<div>I go for TrueCrypt. The reasons are many: <br></div><div><br></div><div>-I don't currently own or use a Mac, so no filevault anyway</div><div>-FileVault has (or had a few years ago) a fairly easy-to-crack system, as shown in a 23c3 talk by Raif Weinmann & Jake Appelbaum: <a href="http://crypto.nsa.org/vilefault/23C3-VileFault.pdf">http://crypto.nsa.org/vilefault/23C3-VileFault.pdf</a> </div>
<div>-TrueCrypt has multiple layers as an option, so you can effectively encrypt something three times and have three levels of passwords that must be cracked before getting your data.</div><div>-TrueCrypt also has the option to sort-of ninja encrypt something, where you can reveal Password A and it will just appear to be empty space. Meanwhile, your data is still safe and hidden. Good for torture-based threat models, but not useful for me personally.</div>
<div><br></div><div>Of course, the elephant in the room is that both could be fool-proof, but setting a crappy password is what will probably take you down in the end. </div><div><br></div><div>Curious to hear other thoughts on this subject!</div>
<div><br></div><div>~Griffin</div><div><br></div><br><div class="gmail_quote">On Sat, Feb 12, 2011 at 2:44 AM, Sai <span dir="ltr"><<a href="mailto:sai@saizai.com">sai@saizai.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Assume whatever attack profile you want. Are they equal or is one better?<div><div><br></div><font color="#888888"><div>- Sai</div></font></div>
<br>_______________________________________________<br>
Noisebridge-discuss mailing list<br>
<a href="mailto:Noisebridge-discuss@lists.noisebridge.net">Noisebridge-discuss@lists.noisebridge.net</a><br>
<a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Be the change you want to see in the world.<br>
~Mahatma Gandhi<br>