Re: Best encryption sw for home laptop

Sebastian Gottschalk <seppi@xxxxxxxxx> wrote:

Yes, goofy, but that module is included in the container itself and
is unloaded when the container is closed/unmounted. That's a simple
fact no matter how many times you repeat the erroneous information
that once a Truecrypt traveler mode volume has been mounted you no
longer need admin rights to remount it or mount another (the driver
is persistent).

Now that you're lacking argument, you're obfuscating the issues by
repeating exactly what I told and claiming it against me.

What you said you're repeating below, and it's completely incorrect.


As you might or might not have understood by now, the discussion was
about ever needing admin rights - yes, you do, to install it for the
very first time. If you never had admin rights, you're pissed of.

The discussion was about needing a "driver", where it came from, and
how it's implemented. With the single exception of actually needing one
for Truecrypt's traveler mode, you're so far out in left field you're
not even in the game.

The driver is in the file itself. It's loaded temporarily, and unloaded
when the volume is unmounted. You're trying to say it's not by
yammering on about "first time" nonsense. You need admin rights *every*
time you mount the volume. Which as I've stated before doesn't appear
to be a problem in the OP's scenario. It's something you dredged up to
cover up the fact that you're mistaken about everything else.

You're also pissing in the wind about modification of the executable
portion of the self contained volume. Only a stub is left
unencrypted, and the code that does volume integrity checking is
"inside" the container itself.

LOL? Simple break it! No need to keep its integrity.

You're more than welcome to demonstrate exactly how you're going to
decrypt the integrity checking code of an SDA without the password in
order to "break" it.

Somehow I doubt you're up to the task.

You might be able to modify the code to get a
password, but the user would know it immediately.

No. He would notice that the data is broken, and that's it. He doesn't

Noticing it's been tampered with is enough. The file can be discarded.
No harm, no foul as far as the end user is concerned, the attacker
knows nothing. The data can be resent. That's the whole idea behind
integrity checking.

know whether it was an intentional modification or just a transmission
error.

It doesn't matter. You're grasping at straws. If a PGP signature fails
the integrity of the signed data is questioned. Why it's been modified
is irrelevant at that point, the fact that it has or has not is the
only important thing. You may troubleshoot the problem if you believe
it's not an attack, but the data is discarded in any case.

Well, the attacker could simple replace it with any executable of his
choice with no data at all.

No they couldn't.

Beside that, the protection is gone. Even if the user knows that it
has been compromised, the data are compromised no matter what.

Obviously not. None of the data has been compromised at all, you've
spotted the attempt. Which will allow you to take steps to make sure
the data *isn't* compromised.

If no driver is needed, then you don't have a file system.

Duh! That's true no matter what. The part you're confused about is
how that driver is transported and implemented. IOW, everything that
counts. You're straw grabbing irrelevant bull*** trying to salvage
something after making yourself look like a fool with your PGP SDA
"driver" idiocy. It's pathetic.

Wait... assuming that PGP SDA is what I think it is and what we've

It's not. Like I and some others have been trying to tell you all
along, you have absolutely no clue what you're talking about. You don't
even know *what* you're talking about, let alone how it functions.

been talking about (crypto file systems), then you need a driver for
mount this non-standard file system.
But I guess your Scrambled Disc Archiver is just a pretty uncommon
written Self Decrypting Archive which is placed totally out of context
and totally out of security. Thanks for fooling me with mixing
subjects and uncommon terms.

Nobody is mixing anything up on you, you're simply ignorant of the
facts and lack even a basic basic understanding. That's why you're
spouting nonsense and FUD.

.

Loading