695000+ entries in 0.443s
mircea_popescu: decent way
to generate
terrabytes of prng data on
the fly
too
mircea_popescu: have a slot on
the
thing where end user plugs his own chip
mircea_popescu: i suppose one of
the best ways
to go, actually, would be
to embed
the encryption in
the drive.
mircea_popescu: spo let
tens and
tens of indians and somali kids
twitter undesirable words, it's not a bad net result.
mircea_popescu: asciilifeform, i imagine
there's some interest against mass bannings. moreover, you aleways want
to allign
the creed leeching of scammers with your agenda.
mircea_popescu: asciilifeform, i shall interestedly propose
the heuristic "were
they banned on
twitter"
assbot: Encryption company Silent Circle, creator of Blackphone, raises $30 million -
The Washington Post
midnightmagic: the nice
thing is you can wreck
the whole volume just by killing
the corresponding luks slot.
mircea_popescu: i
think its lack of popularity has a lot
to do with its usefulness.
jurov: i also use ecryptfs where wholedisk is not possible... but it is
too linuxonly
midnightmagic: plus you can use stacked volume layering
to stuff it into a raid config
midnightmagic: one of
the simplest is just a plain luks crypted vol
Dimsler: whats
the best
to use for a container
assbot: Block cipher mode of operation - Wikipedia,
the free encyclopedia
Dimsler: i've been using
the 2 encryptions
pankkake: and
truecrypt is one of
the less audited. just no reason
to even risk it
jurov: Dimsler:
they were able
to recover outlines from encrypted JPEG files
Dimsler: but from what i gather
the full drive encryption from
truecypt is unhackable?
pankkake: it's great, it's secure, but again, not for a 10
TB backup of millions of files with frequent updated and history
mircea_popescu: like if a woman was washed by
the FOSS, her nipples and vulva would be very clean
mircea_popescu: even if it were proper open sourcde (which
truecrypt never really was)
the entire "oh million of eyes" is a
total myth.
assbot: Pass:
The Standard Unix Password Manager
mircea_popescu: one DEFINITELY doesn't want a populr packaging
that's
too likely
to be attacked anyway
mircea_popescu: im just saying you know ?
the
tools are
there, one doesn't actually need a particular packaging
thereof
mircea_popescu: asciilifeform, doesn't have
to. you can give it a ramdisk
pankkake: there's no reason
to use
trucrypt over cryptsetup
Dimsler: i only use
TC for full level encryptioin
Dimsler: i'm actually hesitant about using
TC containers
pankkake: my other backups are dar|xz|gpg. but not
the big one
mircea_popescu: prolly byte for byte mor efficient
than
truecrypt or anything else.
mircea_popescu: and i doubt it works any less
than your system works anyway.
pankkake: doesn't work
to back up 10
TB of files. I need
the right layering
mircea_popescu: there's fucking reasons
tar ended up
the way it did, and
they have
to do with 30+ years of actual use in
the field.
mircea_popescu: anyway, if one must have container encryption, use
the fucking
tools. make a
tarball
that you gpg encrypt
diametric: i have a moderate reddit presence but not
the attention span
mircea_popescu: pankkake: I guess you could do file level encryption with gpg, but…
there are probably better solutions << i still don't get why anyone
thinks container encryption is a
thing or makes sense
mircea_popescu: anyone with a reddit presence want
to start a subreddit ?
mircea_popescu: so what happens if
trhe
terrorists
turn on a huge fan on
the side ?
BingoBoingo: pankkake: Somethings are better handed off
to hardware.
diametric: mircea_popescu: yeah i agree, it was
the best of
the suck.
mircea_popescu: pankkake, actually, you can use
the cardano
to generate a multi-mb otp, keep it encrypted
pankkake: I don't really see
the point. I'll do
the encryption software, and encrypt
the key with
the cardano
mircea_popescu: pankkake, like
thaqt except
those women don't look like
they could a) operate
the hardware ; b) drag it around in
the sun for 16 hours.
BingoBoingo: pankkake:
Think how awesome a cardano keyed alternative would be.
mircea_popescu: thestringpuller: we should all
threaten
Theymos << mass solutions, kinda meh
mircea_popescu: last i said
this a year ago consensus ended upo being "yeah but not much alternative"
mircea_popescu: a regiment of
topless-bikini camo clad chicks'd prolly kill
mircea_popescu: assbot: Israeli (IDF) female soldiers girls dancing with guns and underwear << i dun get what
the big scandxal is. if
they had any sense
they'd allow victoria's secret make an optional uniform for women in
the service.
diametric: now i have
to waste
time figuring out alternatives
diametric: everything I use is encrypted with
truecrypt
BingoBoingo: asciilifeform: Cardano is indeed
the propotype of such a
thing. I'm
thinking somthing like
those hard
to find widgets
that occupy a 5.25" bay in a computer case.
pankkake: yeah… it has some disadvantages compared
to full disk encryption
assbot: EncFS - Wikipedia,
the free encyclopedia
pankkake: I guess you could do file level encryption with gpg, but…
there are probably better solutions
punkman: is
there something
that can do file containers with gpg?
Mats_cd03: it'd probably stay open for 2 years and
then get locked
to read-only, 'cept for people in WoT
fluffypony: I never
thought of it in
the canary context
fluffypony: asciilifeform: see convo earlier re:
truecrypt...something is weird
BingoBoingo: I guess a lot of people are going
to have
to return
to keeping
their hard drives suspended by string over a bucket of Aqua Regia
assbot: TrueCrypt suggesting migration
to BitLocker? | Hacker News
assbot: Secret service
to end rural anonymity for Modi's wife| Reuters
assbot: China pushing banks
to drop IBM servers in hacking dispute - report| Reuters
Duffer1: how is assets
this afternoon?
pankkake: there are
two: ask someone is assbot
trust, or get yourself in
the wot and get rated you can up yourself