[liberationtech] TrueCrypt Alternatives?
carlo von lynX
lynX at time.to.get.psyced.org
Thu May 29 03:15:04 PDT 2014
On Thu, May 29, 2014 at 09:10:08AM +0100, Security First wrote:
> While the jury is still out on how this TrueCrypt issue plays out.
Hmmm..
> What are the best alternatives to TrueCrypt for the people we work
> with and train?
http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software
dm-crypt/LUKS and freeOTFE do provide an alternative,
but not exactly as easy to use.
That page is missing an upcoming relevant player there..
Dyne's Tomb: http://www.dyne.org/software/tomb/
But for now it can only be used from command line.
As jaromil suggests, there is no true cryptographic safety on
Windows machines, so you might as well stop trying to do that
on such a computer.
Still, I don't get these periodic DoT*-attacks against Truecrypt.
Last year there was this rumour going around about Truecrypt not
having been properly audited, and then the code that turned out
not having been audited for years was openssl.
Now there is again fear of backdoors in downloadables from some
well-intended website. But who thinks *he can download binaries
via the web and expect them to be free of backdoors?
The whole approach is broken. The web is not trustworthy. You
need someone to get the source codes, look over it, make sure
it is the correct one, generate binaries and distribute them
over safe channels.
I have been using truecrypt built from sources for a decade now,
the only trouble it gives me is performance when dealing with
legacy file systems such as NTFS.
Please get your paranoia properly structured and oriented to the
things that are well worth being paranoid about.
*) denial of trust
--
http://youbroketheinternet.org
ircs://psyced.org/youbroketheinternet
More information about the liberationtech
mailing list