[kwlug-disc] Truecrypt

Bob Jonkman bjonkman at sobac.com
Fri May 30 15:34:00 EDT 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

unsolicited writes:
> audits have been and are being performed. And nothing found thus 
> far. And expectations thus far are that nothing will be found.

That is one of the wrongest and most dangerous security fallacies I
have ever seen.

- --Bob.



On 14-05-30 03:23 PM, unsolicited wrote:
> But as the articles say ... audits have been and are being 
> performed. And nothing found thus far. And expectations thus far 
> are that nothing will be found.
> 
> So unsupported only means ... for what it does, the problem is 
> solved. If it ain't broke, and nothing says it's broke, it don't 
> need fixing. (Enhancements are a different beastie.)
> 
> The eyes are on it. Your analogy does not apply.
> 
> The source is there.
> 
> No reason not to use it unless and until something proves 
> otherwise, and even then there's nothing to say what you have will 
> be inaccessible. You may not want to use it in the wild, based upon
> information discovered at that time, but we're not there yet, and
> may never be.
> 
> Your premise is as bad as the announcement ... there may be bugs in
> it ... - it does not say there are bugs in it.
> 
> Neither can prove a negative.
> 
> 
> On 14-05-30 02:51 PM, Darcy Casselman wrote:
>> 
>> On Fri, May 30, 2014 at 1:33 PM, unsolicited
>> <unsolicited at swiz.ca <mailto:unsolicited at swiz.ca>> wrote:
>> 
>>> But yeah, it's probably time to look for alternatives.
>> 
>> Why?
>> 
>> 
>> 
>> Because unsupported security software is bad security software. 
>> Because while many eyes make for shallow bugs, no eyes make for 
>> huge, gaping chasms from which nothing escapes.
>> 
>> Mind you, if someone sensible comes along and forks the code, 
>> disregarding the license, I'll probably go back to using it. Like
>> Paul says, there's no real alternative on Windows and certainly
>> nothing that's cross-platform.
>> 
>> Darcy.
>> 
>> 
>> _______________________________________________ kwlug-disc 
>> mailing list kwlug-disc at kwlug.org 
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>> 
> 
> 
> _______________________________________________ kwlug-disc mailing
>  list kwlug-disc at kwlug.org 
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Ensure confidentiality, authenticity, non-repudiability

iEYEARECAAYFAlOI3SYACgkQuRKJsNLM5eoX7wCfVN6kI9WUF0Q5ikZ2FhlF40KY
gF0AoOUW4ONMjzy19wQ6kZqKgkUFWOa+
=mnnN
-----END PGP SIGNATURE-----





More information about the kwlug-disc mailing list