Dear John Young & Colleagues, Anyone know why I keep getting error 403 when I visit the cryptome website? ATB Douglas Rankine. On 09/06/14 20:51, Jarrod B wrote:
So is this why I'm getting a 403 message when i go to cryptome .org?On Mon, Jun 9, 2014 at 1:39 PM, Neal Lamb <nl1816a@xxxxxxxxxxxxx <mailto:nl1816a@xxxxxxxxxxxxx>> wrote:http://ecowatch.com/2014/06/06/china-coal-cap-strand-assets/ On Monday, June 9, 2014 11:55 AM, Aftermath <aftermath.thegreat@xxxxxxxxx <mailto:aftermath.thegreat@xxxxxxxxx>> wrote: Some one just pointed this out too me: https://veracrypt.codeplex.com/ from the website: *Project Description* VeraCrypt is a free disk encryption software brought to you by *IDRIX *(http://www.idrix.fr <http://www.idrix.fr/>) and that is based on TrueCrypt, freely available at http://www.truecrypt.org/. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. For example, when the system partition is encrypted, TrueCrypt uses PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use 327661. And for standard containers and other partitions, TrueCrypt uses at most 2000 iterations but VeraCrypt uses 655331 for RIPEMD160 and 500000 iterations for SHA-2 and Whirlpool. This enhanced security adds some delay only to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much more harder for an attacker to gain access to the encrypted data. *VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format.* *VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format. * *VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format.* (repetition is mine to highlight the fact that you cannot open truecrypt volumes with veracrypt) -Afterm4th On Tue, Jun 3, 2014 at 9:50 AM, <tpb-crypto@xxxxxxxxxxx <mailto:tpb-crypto@xxxxxxxxxxx>> wrote: > Message du 03/06/14 10:51 > De : "Shaun O'Connor" > > I take your point about the encryption dilemma(did I spell that > correctly). I think the Jury is out on that particular issue though... > > Personally I think we are in a perpetual game of cat and mouse with > those who make it their business to know everything about everyone.. > The rewards for the spies are too great for this game to end one day. The game will continue, but because of these disclosures by half-2015, the spies will have to start all over again, at least against people who are aware and actively protect their systems. Because those that got legacy systems will be forever under the treat. Considering our increasing life expectancy and the fact that we are using Cobol and Fortran codes made 40 years ago in many financial and scientific institutions, we can count many exploits discovered in the last decade to be still exploitable in 100 years. Because those systems won't go away. An example of why this is possible, is how many webservers (not merely firmware routers hard to re-flash) you will find that are still vulnerable to heartbleed. The rate of correction seems to be asymptotic, thus always leaving some uncorrected systems till the end of their usable lives. Put that in an automated system like spy agencies have, and you have interesting data streams forever to exploit. The only solution to stop them is to uncover their taps and block them, those are much smaller in number and easier to tackle than millions of machines.