[cryptome] Re: cryptome compromised?
- From: Neal Lamb <nl1816a@xxxxxxxxxxxxx>
- To: "cryptome@xxxxxxxxxxxxx" <cryptome@xxxxxxxxxxxxx>
- Date: Mon, 9 Jun 2014 14:58:12 -0700 (PDT)
http://truth-out.org/opinion/item/24238-leaving-the-uss-liberty-crew-behind
On Monday, June 9, 2014 3:50 PM, Brian Hecht <brian.hecht@xxxxxxxxxxxxxx> wrote:
What is said when one is over the target? ... we get the most flak ...
John's kickstarter page still up
https://www.kickstarter.com/projects/1874173687/cryptome-global-archives
Only raised $10k so far ... think I might be cracking open a new credit card in
support.
Wonky day and timing ... possible false flag and attorney general taking a
stand against "us"? A new push against "thought crime"?
" ... The Justice Department is resurrecting a program designed to thwart
domestic threats to the United States, and Attorney General Eric Holder
says those threats include individuals the government deems
anti-government or racially prejudiced."
Brian
________________________________
From: Aftermath <aftermath.thegreat@xxxxxxxxx>
To: cryptome@xxxxxxxxxxxxx
Sent: Monday, June 9, 2014 3:39 PM
Subject: [cryptome] Re: TrueCrypt compromised
403 here as well
On Mon, Jun 9, 2014 at 12:51 PM, Jarrod B <jarrodsb@xxxxxxxxx> wrote:
So is this why I'm getting a 403 message when i go to cryptome .org?
>
>
>
>
>On Mon, Jun 9, 2014 at 1:39 PM, Neal Lamb <nl1816a@xxxxxxxxxxxxx> wrote:
>
>http://ecowatch.com/2014/06/06/china-coal-cap-strand-assets/
>>
>>
>>
>>
>>On Monday, June 9, 2014 11:55 AM, Aftermath <aftermath.thegreat@xxxxxxxxx>
>>wrote:
>>
>>
>>
>>Some one just pointed this out too me:
>>
>>
>>https://veracrypt.codeplex.com/
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>from the website:
>>
>>
>>Project Description
>>VeraCrypt is a free disk encryption software brought to you by IDRIX
>>(http://www.idrix.fr) and that is based on TrueCrypt, freely available at
>>http://www.truecrypt.org/.
>>It adds enhanced security to the algorithms used for system and partitions
>>encryption making it immune to new developments in brute-force attacks.
>>
>>For example, when the system partition is encrypted, TrueCrypt uses
>>PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use 327661. And
>>for standard containers and other partitions, TrueCrypt uses at most 2000
>>iterations but VeraCrypt uses 655331 for RIPEMD160 and 500000 iterations for
>>SHA-2 and Whirlpool.
>>
>>This enhanced security adds some delay only to the opening of encrypted
>>partitions without any performance impact to the application use phase. This
>>is acceptable to the legitimate owner but it makes it much more harder for an
>>attacker to gain access to the encrypted data.
>>
>>
>>
>>
>>
>>VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format.
>>VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format.
>>
>>VeraCrypt storage format is INCOMPATIBLE with TrueCrypt storage format.
>>
>>
>>
>>(repetition is mine to highlight the fact that you cannot open truecrypt
>>volumes with veracrypt)
>>
>>
>>-Afterm4th
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>On Tue, Jun 3, 2014 at 9:50 AM, <tpb-crypto@xxxxxxxxxxx> wrote:
>>
>>> Message du 03/06/14 10:51
>>>> De : "Shaun O'Connor"
>>>
>>>>
>>>> I take your point about the encryption dilemma(did I spell that
>>>> correctly). I think the Jury is out on that particular issue though...
>>>>
>>>> Personally I think we are in a perpetual game of cat and mouse with
>>>> those who make it their business to know everything about everyone..
>>>>
>>>
>>>The rewards for the spies are too great for this game to end one day.
>>>
>>>The game will continue, but because of these disclosures by half-2015, the
>>>spies will have to start all over again, at least against people who are
>>>aware and actively protect their systems. Because those that got legacy
>>>systems will be forever under the treat.
>>>
>>>Considering our increasing life expectancy and the fact that we are using
>>>Cobol and Fortran codes made 40 years ago in many financial and scientific
>>>institutions, we can count many exploits discovered in the last decade to be
>>>still exploitable in 100 years. Because those systems won't go away.
>>>
>>>An example of why this is possible, is how many webservers (not merely
>>>firmware routers hard to re-flash) you will find that are still vulnerable
>>>to heartbleed. The rate of correction seems to be asymptotic, thus always
>>>leaving some uncorrected systems till the end of their usable lives.
>>>
>>>Put that in an automated system like spy agencies have, and you have
>>>interesting data streams forever to exploit. The only solution to stop them
>>>is to uncover their taps and block them, those are much smaller in number
>>>and easier to tackle than millions of machines.
>>>
>>>
>>
>>
>>
>
Other related posts:
