Truecrypt container hacked?
carimachet at gmail.com
Sun Aug 23 04:37:34 PDT 2015
structurally speaking monolithic thinking is a capture tool of the cia and
under EO 12333 all agencies are the cia = all 16 agencies
but that expansion is evident = gone beyond the 16 now
LAPD could not talk about mmhastings "fiery crash" as all-all natsec
natinterests which is whatever the fuck they say it is on a given fucking
day under the header 'upcoming trade deal' plus other\many evidences of
that shit...court docs\proceedings express just lookie-lookie
On Aug 23, 2015 1:45 PM, "John Young" <jya at pipeline.com> wrote:
> Well said on skepticism of news reports concerning crypto, comsec,
> infosec, natsec. Disinfo and deception are inherent in security and
> survival, and best, most reliable, most trusted are typical tools of
> misleading exploitation.
> Where a single means and method, such as crypto (or science), is
> encouraged for rock-solid assurance, at least one other means and
> methods should be employed which in no way depends upon the
> single means. Hoodwink wins by cheating.
> A single means is certain to be continously under attack, and its
> vulnerabilities concealed both by the attackers and by the promoters.
> Blind faith in a single means is as old as religion, art and royalty,
> as old as humans faced with unending threats from nature and
> mortality -- and most of all from each other's thieving and murderous
> practices. Duplicity and con-jobs were essential, along with bigger
> clubs and rocks, voodoo and faux-virgin sacrifices -- ISIS hardly
> different, except more modest and sane and much less wealthy,
> than Los Alamos, The Vatican, JP Morgan, Ashley Madison,
> Silicon Valley and the IC all fostering blind faith in their own
> advertising of rockefeller-st-peter-approved STD protection.
> Some HTTPS Everywheres lately have been advertising encryption
> and HTTPS as condoms to protect against Internet STD, aka privacy
> rape. Peddlers of these hygienics are surely donors to the of Church
> of Crypto whose priests do enjoy the pleasures of insider hoo-haa.
> At 02:25 AM 8/23/2015, you wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> On 08/22/2015 06:07 PM, Tomas Overdrive Petru wrote:
>> > This one has been puzzling me for several days. Since I have
>> > not yet been able to figure it out, I thought I would "bleg"
>> > for assistance from our encryption-savvy readership.
>> > According to the Sun Sentinel
>> > <http://www.sun-sentinel.com/news/fl-christopher-glenn-sentenced-2
>> a South Florida man was recently convicted of stealing military
>> > secrets. I am less concerned with what he stole or why than
>> > with what the story says about how the evidence against him was
>> > identified and used. Here is the relevant part of the story:
>> > https://www.lawfareblog.com/puzzling-encryption-story
>> Historically, the FBI has used keyloggers to defeat PGP Disc and
>> Truecrypt - and also, I am sure, other encrypted file systems that
>> don't have back door access as a standard feature.
>> Since rubber hose cryptanalysis and bugging computers are well
>> known FBI methods, while world + dog have failed so far to make
>> real progress on breaking the ciphers used in Truecrypt, I see no
>> reason to suspect the latter occurred. None at all.
>> The word "Truecrypt" does not appear in this summary of expert
>> testimony, which describes forensics conducted at the facilities
>> the classified files were borrowed from:
>> So, the defendant was already in the bag before somebody managed
>> to type the correct pass phrase and examine the contents of his
>> stash. I found no indication of whether his guilty plea came
>> before or after investigators had access to the encrypted data; it
>> seems very likely that handing over the pass phrase was part of a
>> plea deal.
>> Persuading people that a cryptographic tool does not work is a
>> very effective attack against it. Should we blame ignorance or
>> something else for the "Truecrypt is broken" take-away many casual
>> readers will pick up from this story as written?
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1
>> -----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 6031 bytes
Desc: not available
More information about the cypherpunks