[cryptome] Re: TrueCrypt compromised

  • From: tpb-crypto@xxxxxxxxxxx
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Sun, 01 Jun 2014 05:18:06 +0200

Shaun said:

> > and definitely DO NOT use on-line password generators!!!

And so I did post a password generator for those that wish one but wish not use 
an online type. I know it seems stupid, but creating a good password generator 
is something skiddies have a hard time doing, here is one.

> Message du 01/06/14 03:19
> De : "Jeremy Compton" 
> A : "cryptome@xxxxxxxxxxxxx" 
> Copie à : 
> Objet : [cryptome] Re: TrueCrypt compromised
>

> How does your post here relate to this email list ? Is it not unrelated ?
> 
> Jeremy
> 
> > Date: Sun, 1 Jun 2014 00:16:02 +0200
> > From: tpb-crypto@xxxxxxxxxxx
> > To: cryptome@xxxxxxxxxxxxx
> > Subject: [cryptome] Re: TrueCrypt compromised
> > 
> > Add this routine to your /etc/bash.bashrc:
> > 
> > genpasswd() {
> > local l=$1
> > [ "$l" == "" ] && l=128
> > echo 
> > "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011111111111111111111111111111"
> > echo 
> > "00000000011111111112222222222333333333344444444445555555555666666666677777777778888888888999999999900000000001111111111222222222"
> > echo 
> > "12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678"
> > echo 
> > "-------------------------------------------------------------ruler--------------------------------------------------------------"
> > tr -dc 'A-Za-z0-9 ' < /dev/urandom | head -c ${l} | xargs
> > tr -dc 'A-Za-z0-9\!\@\#\$\%\& *<>()[]{}_\-~^:;|,. ' < /dev/urandom | head 
> > -c ${l} | xargs
> > tr -dc 'A-Za-z0-9\!\@\#\$\%\& 
> > ¥¦©®¬¯±µ¶¼½¾¿ÆÐÞßæð÷¤¡×Øøþ¨£¢§ªº°<>()[]{}_\-~^:;|,.¹²³\/* ' < /dev/urandom 
> > | head -c ${l} | xargs
> > echo 
> > "----------------------------------------------------------description-----------------------------------------------------------"
> > echo "first line - web safe - only letters and numbers - 73^${l} possible 
> > combinations."
> > echo "second line - terminal safe - use single quotes in terminal - 98^${l} 
> > possible combinations."
> > echo "third line - generic - displayable signals, use with care - 136^${l} 
> > possible combinations."
> > }
> > 
> > Have fun:
> > 
> > $ genpasswd 32
> > 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011111111111111111111111111111
> > 00000000011111111112222222222333333333344444444445555555555666666666677777777778888888888999999999900000000001111111111222222222
> > 12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678
> > -------------------------------------------------------------ruler--------------------------------------------------------------
> > eTA9C6Bua1v9cjsHa5yxSz23vdwFKZkj
> > G]oL3~>!-LR~[,!2D#^DnH649n MLv2b
> > k0Ty�g~PM3M�$�QaBQp�7R/okHKC_3^w
> > ----------------------------------------------------------description-----------------------------------------------------------
> > first line - web safe - only letters and numbers - 73^32 possible 
> > combinations.
> > second line - terminal safe - use single quotes in terminal - 98^32 
> > possible combinations.
> > third line - generic - displayable signals, use with care - 136^32 possible 
> > combinations.
> > 
> > 
> > I created this code and it is public domain, hack, share, use, change, do 
> > whatever you want, good password generators are those ran locally by 
> > yourself, never online. lol
> > 
> > 
> > > Message du 31/05/14 11:12
> > > De : "Shaun O'Connor" 
> > > A : cryptome@xxxxxxxxxxxxx
> > > Copie à : 
> > > Objet : [cryptome] Re: TrueCrypt compromised
> > >
> > 
> > > and definitely DO NOT use on-line password generators!!!
> > > On 31/05/2014 09:17, Ryan Carboni wrote:
> > > > Airgap encryption.
> > > >
> > > >
> > > > On Fri, May 30, 2014 at 11:13 PM, In Harms Way <11414150173@xxxxxxxxxx
> > > > > wrote:
> > > >
> > > >
> > > > Now serious: Which open-source programme for container-encryption
> > > > of all files and disks the professionals like medical doctors,
> > > > lawyers, priests et. al. still can use to fulfil their legal
> > > > obligation to store patient or client data 100% secure ????
> > > >
> > > > To my understanding PGP encryption with UCE (only user has the
> > > > private key - private key not grabbed by any webmail etc.) for
> > > > e-mails (e.g. via Thunderbird and enigmail) is still not broken
> > > > (if user disabled hibernation on his/her machine to avert
> > > > pass-phrase stealing from the hibernation dump).
> > > >
> > > > But which other truecrypt-like open-source programme still stands
> > > > strong for file/disk-encryption.?
> > > >
> > > > Any suggestions?
> > > >
> > > > Shaun O'Connor wrote, On 30/05/2014 12:06:
> > > >> got to agree on that point and tails 1.0 was only released
> > > >> recently too!!
> > > >> On 30/05/2014 00:14, tpb-crypto@xxxxxxxxxxx
> > > >> wrote:
> > > >>>> Message du 29/05/14 19:49
> > > >>>> De : "Jean-Philippe Décarie-Mathieu" 
> > > >>>>
> > > >>>> Oh, I'm nowhere near giving up. I'm aware of the alternatives; it's 
> > > >>>> just
> > > >>>> that this whole TC story is obscure as hell. Still no words from the
> > > >>>> developer(s)... It's gotta suck for Tails and other projects that 
> > > >>>> have
> > > >>>> integrated TC also.
> > > >>>>
> > > >>> Other projects will not be affected. That's the nature of open 
> > > >>> source, you close a door, a window opens.
> > > >>>
> > > >>> Those interested will keep truecrypt alive, it just takes interest.
> > > >>>
> > > >>> .
> > > >>>
> > > >>
> > > >> -- 
> > > >> https://www.resetthenet.org/ *On June 5 2014, this email addrfess
> > > >> will NOT be accepting any mails....are you in?*
> > > >
> > > >
> > > > -- 
> > > > We have nothing to hide, but something to protect: 
> > > > LIBERTY, PRIVACY & FREEDOM
> > > > - and the people, whose human rights these are.
> > > >
> > > >
> > > 
> > > -- 
> > > https://www.resetthenet.org/ *On June 5 2014, this email addrfess will
> > > NOT be accepting any mails....are you in?*
> > >
> > 
>

Other related posts: