov 30, 2005
  5. Borked Pseudo Mailed

    Re: Truecrypt 4.1

    Borked Pseudo Mailed, Nov 27, 2005, in forum: Computer Security
    Replies:
    11
    Views:
    1,265
    Anonymous via the Cypherpunks Tonga Remailer
    Nov 30, 2005
Loading...

Share This Page