[diminoten]

You're rambling.

TrueCrypt lets you create fixed sized encrypted volumes, and allows you to decrypt those volumes on any of the three major OS platforms.

There's nothing special about TrueCrypt in how it performs the encryption/decryption (or so we're told), but no tool besides TrueCrypt allows such a flexible approach.

And it's you who refuses to accept that [secure,easy] can exist, because it'd make you irrelevant. It's a completely silly stance to take, but it's yours.

But hey, at least I've wrung your opinion on TrueCrypt out of you:

> By encouraging people to rely on tools like Truecrypt, you are, in a very small but real way, endangering them.

For posterity, in case you edit it away.

Which leads me to the question: Why are you even involved in the TrueCrypt audit, if you think it's a bad idea to use such tools?

P.S. Ulbricht was caught because the FBI owned TOR, and that's about it. Maybe your indignation towards TrueCrypt should consider Snowden's use of TrueCrypt to evade the combined allied world's intelligence community.

[tptacek]

Would you like to put money on whether my opinion about Truecrypt is identical to Matthew Green's and Kenn White's, or would you like to include them in your critique?

It's amusing that you feel you've "wrung out" of me something one of the few things I've recently blogged at length about.

[diminoten]

Then why are any of you three working on it if you all think it's dangerous to promote its use?

You've blogged, "Don't use TrueCrypt"?

[tptacek]

I've already answered that question, directly, on this thread.

And no, I blogged "don't use sector-level crypto". In a post literally titled "You Don't Want XTS". Under the subhed "Disks Are The Last Thing You Want To Encrypt". As in, "the last thing in the world".

[diminoten]

The first sentence of your own article says:

> This piece is written for software designers, not end-users. If you’re an end-user looking for crypto advice: use Truecrypt, use Filevault, use dm-crypt

[tptacek]

This is apparently where you stopped reading.

[diminoten]

It's a great write-up, I read the whole thing. You clearly understand the domain well.

I really just don't get why you'd, in one breath, decry XTS, and then in that same breath, recommend people use TrueCrypt, which is, as you call it, "the best-known implementation of XTS".

Maybe just lead me to the water on this one. It's really the only thing left unresolved in our conversation.

[diminoten]

No you haven't.

[tptacek]

Troll.

https://www.dropbox.com/s/8qbtybjnxwfu7i0/Screenshot%202015-...

[diminoten]

You also completely changed the comment I originally replied to. I much prefer your new comment, though my fundamental issue with the fact that you're working on the audit of software you think is dangerous to promote remains.

[diminoten]

The "No you haven't" was in regard to the fact that you haven't answered why you're involved in TrueCrypt at all, if you don't think it should be used.

[diminoten]

Please stop calling me names.