Re: TrueCrypt 4.0 Out
From: Sebastian Gottschalk (seppi_at_seppig.de)
Date: Thu, 3 Nov 2005 08:53:28 +0100
> clark wrote:
>> On Wed, 02 Nov 2005 16:38:23 -0800, traveler <firstname.lastname@example.org>
>>>On Wed, 2 Nov 2005 12:05:47 -0500, Ari Silversteinn
>>>As someone who knows very little about disk encryption, I'm
>>>just wondering how good can a program like this can be? The last
>>>release was just over half a meg in size, can they build a truly
>>>dependable and secure program at that size?
>> Yes they can.
>> They just have a different paradigm for writing software than most of
>> the bloatware you are used to seeing.
> Which is odd because portable crypto libraries exist. There is no
> reason why they couldn't just link against them instead of munging
> crypto routines from a dozen authors.
It's their policy: Only accept code we have written ourselves.
> If they were serious about security they would worry less about the
> number of passes with different ciphers they utilize and more about the
> quality of the code that implements their system.
So far, TwoFish is broken. If being used in a cascade, it's still secure.
-- Dieser Schrieb stellt eine private Meinungsäußerung des Verfassers im Sinne der gesetzlich garantierten Meinungsfreiheit dar. Wem das nicht passt, der wende sich an das Bundesverfassungsgericht. Viel Erfolg! Key: 0xA0E28D18 FP: 83AE 1136 1E2B 9767 8FB2 7594 4128 1A9E A0E2 8D18