| HN Mirror

I never said you were telling the world anything.

I'm asking you a question to clarify your stance.

And yes, there is value in noting the difference between block-level and full-disk encryption, mostly because they're different.

Interesting. How?

Size, software used. The crypto might be the same, but this isn't just about the crypto itself.

kngspook 4145 days ago

If you're talking about a security product -- which TrueCrypt is -- the first metric you have to concern yourself with is: does it keep you secure? The user experience and the adoption and the performance and all that other fun stuff is irrelevant if the product doesn't do the one thing that every user unequivocally requires of it.

So yes, it's not just about the crypto...when the crypto works. But when the crypto is insecure, which is what tptacek is saying, then yes, it is ONLY about the crypto.

NB: I'm plenty qualified on UX and general technical matters, but on whether crypto is secure, I defer to the experts.

http://blog.cryptographyengineering.com/2015/02/another-upda...

No one knows about they cryptographic integrity of TrueCrypt, as the person/persons actually doing the work only got their act together today.

My only point has been that Thomas, et. al. have been telling us we don't want something like TrueCrypt, despite the fact that we very clearly do. His suggestion of "just use PGP and FS level encryption" is absurd, but NOT from a crypto standpoint (I, like you, defer to Thomas and the other experts on the integrity of the crypto itself). It is, however, absurd from a UX/workflow standpoint.

Horseshit. Round 1 and Round 2 of the audit share technical members. The guy leading the actual crypto review work has been looking at Truecrypt for more than a year. And Matthew Green, who coordinates the whole audit project, just wrote that he and his students have been reviewing Truecrypt's crypto for months.

They did not "only get their act together today". They've thought about Truecrypt far more rigorously than you have, and for far, far longer.

You've been almost completely unable to explain in technical terms what "UX" you want from sector-level crypto that you couldn't get from filesystem crypto. When pressed, you in effect say "yeah, well, name a tool that does that".

The fact that your only options today are [insecure, easy] and [secure, difficult] does not mean that there is no [secure, easy] option possible. But militating in favor of insecure crypto goes a long way towards hiding that possibility from everyone.

This isn't a pedantic point. Ross Ulbricht just got reamed in federal court because a simple physical arrest compromised virtually every secret he had. Why? Because he was relying on sector-level all-or-nothing crypto. By encouraging people to rely on tools like Truecrypt, you are, in a very small but real way, endangering them.

I changed my comment somewhat, because you're being very squirmy, as per usual.

Do you think something like TrueCrypt shouldn't exist?

I'm not being "squirmy". You're playing a semantic game with the word "disk". The technical issue with FDE is that it works at the level of blocks, and so lacks information about message boundaries or the storage flexibility needed to (a) randomize the encryption and (b) store authenticators. Encrypt a physical disk, encrypt a file that pretends to be a mountable volume, same issues.

I get that not everyone understands the technical issues in designing storage encryption, but don't take that out on me.

Yours is a hilariously catty response to a fairly benign question.

Says the person who wrote "Are you really trying to suggest the world shouldn't have a tool like TrueCrypt out there?"

Yes, that is literally the sentence I wrote, and a sentence you never responded to.