[tptacek]

You write as if the whole thread isn't there for people to see, and as if I had somehow responded to something you said rather than it being the other way around. You literally started this unproductive subthread by responding to the comment where I addressed the need for cross-platform things that work like Truecrypt does, and you've tried to built an argument by stipulating that security doesn't matter. Sorry, security is all that matters here.

[diminoten]

http://www.markus-gattol.name/ws/dm-crypt_luks.html

"The term "full-disk/on-disk encryption" is often used to signify that everything on a disk is encrypted, including the programs that can encrypt bootable operating system partitions."

Are you going to tell Markus Gattol he's wrong? No? Good, let's move on.

What matters here is the security, and the adoption rate of TrueCrypt is/was through the roof, because of how it allowed folks to move encrypted volumes across various platforms without much hassle.

What you wrote seems to intimate there's no actual need or value in moving encrypted volumes across platforms, and that if folks actually want to do that they should just encrypt individually and at a FS level and do so using PGP, which has existed for years, and whose adoption rate and ease-of-use are both, compared to TrueCrypt, through the floor.

The fact is, people want to move encrypted volumes across platforms. It's not more secure than anything else, but it presents a workflow that might actually be more secure, due simply to it's ease of implementation.

You're right, security is all that matters here, and folks aren't going to be secure if it remains impossibly difficult to be secure.

[tptacek]

The reference you just provided, with your "are you going to tell Markus Gattol he's wrong" quip, starts out as follows:

Block-layer encryption, also known as "whole disk encryption", "on-disk encryption" or "full-disk encryption"

I think you're just trolling. Sorry, I didn't even finish reading your comment.

Amusingly (edit: given how you cited it), there is in fact cryptographic stuff wrong in that article.

[diminoten]

> Amusingly, there is in fact cryptographic stuff wrong in that article.

Oh yeah? That it wasn't personally endorsed by you?

[SamReidHughes]

(IMO) In that what it says about what specific things do does not correspond with objective reality. (As a product of the enlightenment I believe that such a concept exists and that correspondence with such is what makes something "wrong" or "right." ;-) If you want to know why, just look at what the article says, then observe objective reality, and see how they differ. The "Salt, Stretching" section is one place to look, it's the only one I really bothered reading.

[tptacek]

Minimum viable non-snarky answer is: read what Rogaway says about the block-level crypto modes here:

http://web.cs.ucdavis.edu/~rogaway/papers/modes.pdf

You'll know the part I'm referring to because it reads practically as a response to a chunk of Gattol's page; it's a problem shared by the Wikipedia coverage on full-disk encryption.

Being cagey about it (i) motivates you to actually read the paper and (ii) avoids what would inevitably be an extremely unproductive debate.

(This is a fantastic survey, by the way; if you're interested in crypto, bookmark it forever.)

My amusement about Gattol's page has nothing to do with Gattol; it's just the way his page got used in this thread by someone else, as a sort of rhetorical "fatality" move. I'm confident Gattol is much smarter than I am. I say that because Dimino also tried to take this thread to Gattol on Twitter, too. :)

[diminoten]

I figured if someone were besmirching my good work, I'd want to know about it, is all. I don't think one should be able to call someone wrong without giving them a chance to disagree.

Furthermore, this is devolving into a schoolyard, "I know but I'm not telling" situation. To put it another way, I don't think there is any significant error in the Gattol's page, nor is there any significant error on the wikipedia page on full-disk encryption.

I'm very glad to be shown to be incorrect on this point, but I doubt I would be, at least by you.

I'm interested in this area, both professionally and as a genuine curiosity, but every time I run into you it's a negative experience. I'd like that to stop happening.

[diminoten]

That's a mighty fancy of saying, "it's wrong" without pointing out examples.

But hey, I'm not ultimately the guy who wrote the article. I've poked both the author and Thomas on twitter -- maybe Thomas can help the author correct any inaccuracies. You, too, could help I'd imagine, if you would be more specific about the issues. I'm guessing the author wouldn't want his article to remain inaccurate if folks could point out the specific issues.

[diminoten]

It's like I'm talking to a child when I talk to you. I wouldn't bother if you didn't constantly pop up to derail conversations about crypto with your "crypto should stay hard" attitude. I suspect you want crypto to remain impossible to get right just so you can continue to stay relevant.

The rest of my comment frankly wasn't for you, it's for the folks reading what you write and blindly accepting it. At least now they can see how petulant you can be when facing differing points of view.

[YuriNiyazov]

Up until this comment, I thought you might have a point against tptacek, but now it's clear you are trolling. Or at least, not operating under the "give your opponent a charitable interpretation" rule of HN.

[diminoten]

I admit I tilted. It's just frustrating every time I talk to him or see him talk to others about anything that's even remotely contradictory to what he's said, it always devolves into something as inane as what happened here.

I shouldn't have tilted. :(