>>46815580 >fuck Truecrypt. It's deprecated No, far from it. It might still be the best tool out there. https://www.grc.com/misc/truecrypt/truecrypt.htm Fun fact Phase II of the public audi (cryptanalysis) is ongoing. So yeah where is your alternative? >inb4 LUKS+dmcrypt+... haha, NO.
>>46815370 Encrypted 7z archives. Make sure you scramble and delete the original files after adding them to the archive. Alternatively write your own script to do the same. It's what I'm working on right now.
>>46815648 >That's the idea shitstain. If it wasn't encrypted they'd just read the data straight up. The backdoored firmware doesn't magically beat encryption. Well it pretty much does since it can steal your key or replace it and act like it's all good.
>>46815690 Do you have a phd in cryptography? Otherwise i'm seriously hoping you are joking and no one should ever use anything you write (certainly not yourself). Don't kid yourself. Crypto is fucking hard leave it to the experts. Really...
>>46815721 >none truecrypt's crypto has been audited, by the way Code has been analyzed and no serious flaws were found. That's already more than any other competitor. Give me an alternative that has? >protip:you can't Truecrypt truely is the best we currently have. Denying otherwise is silly. It's been around for so long, NSA was mad about it (see Snowden revelations). Most likely story I heared is that the original dev stopped because he didn't want to cooperate with some gov and covered his ass legally with the (obviously ironic) notice on his website.
>>46815772 >tarball file/directory, use openssl to encrypt, scramble the file by overwriting with random data, then delete the file. Cute, where you get your randoms from? How long is your key? Where do you store your key?
>>46815713 Right but is there a chance that someone could steal just the HDD without the computer?
This is more for businesses that give remote users laptops. If they think they're about to be fired and start tampering with the computer, then there's nothing they could do if they tried to separate the drive from the PC without also destroying the contents on it.
>>46815852 that's still physically on your device. >rent anonymous private server via some shady bitcoin transfer >upload your encrypted stuff >wipe it all from your drive >whenever you need access dl it, wipe, repeat
Have two anons each enter half the password using some sort of remote software.
You will never know what it is.
If you need access you just send put some sort of bat signal. The signal should also have some sort of rotation and any occurence of the wrong signal means "never ever enter the password again anywhere" because things have been compromised.
>>46815953 >Mersenne Twister algo in python's random library Pahahahahhahahahahahahahah. Oh boy. This is the kind of thing i was hoping for. You already lost here. >However long I want it. Clearly not long enough if you don't even dare answering it. Again, how many bits of entropy? >My head. Well I am too storing it in my head. But cryptographers all around the world insist on using multiple factors. Because the human brain is terrible at remembering a random key that's sufficiently large enough to use as long term storage key.
>>46816030 >>However long I want it. >Clearly not long enough if you don't even dare answering it. Again, how many bits of entropy? if he was to answer the length of his password, it would be alot easier to bruteforce the password if the attackers know how long it is, its a lot less combinations to try thats why one should never ever mention any details about their passwords
>>46816030 >You already lost here. It's used to WRITE OVER THE FILE, it literally does not matter what algo is used, I could use arcfour and it would not matter it there to SHRED. Fucktard. >Again, how many bits of entropy? Really? I have several keys memorized that are pretty random at 14, 16, and 13 characters long I'm 100% sure I can memorize another of similar length. They are sufficient if you look at the pic I posted in the previous post. > But cryptographers all around the world insist on using multiple factors. Unnecessary. And depending upon what the other factors come are, possible points of failure.
>>46815554 It has more to do with what these people inside the goverment could do with the data. Collecting and modifing this shit cake sauce. Just remember there are people with these type of power who are austic and fagfaces just like /g/.
No full disk encryption is secure. https://www.youtube.com/watch?v=JDaicPIgn9U Also, they got the pirate roberts even using full disk encryption because they just arrested him just after he unlocked the drive.
>>46816030 >Clearly not long enough if you don't even dare answering it. Again, how many bits of entropy? >Because the human brain is terrible at remembering a random key that's sufficiently large enough to use as long term storage key The most secure password I have memorized is the entire song of Solomon. it's 1624 characters long, or 275 words long, and entirely memorized even with a dictionary attack, that would take an obscenely long amount of time to crack.
>>46817634 a few things are wrong with what you're saying. First thing is that an attacker wouldn't know that I'm not using numbers or symbols. Secondly, chapters from books generally include periods, semicolons, and other punctuation. Third thing is that a chapter from a book is generally 1000 characters in length at minimum. That is a ridiculous number of bits of entropy and several orders of magnitude above a 60 character password with all the symbols you could think of. Fourth thing is that a chapter from a book, or a scene from a play is trivial to memorize, and a random character combination of similar length is hard to memorize. Fifth thing is this http://xkcd.com/936/
>>46817634 >Step:1 download every book and play in the world (a few GB tops) >Step2: ??? >Step3: AYY LMAO Also using parts of chapters or even just chapters would make this sort of attack impossible to pull off the library of congress has 200tb of books alone.
The only thing that separates them is a phone call. This was actually one of the stated goals of the Patriot Act. The 9/11 Commission believed all the pieces of the puzzle were there but different agents didn't talk enough to put them together.
>>46817908 It's getting very speculative now but i'd think there is a difference between how they handle a drug dealer and a terrorist group, as in maybe NSA didn't want to risk exposing the firmware exploits for a drug dealer
>NSA didn't want to risk exposing the firmware exploits for a drug dealer
Herein lies the beauty of parallel construction. They don't have to reveal anything. They simply send a note the DEA saying "xyz is doing this" and the DEA builds a bogus backstory as to how they got the information. This is how they got Ulbright. Apparently the "FBI" typed in "miscellaneous" characters into the Silk Road's captcha and suddenly the server's IP address was magically revealed.
>>46816183 >It's used to WRITE OVER THE FILE, it literally does not matter what algo is used, I could use arcfour and it would not matter it there to SHRED. Fucktard. You would surprised what forensics can do. >Really? I have several keys memorized that are pretty random at 14, 16, and 13 characters long I'm 100% sure I can memorize another of similar length. They are sufficient if you look at the pic I posted in the previous post. Pws with 16 chars have been cracked. It's all about the entropy and again humas have tendencies to stick with typical patterns etc which increases the chances of "smart" bruteforcing. >Unnecessary. And depending upon what the other factors come are, possible points of failure. Well never put your eggs in one basket. That's all I'm saying. A physical limitation (something you have) is always a major improvement in combination with a strong password. Sure they can fail. But you often have backup options too so that's nice.
>>46817317 That's all good and well. But attackers usually try to get to know their target. So if he knows you like Solomon he might as well try a dictionary attack with it's songs. What I said is human are bad at remembering RANDOM things. HIGH entropy, truly without a system or something you can easily link too it. That is a very valid statement. Look it up if you don't believe me. There is a reason why people that know hundreds of pi digits use advanced mnemonics to be able to remember them (there are some freaks that don't even need those but that are exceptions not the rule). Evolutionary speaking you don't have any benefit in remembering random stuff. Even the opposite is true because we clearly became superior because we were able to remember structured, logical and symbolic stuff better.
>>46818276 I'm not even a christian, I just have sections of the bible memorized because I've read it so many times, same with a few scenes, or even acts Shakespeare's plays and some chapters from my favorite books. You wouldn't guess from knowing me that I have entire books of the bible memorized well enough to use them as a password.
Why do you imbeciles believe they'd put a backdoor ONLY in bitlocker and leave the rest of the multi giga byte OS alone? If Microsoft really did NSAs bidding, they could just as well lift your truecrypt/veracrypt/whateverthefuckcrypt keys right out of ram if they wanted to.
If you don't trust Microsoft, you can't use windows. There is no middle ground.
>>46815334 The Chinese didn't find any backdoors.Well unless you count the "why not backup your encryption keys to onedrive?". I get why MS offers that though. Think of all the retarded people encrypting their hard drives and then forget the password.
I feel about as safe using bitlocker as I ever did using truecrypt. I'd run a fully encrypted FreeBSD setup with jails if I had extremely sensitive data I'd want to protect.
>>46815947 I work crypto (operator level, more how to use it/basics than making it/complex shit.) for the government and this is pretty much how you should do it. We call it two person integrity. No person can ever know both keys, not even the head honcho, not even the guy responsible for the SCI. We rotate keys/combos/passwords constantly.
Honestly though, use multiple encryption(encrypt encrypted data.) We use this to transmit new keys. Encrypt it with a "KEK" key encryption key, then send it on its way.
Two things that are helpful: have one encrypted volume with embarrassing but legal content, then have another hidden volume that cannot be proved to be there with whatever you're trying to hide. I think trucrypt lets you do this (no idea if it's still secure.)
Also the less intelligent the person trying to crack you thinks you are the better. Hide all searches/research involving cryptography, hide your keys in multiple places or practice TPI. Possibly use keyboard patterns, then have your written key something to help you remember them. qazsedcftgbhujmkol.;[' is an example of a pattern of pressing keys on a keyboard that is resistant to brute force. Just add a password you can remember at the end so they can't get it by running common keyboard-pattern(forgot the name) passwords. Using two methods always helps add to the entropy. pattern + words/characters = gg.
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from them. If you need IP information for a Poster - you need to contact them. This website shows only archived content.
If a post contains personal/copyrighted/illegal content you can contact me at firstname.lastname@example.org with that post and thread number and it will be removed as soon as possible.