![]() None of this is new by any definition of the word 'new' (except that odd one where some people use a word with the exact opposite definition… but that is a people problem, not a word problem).Įdit: Ah, yes, you do cover my first thought, if I interpret it right this time: “If weaknesses in the implementation expose keys or provide another workaround, it would not be unusual.” ![]() Keep in mind encryption export restrictions too. They were involved with (although not the creators of and it is supposed they did not tamper with it) DES and that is from the 70s, for one example. They were critical (read: protective) of encryption standards long before their supposed reasons (or excuses) as to why they are so in to it 'now' (the problem is: it isn't now, it was and is 'always' but they now make excuses that make some people – admittedly naive – feel safe). ![]() Of course, those who have been into computers (even without security in mind) for long enough are sure to remember certain incidents which led to companies put out of business… all related to speculation/sensationalism/other things.Īs for the NSA, while I think a lot of it is fear-mongering (rather sensationalism… as at least some of it is not all that technically advanced and much of it is not surprising), I think also true is that the NSA has far more for them than is generally thought. Spreading such is unhelpful and in fact dangerous. Re: "Until and unless that happens, speculation about NSA back doors is just that, and fairly pointless apart from entertainment value." MiTM? Or maybe you are indeed referring to that by "properly implemented" … Also you do cover strength itself which is something to consider too. Re: " However, if the encryption is properly implemented its strength will be in the keys and the algorithms, which are some of the standard and well-analyzed ones." Here's a good one on Attrition which explains only one of many of his (Gibson's) fraudulent claims and supposed feats (his only real feats (!) are those he fools as in those who believe things too easily and/or are not experienced in the subject!):Īnything Gibson has written/sold/said/whatever else is highly suspect. That raw sockets are what are the source of DDoS attacks? Again, nonsense. He did a lot of supposedly brilliant things – in his own fraudulent reality, that is. His claim that he created a better version of syn cookies? Sure he did. But even then, some of the things Gibson has claimed/stated/whatever is just so far technically incorrect it is beyond ridiculous. He's also exposed other charlatans (I'll refrain from naming them as they just make me cringe…). Attrition is sound and he (that is, the folks behind Attrition) goes way back. Here, I'll do it for you:Īnd I can personally verify the (at least at this time) first result as being valid (but hell, don't believe me look at their evidence, sources and then some. That is old news but if you don't believe me, try google search "steve gibson charlatan". Steve Gibson is a charlatan, plain and simple. Hat-tip: this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.Ĭredible evidence and grc.com do not mix. What’s clear is that no-one who is security conscious can trust the software ever again.Īs I said at the end of last month, it’s time to start looking for an alternative way to encrypt your files and hard drive.Ĭrazy or genuine conspiracy? Let us know what you think by leaving a comment below. Maybe it doesn’t really matter to most of us quite why TrueCrypt shut down. You can read more about the conspiracy theory (trust me, it goes far beyond what I’ve reported above) in a post here. (Boy, I wish I had been taught Latin at my school…) Some claim that – in context – the letters roughly translate to:ĭon’t use TrueCrypt because it is under the control of the NSA Because if you split “utinsaimcusi” up with a few judicious spaces you end up with… ![]() Perhaps not, allege those with a love of unravelling puzzles. Using TrueCrypt is not secure as it may contain unfixed security issues If you take the first letter of each word (except the word “WARNING”) you get: WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues See that first sentence on the TrueCrypt project’s homepage on SourceForge?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |