Hacker News new | ask | show | jobs
by tptacek 4145 days ago
Horseshit. Round 1 and Round 2 of the audit share technical members. The guy leading the actual crypto review work has been looking at Truecrypt for more than a year. And Matthew Green, who coordinates the whole audit project, just wrote that he and his students have been reviewing Truecrypt's crypto for months.

They did not "only get their act together today". They've thought about Truecrypt far more rigorously than you have, and for far, far longer.

You've been almost completely unable to explain in technical terms what "UX" you want from sector-level crypto that you couldn't get from filesystem crypto. When pressed, you in effect say "yeah, well, name a tool that does that".

The fact that your only options today are [insecure, easy] and [secure, difficult] does not mean that there is no [secure, easy] option possible. But militating in favor of insecure crypto goes a long way towards hiding that possibility from everyone.

This isn't a pedantic point. Ross Ulbricht just got reamed in federal court because a simple physical arrest compromised virtually every secret he had. Why? Because he was relying on sector-level all-or-nothing crypto. By encouraging people to rely on tools like Truecrypt, you are, in a very small but real way, endangering them.
3 comments
diminoten 4145 days ago
Today was the day Matthew Green released an update on his blog.

I was just reading it, and that's exclusively I was referring to. I look forward to the results and am grateful of the time they're spending. I hope they find nothing.

Not sure why you made this about me personally.

link
DanBC 4145 days ago
> Not sure why you made this about me personally.

Your comments in this thread come off as ridiculously aggressive. I'm not sure if you're aware of that.

link
diminoten 4145 days ago
There is admittedly a level of aggression I feel when talking to Thomas, as I find his conversational tone off-putting and generally elitist.

I thought I did a better job of dealing with that for the most part, however. Maybe not.

link
tptacek 4145 days ago
This is what you actually wrote:

https://www.dropbox.com/s/hy5wj0t1t84hlk4/Screenshot%202015-...

I stand by what I just wrote.

link
diminoten 4145 days ago
That's still up there in my comment you replied to, you realize that right?
link
lawnchair_larry 4145 days ago
This isn't a pedantic point. Ross Ulbricht just got reamed in federal court because a simple physical arrest compromised virtually every secret he had. Why? Because he was relying on sector-level all-or-nothing crypto.

That is not accurate.

link
tptacek 4144 days ago
... because...
link
geographomics 4144 days ago
There was a bit more to it than just that. He could have used block-level encryption relatively safely if he'd made a series or hierarchy of Truecrypt containers and mounted them only when needed, rather than putting everything on just the one block device.

More importantly, his physical security was lacking, as he hadn't properly considered the threat model. If he'd been working in a secured area (like a locked room) where open laptop snatching was infeasible, that would have given him enough warning to close the lid, and maybe pop the battery out. Albeit still vulnerable to a cold boot attack, if law enforcement have such capacity.

link
diminoten 4145 days ago
You're rambling.

TrueCrypt lets you create fixed sized encrypted volumes, and allows you to decrypt those volumes on any of the three major OS platforms.

There's nothing special about TrueCrypt in how it performs the encryption/decryption (or so we're told), but no tool besides TrueCrypt allows such a flexible approach.

And it's you who refuses to accept that [secure,easy] can exist, because it'd make you irrelevant. It's a completely silly stance to take, but it's yours.

But hey, at least I've wrung your opinion on TrueCrypt out of you:

> By encouraging people to rely on tools like Truecrypt, you are, in a very small but real way, endangering them.

For posterity, in case you edit it away.

Which leads me to the question: Why are you even involved in the TrueCrypt audit, if you think it's a bad idea to use such tools?

P.S. Ulbricht was caught because the FBI owned TOR, and that's about it. Maybe your indignation towards TrueCrypt should consider Snowden's use of TrueCrypt to evade the combined allied world's intelligence community.

link
tptacek 4145 days ago
Would you like to put money on whether my opinion about Truecrypt is identical to Matthew Green's and Kenn White's, or would you like to include them in your critique?

It's amusing that you feel you've "wrung out" of me something one of the few things I've recently blogged at length about.

link
diminoten 4145 days ago
Then why are any of you three working on it if you all think it's dangerous to promote its use?

You've blogged, "Don't use TrueCrypt"?

link
tptacek 4145 days ago
I've already answered that question, directly, on this thread.

And no, I blogged "don't use sector-level crypto". In a post literally titled "You Don't Want XTS". Under the subhed "Disks Are The Last Thing You Want To Encrypt". As in, "the last thing in the world".

link
diminoten 4145 days ago
The first sentence of your own article says:

> This piece is written for software designers, not end-users. If you’re an end-user looking for crypto advice: use Truecrypt, use Filevault, use dm-crypt

link
tptacek 4145 days ago
This is apparently where you stopped reading.
link
diminoten 4145 days ago
No you haven't.
link
tptacek 4145 days ago
Troll.

https://www.dropbox.com/s/8qbtybjnxwfu7i0/Screenshot%202015-...

link