Re: Truecrypt 4.1

Discussion in 'Computer Security' started by Nomen Nescio, Nov 28, 2005.

  1. Nomen Nescio

    Nomen Nescio Guest

    nemo_outis wrote:

    > Borked Pseudo Mailed <> wrote in
    > news::
    > ...
    >>> What the authors had to do? Are you stark barking (not borking) mad?
    >>> First of all, only a very small coterie of crypt aficionados is even
    >>> aware of the CBC versus LRW issue, and only a much smaller subset of
    >>> them truly

    >> So what? It's not necessary to understand the physics of combustion to
    >> know your car won't run.

    > How adroitly you miss the point! "Car won't run," you say? What an apt
    > analogy - I guess Truecrypt must have seized up solid. No, m'boy, in the
    > red herring department, I have nothing on you.

    You really are a drama queen, aren't you? Never mind the fact that it's
    not necessary to know the inner workings of encryption modes to
    understand there's a flaw or anything, just rant and rave like you believe
    you're not really looking like a bombastic blowhard.

    > Lackadaisical me, I didn't notice that Truecrypt had ceased to run.
    > Somehow or other I didn't pick up on its sudden loss of functionality.
    > Moreover, it somehow escaped me that Truecrypt had been outclassed by all
    > the other encryption programs, commercial and non-commercial, which had
    > already switched to LRW.
    > No, regarding LRW, hardly anyone knows about the issue and even fewer
    > care. It is a minor and subtle aspect which only bears on plausible
    > deniability and then only under rather contrived conditions. The impact of

    Don't bother blowhard. I saw people who know what they're talking about
    thrash this argument of yours in sci.crypt. You've already LOST this one.

    > LRW's presence or absence on the number of users of the program would be
    > vanishingly small in any case. Moreover, Truecrypt, even without LRW,
    > already outclassed anything else out there.
    > ...
    >>> No, the authors need have done nothing whatsoever; they could then, as
    >>> now, discontinue the project at a whim and be none the worse for it.
    >>> They

    >> What sort of tap dance are you doing here nemo? Isn't discontinuing
    >> development "doing something"? If it's done as a result of some flaw
    >> that for whatever reason isn't fixed, why would they do this rather than
    >> simply continue producing the same buggy software?

    > You contend they fixed a flaw; a more accurate characterization would be
    > that they added an enhancement and did so in advance of most similar
    > programs, commercial and non-commercial, virtually all of which still use
    > CBC.
    > The clamouring of the public for LRW and the desperate need to implement
    > it immediately can be assessed by noting how sales of programs like
    > Bestcrypt and Drivecrypt have plummeted for lack of it. NOT!
    > No, awareness of LRW, caring about it, and requesting, let alone
    > requiring, its implementation is limited to so few people that they would
    > not be crowded in a broom closet. It is a testament to the responsiveness
    > of the Truecrypt team that they nonetheless implemented this feature, did
    > so quickly, and continue in the technical vanguard of encryption programs.
    >>> have no obligation to anybody. They may continue with the project if
    >>> it pleases them to do so - or not, if it doesn't. They owe you, me,
    >>> and everyone else exactly nothing. To the contrary, we should be glad
    >>> and

    >> They owe people exactly what they say they'll provide.

    > No, a gratutitous promise is unenforceable. Is there any other self-
    > serving nonsense you would like to spout? Perhaps you'd like me to
    > acquaint you with the law regarding when "promissory estoppel" applies and
    > then beat you over the head with it?
    >>> grateful for what has been graciously given so far, even if they shut
    >>> up shop tomorrow.
    >>> And, if the authors continue to support and develop Truecrypt, we
    >>> should be doubly grateful - since they would be doing it despite the
    >>> churlish attitudes of those who attack them.

    >> I'm not attacking them, I'm attacking you and your silly infatuation
    >> with trying to pump up a normal response to a problem as some sort of
    >> special case. MOST security software developers respond to problems.
    >> Some do it faster, some slower. Usually it varies from case to case.
    >> Personally I like TrueCrypt. I think it's a fine piece of software and
    >> it's authors top notch. I'm just not in love with them the way you seem
    >> to be. It's just another piece of software nemo, not your puppy.

    > In love with the authors of Truecrypt? Not I! However, unlike you, I do
    > give credit where credit is due.
    > ...
    >>> One example of this petty whinging has been regarding the Truecrypt
    >>> forums being down. Well, Truecrypt 4.1 is now out and yet the forums

    >> I think an explanation is in order, even if it's a line or two saying
    >> "technical difficulties" or whatever. It does look "odd", and its in
    >> their interest to at least attempt to address the questions.

    > Are you incapable of reading? I have already posted that the Truecrypt
    > forum prominently displays "The forum is temporarily closed due to
    > maintenance." What part of that do you fail to grasp? Perhaps they
    > should have put up a new forum where you can lament the unavailability of
    > the first forum?
    >>> PS And I am heartened to note that the authors have, in fact, been
    >>> extremely responsive to constructive criticism - that we have an LRW
    >>> implementation just three weeks after the issue was first raised amply
    >>> attests to that!

    >> Three weeks? I'd call that an average response time. Maybe a little on
    >> the slow side in fact, but not so much co that it's notable. OTOH, I
    >> distinctly remember years ago downloading a version of PGP that had a
    >> moderately bothersome bug in it and seeing it patched and replaced
    >> within 48 hours. And yes, I realize that different problem require
    >> different solutions.

    > You can call it whatever you will. The Truecrypt team is too slow for
    > you? Well, why don't you demand a refund of all the hard-earned dollars
    > you spent for it?

    What a dishonest twit you are. Where did I say I thought they were too
    slow? I called them AVERAGE you revisionist loser, and MAYBE a bit slow.

    Do you ALWAYS resort to flat out lying when you're loosing an argument, or
    is this something special you've come up with just to defend your pet

    > But, as I said before, I'm eager to be corrected and learn. So, please,
    > embarrass me by citing all the encryption programs that have beaten
    > Truecrypt to the draw and implemented LRW ahead of it!

    More GLARING dishonesty. Other programs don't HAVE the problem. Most of
    them don't do real time encryption and the ones that do don't HAVE the
    same CBC mode problems. Namely DriveCrypt.

    But by all means make sure you limit your stupid challenge to something
    that can't be even answered. Don't bother allowing anyone to throw PGP's
    pasphrase leaking problem that was fixed in 48 hours in your face or

    Dishonest drama queen. I'm done with you.

    > Regards,
    Nomen Nescio, Nov 28, 2005
    1. Advertisements

  2. nemo_outis

    nemo_outis Guest

    Nomen Nescio <> wrote in

    ....snip incoherent rant...
    > Dishonest drama queen. I'm done with you.
    >> Regards,

    Done with me? I'm crushed.

    I hope you found your incoherent rant cathartic, since it conveyed nothing

    However, on the bright side, now that you're done with me, you're at
    leisure to go back to picking your pimples.

    nemo_outis, Nov 28, 2005
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. nemo outis

    Truecrypt 3.0 has been released

    nemo outis, Dec 10, 2004, in forum: Computer Security
    Dec 11, 2004
  2. Ari Silversteinn

    Re: Truecrypt 4 Released!

    Ari Silversteinn, Nov 2, 2005, in forum: Computer Security
    Nov 2, 2005
  3. nemo_outis

    Re: Truecrypt 4.1

    nemo_outis, Nov 26, 2005, in forum: Computer Security
    Nov 26, 2005
  4. nemo_outis

    Re: Truecrypt 4.1

    nemo_outis, Nov 27, 2005, in forum: Computer Security
    Anonymous via the Cypherpunks Tonga Remailer
    Nov 30, 2005
  5. Borked Pseudo Mailed

    Re: Truecrypt 4.1

    Borked Pseudo Mailed, Nov 27, 2005, in forum: Computer Security
    Anonymous via the Cypherpunks Tonga Remailer
    Nov 30, 2005

Share This Page