[Cryptography] Fork of TrueCrypt
Bill Cox
waywardgeek at gmail.com
Wed Jun 4 19:10:21 EDT 2014
On Wed, Jun 4, 2014 at 5:53 PM, Jerry Leichter <leichter at lrw.com> wrote:
> On Jun 3, 2014, at 7:05 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> > An auto-update feature pinging the server would alert any network
> snooper of exactly who was using the TrueCrypt fork. From a security point
> of view, auto-update is DOA.
> On the other hand, regularly checking a public location on which the
> latest versions of a wide variety of products are listed reveals pretty
> much nothing.;
>
> If you act on what you find and go looking for the new version, of course,
> you reveal your interest. But that's true *no matter how you check for or
> download new versions*: The metadata about where you connect reveals your
> interests. Shock, horror. Tor.
> -- Jerry
>
>
All true. It's funny, but I can argue that BitLocker is safer in some ways
because your computer is *expected* to contact Microsoft once a day.
So, what if people just go with BitLocker? It probably is secure against
most government snooping, just not ours. At what point do we trust our
government not to illegally snoop and do horrific Star-Chamber sorts of
harm?
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140604/b10db2a5/attachment.html>
More information about the cryptography
mailing list