Getbig.com: American Bodybuilding, Fitness and Figure
Getbig Main Boards => Gossip & Opinions => Topic started by: _aj_ on May 29, 2014, 03:18:57 AM
-
Yesterday, the crypto twitterverse was aflame that the most popular open source crypto application had self-destructed. Their page at source forge was recommending a switch to BitLocker (WTF?) and the last checkin basically no-opped the entire app. The resultant executable was also signed by the BitLocker GPG key.
Turns out that the team discovered a back door? Vulnerability? NSA intercept? That convinced them it was fatally compromised.
This is all I can find on the subject:
http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/
-
How will this effect men in thongs?Will Olympia prep be disrupted?
-
Warning, while these two links contain endless speculation by uninformed blowhards, they are not bodybuilding related:
http://it.slashdot.org/story/14/05/28/2126249/truecrypt-website-says-to-switch-to-bitlocker (http://it.slashdot.org/story/14/05/28/2126249/truecrypt-website-says-to-switch-to-bitlocker)
https://news.ycombinator.com/item?id=7812133 (https://news.ycombinator.com/item?id=7812133)
-
Warning, while these two links contain endless speculation by uninformed blowhards, they are not bodybuilding related:
http://it.slashdot.org/story/14/05/28/2126249/truecrypt-website-says-to-switch-to-bitlocker (http://it.slashdot.org/story/14/05/28/2126249/truecrypt-website-says-to-switch-to-bitlocker)
https://news.ycombinator.com/item?id=7812133 (https://news.ycombinator.com/item?id=7812133)
I was really into the notion that Snowden was gonna drop a bomb last night that it was fatally compromised. Didn't happen.
-
Warning, while these two links contain endless speculation by uninformed blowhards, they are not bodybuilding related:
http://it.slashdot.org/story/14/05/28/2126249/truecrypt-website-says-to-switch-to-bitlocker (http://it.slashdot.org/story/14/05/28/2126249/truecrypt-website-says-to-switch-to-bitlocker)
https://news.ycombinator.com/item?id=7812133 (https://news.ycombinator.com/item?id=7812133)
never thought I would see a hacker news link on here ;D
-
I was really into the notion that Snowden was gonna drop a bomb last night that it was fatally compromised. Didn't happen.
After being called out by John Kerry, he's distracted/busy, if he's even aware of it.
I'm waiting to see if this makes it to the mainstream media .
-
After being called out by John Kerry, he's distracted/busy, if he's even aware of it.
I'm waiting to see if this makes it to the mainstream media .
I am sure that being told to "man up" by that botoxed, plastic-faced fag is really keeping The Snow up at night ::)
-
I am sure that being told to "man up" by that botoxed, plastic-faced fag is really keeping The Snow up at night ::)
:D It's giving plenty of journalists something to do in the meantime.
Was TC something you use(d) for home or work?
-
If the issue is really that the NSA is trying to force them to put in a backdoor and they are pulling a Lavabit, then previous versions of TC should still be good to go -- the backdoors wouldn't be retroactive, would they?
Even if there is a legitimate vulnerability, TC would have some utility for the average person: most people looking at your usb stick (say) and seeing a 1gb .tc partition wouldn't even know what it is, let alone be able to exploit a vulnerability to access it. But I understand that this won't satisfy the truly security conscious.
-
Yesterday, the crypto twitterverse was aflame that the most popular open source crypto application had self-destructed. Their page at source forge was recommending a switch to BitLocker (WTF?) and the last checkin basically no-opped the entire app. The resultant executable was also signed by the BitLocker GPG key.
Turns out that the team discovered a back door? Vulnerability? NSA intercept? That convinced them it was fatally compromised.
This is all I can find on the subject:
http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/
I don't understand a single word of this.
-
:D It's giving plenty of journalists something to do in the meantime.
Was TC something you use(d) for home or work?
At home mostly.
-
Do I have to go to Uni to understand this thread? I hate feeling ignorant on a topic.
-
(http://31.media.tumblr.com/fad9582aaca5ba81275c4e3c645d6b21/tumblr_n6cdziYd6X1rb2o2uo1_500.jpg)
-
Yesterday, the crypto twitterverse was aflame that the most popular open source crypto application had self-destructed. Their page at source forge was recommending a switch to BitLocker (WTF?) and the last checkin basically no-opped the entire app. The resultant executable was also signed by the BitLocker GPG key.
Turns out that the team discovered a back door? Vulnerability? NSA intercept? That convinced them it was fatally compromised.
This is all I can find on the subject:
http://arstechnica.com/security/2014/05/truecrypt-is-not-secure-official-sourceforge-page-abruptly-warns/
Goodrum probably has more info on this.
-
All this hacker talk is making me hungry
-
Open source encryption tools? Oh brother.
It was just a matter of time.
Edit: Just read "There was significant changes in the code between versions 7.1a and 7.2."
Why would anyone even hesitate about security being breached in this case? Oh brother x2
-
Do I have to go to Uni to understand this thread? I hate feeling ignorant on a topic.
5 min on wiki about encryption and 5 min reading articles about TrueCrypt will be enough. :)
-
How will this effect men in thongs?Will Olympia prep be disrupted?
Consider the following scenario:
Some of the judges are schmoes, and uses TrueCrypt to hide their schmoeness. Now that TrueCrypt is no longer safe, someone with malicious intentions could find out that the olympia judges are schmoes and out them. If they are outed, it becomes apparent why some people get so high placings in the olympia.
HTH
-
Open source encryption tools? Oh brother.
It was just a matter of time.
Edit: Just read "There was significant changes in the code between versions 7.1a and 7.2."
Why would anyone even hesitate about security being breached in this case? Oh brother x2
You do know that the most secure encryption is open source, right?
-
You do know that the most secure encryption is open source, right?
Yes, I am aware of it. But in most cases, frequently used open source software is heavily moderated and kept in check. I'm quite shocked that this happened.
-
Yes, I am aware of it. But in most cases, frequently used open source software is heavily moderated and kept in check. I'm quite shocked that this happened.
As of last night, nobody was quite sure what happened. The Dev team for TC is an anonymous and mercurial bunch. They haven't surfaced. Even Bruce Schneier, who is usually better informed than most on this stuff, has nothing.
TC was undergoing an security audit, paid for because of the OpenSSL heartbleed debacle, and had passed the first audit at least. Perhaps there was something coming out of the next audit wave?
-
As of last night, nobody was quite sure what happened. The Dev team for TC is an anonymous and mercurial bunch. They haven't surfaced. Even Bruce Schneier, who is usually better informed than most on this stuff, has nothing.
TC was undergoing an security audit, paid for because of the OpenSSL heartbleed debacle, and had passed the first audit at least. Perhaps there was something coming out of the next audit wave?
Could be a possibility.
I'm still very confused about how this could go unnoticed. Considering it's open source and frequently used by "tech savy" people, i.e. people who can read code.
-
Humm I have an old truecrypt volume somewhere. I wonder how people are hacking them?
-
Tales from the Crypt was a great show in its prime. Arnold even directed an episode.
-
Tales from the Crypt was a great show in its prime. Arnold even directed an episode.
I loved the Crypt Creep.