is truecrypt dead?
rysiek
rysiek at hackerspace.pl
Thu May 29 00:10:25 PDT 2014
Dnia środa, 28 maja 2014 22:07:40 Griffin Boyce pisze:
> Andy Isaacson wrote:
> > I'd be surprised if [ecryptfs] doesn't have critical
> > implementation bugs in the parts that aren't broken by design.
> >
> > Please don't use ecryptfs. It's not even better than nothing.
>
> BRB, wiping my hard drive for totally unrelated reasons!* ;-) If I
> remember correctly, ecryptfs was the default home directory encryption
> option for Ubuntu until recently.
>
> Why is it that these things that thousands of people rely on are not
> audited in any real way?
The right question is:
Why do creators of things that are being used by thousands of people use
solutions that are not audited in any real way?
> I've used truecrypt with reservations and never
> in a serious situation. But lots of people are relying on this to keep
> their data safe while crossing borders, documenting human rights abuses,
> etc. A company like Canonical should insist on audits before making
> *anything* the default encryption scheme.
>
> These things tend to start as small projects and come to be ubiquitous
> without most users caring about audits (or being open-source). We need
> to have higher standards.
Absolutely.
--
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140529/4e3f3e0e/attachment-0001.sig>
More information about the cypherpunks
mailing list