|
|
|
|
|
|
by tptacek
4481 days ago
|
|
|
That seems to be the case, but I couldn't find any rigorous documentation on the crypto EncFS uses, so I imagine even this level of review required code review (that's also the only way you get a finding like the timing-leaking MAC validator, though I dispute that finding's "Medium" severity and think it's sev:lo). |
|
|