So is this why I'm getting a 403 message when i go to cryptome .org? On Mon, Jun 9, 2014 at 1:39 PM, Neal Lamb <nl1816a@xxxxxxxxxxxxx> wrote: > http://ecowatch.com/2014/06/06/china-coal-cap-strand-assets/ > > > On Monday, June 9, 2014 11:55 AM, Aftermath < > aftermath.thegreat@xxxxxxxxx> wrote: > > > Some one just pointed this out too me: > > https://veracrypt.codeplex.com/ > > > > > from the website: > > *Project Description* > VeraCrypt is a free disk encryption software brought to you by *IDRIX *( > http://www.idrix.fr) and that is based on TrueCrypt, freely available at > http://www.truecrypt.org/. > It adds enhanced security to the algorithms used for system and partitions > encryption making it immune to new developments in brute-force attacks. > > For example, when the system partition is encrypted, TrueCrypt uses > PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use 327661. > And for standard containers and other partitions, TrueCrypt uses at most > 2000 iterations but VeraCrypt uses 655331 for RIPEMD160 and 500000 iterations > for SHA-2 and Whirlpool. > > This enhanced security adds some delay only to the opening of encrypted > partitions without any performance impact to the application use phase. > This is acceptable to the legitimate owner but it makes it much more harder > for an attacker to gain access to the encrypted data. > > > *VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format.* > > *VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format. * > *VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format.* > > (repetition is mine to highlight the fact that you cannot open truecrypt > volumes with veracrypt) > > -Afterm4th > > > > > > > > > On Tue, Jun 3, 2014 at 9:50 AM, <tpb-crypto@xxxxxxxxxxx> wrote: > > > Message du 03/06/14 10:51 > > De : "Shaun O'Connor" > > > > I take your point about the encryption dilemma(did I spell that > > correctly). I think the Jury is out on that particular issue though... > > > > Personally I think we are in a perpetual game of cat and mouse with > > those who make it their business to know everything about everyone.. > > > > The rewards for the spies are too great for this game to end one day. > > The game will continue, but because of these disclosures by half-2015, the > spies will have to start all over again, at least against people who are > aware and actively protect their systems. Because those that got legacy > systems will be forever under the treat. > > Considering our increasing life expectancy and the fact that we are using > Cobol and Fortran codes made 40 years ago in many financial and scientific > institutions, we can count many exploits discovered in the last decade to > be still exploitable in 100 years. Because those systems won't go away. > > An example of why this is possible, is how many webservers (not merely > firmware routers hard to re-flash) you will find that are still vulnerable > to heartbleed. The rate of correction seems to be asymptotic, thus always > leaving some uncorrected systems till the end of their usable lives. > > Put that in an automated system like spy agencies have, and you have > interesting data streams forever to exploit. The only solution to stop them > is to uncover their taps and block them, those are much smaller in number > and easier to tackle than millions of machines. > > > > >