[Cryptography] Fork of TrueCrypt

Niklas Lemcke - 林樂寬 compul at coletteral.net
Thu Jun 5 11:23:52 EDT 2014



On Wed, 4 Jun 2014 19:10:21 -0400
Bill Cox <waywardgeek at gmail.com> wrote:

> On Wed, Jun 4, 2014 at 5:53 PM, Jerry Leichter <leichter at lrw.com> wrote:
> 
> > On Jun 3, 2014, at 7:05 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> > > An auto-update feature pinging the server would alert any network
> > snooper of exactly who was using the TrueCrypt fork.  From a security point
> > of view, auto-update is DOA.
> > On the other hand, regularly checking a public location on which the
> > latest versions of a wide variety of products are listed reveals pretty
> > much nothing.;
> >
> > If you act on what you find and go looking for the new version, of course,
> > you reveal your interest.  But that's true *no matter how you check for or
> > download new versions*:  The metadata about where you connect reveals your
> > interests.  Shock, horror.  Tor.
> >                                                         -- Jerry
> >
> >
> All true.  It's funny, but I can argue that BitLocker is safer in some ways
> because your computer is *expected* to contact Microsoft once a day.
> 
> So, what if people just go with BitLocker?  It probably is secure against
> most government snooping, just not ours.  At what point do we trust our
> government not to illegally snoop and do horrific Star-Chamber sorts of
> harm?

It's not my government, and I don't trust it. I don't trust anyone,
especially governments or other monetary organisations.

*puts on tinfoil hat*

> 
> Bill



-- 
Niklas Lemcke - 林樂寬


More information about the cryptography mailing list