![]() ![]() This is useful if they temporarily lose the signal, or want to pick it up part way through, or whatever (think digital radio). MP3, in common with other MPEG formats, contains regular “start of frame” markers, which players can use to seek within a stream for a place to start playing. In fact, don’t bother sending the files, because I will win the game every time, even if you send me smallish snippets of MP3 files rather than the whole thing. The game is to see whether I can tell you what (c) is. The mystery file is either another mp3 file, or some more random data. You send me (a) an mp3 file, (b) a file containing random data generated by you, and (c) a mystery file. Of course, you can compile from source, but it’d be nice if they released the packaging information used to build the packages (eg: the “.spec” file for RPM, the “debian/” directory for DEB, etc), something that is not currently part of their source code.ĥ:38 Novak: we can do a blind test. I just downloaded the package again to check, and it’s still the same, at least for Ubuntu 5.10. So effectively your data might be compromised by other attacks on the system itself which have since been patched, but you are unable to install because installing them breaks the packaged version from TrueCrypt. I had a look at TrueCrypt a while ago, but the one thing I found to be a problem is that the binaries available under Linux are built against the originally shipped kernel for the distribution in question, and not the latest version that the distribution provide (which contains security updates). The authors implemented LRW over CBC due to an attack that enabled an attacker to place plain text blocks within a mounted volume, which allowed the volume to be identified from the random space,thus it affects the “plausable deniablity” that TC strives for, this did not affect volumes created with AES-Blowfish or AES-Blowfish-Serpent chaining. Just to correct something I read up above on TC been broken in a previous version. Something like this goes along the very merits of why PGP was released at first, those that need it in countries where using crypto is illegal or even life threatening could benefit from a program that is not only open source, does not only contain good “plausable deniabilty” but is also given the thumbs up from someone like Mr Schneier. Things that are closed source seem to get plenty of attention but never are really professionally reviewed, all the unknowing users read is *coff**coff* “military strengh encryption using triple blowfish”….lets not say more. I think if someone like Bruce could have a look at it and give his professional opinion this would definetly serve the crypo community. I’m really not suggesting this is a practical attackīeen using this since v1.0 and still using it, Linux version is catching up to the Windows version slowly but with great success.Ī brilliant product, especially since it is 100% free with full source available.Ĭompared to commercial “bloatware” products which companies seem more than happy to lay down the green for, I think TC is something indeed to look up to. Partition doesn’t have any outer metadata and is also better performance-wise. You should either store the container on a FAT-formatted disk, or encrypt a partition. No, the “magnetic” analysis is useless.Īssuming you gave up the keys one of the volumes, the metadata for that volume tells you which sectors should not currently be in use.Īs the manual says, containers containing hidden volumes should not be stored on NTFS (or any other journaling file system that uses metadata). There are also other sources of perfectly random looking data (bascially any compressed file, zip, mp3, jpg, avi, etc). The former data could have been another encrypted container stored in the area in the past (before the present container). ![]() There could have been anything stored in that area of the disk before you stored the encrypted container there.Īlthough that data probably wouldn’t look like random noise (which the container would).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |