List Info

Thread: Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?
Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?
user name
 2007-01-18 05:26:32 
On Wed, 17 Jan 2007, Saqib Ali wrote:
[[addressed to Steven Bellovin, but copied to the whole
list]]
> I would like to invite you to try out a Free FDE
product called
> Compusec < http://www.ce-infosys.com/
 >

If I have data that's valuable enough to need encryption,
I'm going
to be nervous trusting it to closed-source software.  How do
I know
that Compusec's cryto is done properly?  As Bruce Schneier
has
famously said, to the user snake-oil crypto looks just like
good
crypto -- both scramble the bits enough to look
"random" to the eye.

In contrast, even though I haven't personally read the
{linux,bsd}
crypto source code, lots of serious crypto geeks have, so I
can be
a lot more confident that it's of at least reasonable
quality.

Another issue is that closed-source crypto hardware/software
has had
back doors planted in it in the past, either for "key
recovery when
customers loose their keys", or after pressure by
assorted government
agencies.  I'm sure the NSA could bribe someone to backdoor
the Linux
kernel, but it would be really hard to keep this a secret
when many
"uncontrolled" people get to browse the source
code.


> After trying, please let me know if the distinction
between "disk
> encryption" (e.g. TrueCrypt) and "full disk
encryption" (e.g.
> Compusec) is insufficient.

For the above reasons, I wouldn't trust either of these.
I keep _my_ confidential files under Matt Blaze's CFS; any
of the
other open-source {linux,bsd} cryptographic file systems
would be
reasonable alternatives.

--
-- "Jonathan Thornburg -- remove -animal to reply"
<jthornaei.mpg-zebra.de>
   Max-Planck-Institut fuer Gravitationsphysik
(Albert-Einstein-Institut),
   Golm, Germany, "Old Europe"     http://www.ae
i.mpg.de/~jthorn/home.html      
   "Washing one's hands of the conflict between the
powerful and the
    powerless means to side with the powerful, not to be
neutral."
                                      -- quote by Freire /
poster by Oxfam

------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomometzdowd.com
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )