[Noisebridge-discuss] Which can I trust more: TrueCrypt or OSX FileVault?
Griffin Boyce
griffinboyce at gmail.com
Sat Feb 12 08:01:31 UTC 2011
I go for TrueCrypt. The reasons are many:
-I don't currently own or use a Mac, so no filevault anyway
-FileVault has (or had a few years ago) a fairly easy-to-crack system, as
shown in a 23c3 talk by Raif Weinmann & Jake Appelbaum:
http://crypto.nsa.org/vilefault/23C3-VileFault.pdf
-TrueCrypt has multiple layers as an option, so you can effectively encrypt
something three times and have three levels of passwords that must be
cracked before getting your data.
-TrueCrypt also has the option to sort-of ninja encrypt something, where you
can reveal Password A and it will just appear to be empty space. Meanwhile,
your data is still safe and hidden. Good for torture-based threat models,
but not useful for me personally.
Of course, the elephant in the room is that both could be fool-proof, but
setting a crappy password is what will probably take you down in the end.
Curious to hear other thoughts on this subject!
~Griffin
On Sat, Feb 12, 2011 at 2:44 AM, Sai <sai at saizai.com> wrote:
> Assume whatever attack profile you want. Are they equal or is one better?
>
> - Sai
>
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
>
--
Be the change you want to see in the world.
~Mahatma Gandhi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20110212/c23c3fe8/attachment-0003.html>
More information about the Noisebridge-discuss
mailing list