Re: [Micronet] TrueCrypt
The pure backup services like SpiderOak can do zero-knowledge, because they only give the data back to you via an encryption key that only you hold. Mozy and Crashplan have that option as well. But zero-knowledge doesn't work if you want the vendor to do anything with the data. SpiderOak can do zero-knowledge backup and restore, because for backup and restore they don't need to do anything other than give your bits back when you ask for them. But if you want to share a file with anyone, it's not zero-knowledge. https://spideroak.com/faq/questions/1374/do_share_rooms_violate_zero_knowledge/ On Sun, Mar 15, 2015 at 6:07 PM, Michael Chung michael_ch...@berkeley.edu wrote: *The problem with any of the cloud services is that they can't provide zero-knowledge encryption; at some level you're trusting the vendor to not screw up.* Hey Tom—There is one cloud based backup/storage provider that claims to be entirely zero-knowledge: https://spideroak.com/zero-knowledge/ FWIW: I haven’t personally used this service, but have friends who do and swear by it. Michael Chung Systems Administrator Enterprise Computing Service Management Haas School of Business, UC Berkeley Student Services Building, Room S300D Berkeley, CA 94720-1900 Tele: 510-643-3887 15106433887 Typical Office Schedule Offsite: M-F At Haas: On-demand *From:* micronet-list-boun...@lists.berkeley.edu [mailto: micronet-list-boun...@lists.berkeley.edu] *On Behalf Of *Tom Holub *Sent:* Friday, March 13, 2015 4:33 PM *To:* Ian Crew *Cc:* micronet-list@lists.berkeley.edu *Subject:* Re: [Micronet] TrueCrypt I've been doing a lot of work on data protection, and haven't found a free direct replacement for TrueCrypt. The problem with any of the cloud services is that they can't provide zero-knowledge encryption; at some level you're trusting the vendor to not screw up. For some data risks that's acceptable, but it depends on the specific needs. I've used BestCrypt as a drop-in replacement for TrueCrypt, and it's good, much better than TrueCrypt in terms of UI. But it's not free; whether it makes sense in your environment depends on how many nodes you need to install it on, and who you're collaborating with. On Friday, March 13, 2015, Ian Crew ic...@berkeley.edu wrote: Hi Sergey: There are campus-supplied and supported services that support both MSSEI PL1 (Box, Google Drive, and bCourses Project Sites) and MSSEI PL2 (CalShare) data, which may remove the need to use per-file encryption tools at all. See http://kb.berkeley.edu/page.php?id=44390 for a comparison among those 4 tools. Hope that's helpful, Ian On Mar 13, 2015, at 3:51 PM, Sergey Shevtchenko serg...@berkeley.edu wrote: Dear Micronetters, It's been a year since TrueCrypt has been abandoned by its developers, and we can't recommend the Dropbox/TrueCrypt solution anymore :( What are you folks using for free, cross-platform, on-the-fly container encryption/decryption these days? It does not look like those audits found any vulnerabilities with TrueCrypt 7.1a, so perhaps its still in use? Searching on Google didn't really reveal any good alternatives, since whole-disk encryption and single-file encryption/decryption routines don't compare to ole TrueCrypt's mountable containers... Sergey Shevtchenko IT Director Goldman School of Public Policy http://gspp.berkeley.edu/ University of California, Berkeley tel.: (510) 643-0077 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. ___ Ian Crew IST-Architecture, Platforms and Integration (API) Earl Warren Hall, Second Floor University of California, Berkeley -- Tom Holub, Founder Totally Doable Consulting, http://totallydoable.com http://totallydoableconsulting.com/ Practical IT management consulting for education and non-profits t...@totallydoable.com t...@totallydoableconsulting.com, 510-957-8225 -- Tom Holub, Founder Totally Doable Consulting, http://totallydoable.com http://totallydoableconsulting.com/ Practical IT management consulting for education and non-profits t...@totallydoable.com t...@totallydoableconsulting.com, 510-957-8225 - The following was automatically added to this message by the list server: To learn more about Micronet, including
Re: [Micronet] TrueCrypt
The problem with any of the cloud services is that they can't provide zero-knowledge encryption; at some level you're trusting the vendor to not screw up. Hey Tom—There is one cloud based backup/storage provider that claims to be entirely zero-knowledge: https://spideroak.com/zero-knowledge/ FWIW: I haven’t personally used this service, but have friends who do and swear by it. Michael Chung Systems Administrator Enterprise Computing Service Management Haas School of Business, UC Berkeley Student Services Building, Room S300D Berkeley, CA 94720-1900 Tele: tel:15106433887 510-643-3887 Typical Office Schedule Offsite: M-F At Haas: On-demand From: micronet-list-boun...@lists.berkeley.edu [mailto:micronet-list-boun...@lists.berkeley.edu] On Behalf Of Tom Holub Sent: Friday, March 13, 2015 4:33 PM To: Ian Crew Cc: micronet-list@lists.berkeley.edu Subject: Re: [Micronet] TrueCrypt I've been doing a lot of work on data protection, and haven't found a free direct replacement for TrueCrypt. The problem with any of the cloud services is that they can't provide zero-knowledge encryption; at some level you're trusting the vendor to not screw up. For some data risks that's acceptable, but it depends on the specific needs. I've used BestCrypt as a drop-in replacement for TrueCrypt, and it's good, much better than TrueCrypt in terms of UI. But it's not free; whether it makes sense in your environment depends on how many nodes you need to install it on, and who you're collaborating with. On Friday, March 13, 2015, Ian Crew ic...@berkeley.edu mailto:ic...@berkeley.edu wrote: Hi Sergey: There are campus-supplied and supported services that support both MSSEI PL1 (Box, Google Drive, and bCourses Project Sites) and MSSEI PL2 (CalShare) data, which may remove the need to use per-file encryption tools at all. See http://kb.berkeley.edu/page.php?id=44390 for a comparison among those 4 tools. Hope that's helpful, Ian On Mar 13, 2015, at 3:51 PM, Sergey Shevtchenko serg...@berkeley.edu javascript:_e(%7B%7D,'cvml','serg...@berkeley.edu'); wrote: Dear Micronetters, It's been a year since TrueCrypt has been abandoned by its developers, and we can't recommend the Dropbox/TrueCrypt solution anymore :( What are you folks using for free, cross-platform, on-the-fly container encryption/decryption these days? It does not look like those audits found any vulnerabilities with TrueCrypt 7.1a, so perhaps its still in use? Searching on Google didn't really reveal any good alternatives, since whole-disk encryption and single-file encryption/decryption routines don't compare to ole TrueCrypt's mountable containers... Sergey Shevtchenko IT Director Goldman School of Public Policy http://gspp.berkeley.edu/ University of California, Berkeley tel.: (510) 643-0077 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. ___ Ian Crew IST-Architecture, Platforms and Integration (API) Earl Warren Hall, Second Floor University of California, Berkeley -- Tom Holub, Founder Totally Doable Consulting, http://totallydoableconsulting.com/ http://totallydoable.com Practical IT management consulting for education and non-profits mailto:t...@totallydoableconsulting.com t...@totallydoable.com, 510-957-8225 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Re: [Micronet] TrueCrypt
A friend of mine is a contributor to a TrueCrypt fork called CipherShed: https://ciphershed.org/ There's also a competing project called VeraCrypt: https://veracrypt.codeplex.com/ Both are free and open-source. == Hilary Schiraldi Head Long Business Library Haas School of Business UC Berkeley 510-643-6471 hschi...@library.berkeley.edu On Fri, Mar 13, 2015 at 4:32 PM, Tom Holub t...@totallydoable.com wrote: I've been doing a lot of work on data protection, and haven't found a free direct replacement for TrueCrypt. The problem with any of the cloud services is that they can't provide zero-knowledge encryption; at some level you're trusting the vendor to not screw up. For some data risks that's acceptable, but it depends on the specific needs. I've used BestCrypt as a drop-in replacement for TrueCrypt, and it's good, much better than TrueCrypt in terms of UI. But it's not free; whether it makes sense in your environment depends on how many nodes you need to install it on, and who you're collaborating with. On Friday, March 13, 2015, Ian Crew ic...@berkeley.edu wrote: Hi Sergey: There are campus-supplied and supported services that support both MSSEI PL1 (Box, Google Drive, and bCourses Project Sites) and MSSEI PL2 (CalShare) data, which may remove the need to use per-file encryption tools at all. See http://kb.berkeley.edu/page.php?id=44390 for a comparison among those 4 tools. Hope that's helpful, Ian On Mar 13, 2015, at 3:51 PM, Sergey Shevtchenko serg...@berkeley.edu wrote: Dear Micronetters, It's been a year since TrueCrypt has been abandoned by its developers, and we can't recommend the Dropbox/TrueCrypt solution anymore :( What are you folks using for free, cross-platform, on-the-fly container encryption/decryption these days? It does not look like those audits found any vulnerabilities with TrueCrypt 7.1a, so perhaps its still in use? Searching on Google didn't really reveal any good alternatives, since whole-disk encryption and single-file encryption/decryption routines don't compare to ole TrueCrypt's mountable containers... Sergey Shevtchenko IT Director Goldman School of Public Policy http://gspp.berkeley.edu/ University of California, Berkeley tel.: (510) 643-0077 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. ___ Ian Crew IST-Architecture, Platforms and Integration (API) Earl Warren Hall, Second Floor University of California, Berkeley -- Tom Holub, Founder Totally Doable Consulting, http://totallydoable.com http://totallydoableconsulting.com/ Practical IT management consulting for education and non-profits t...@totallydoable.com t...@totallydoableconsulting.com, 510-957-8225 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Re: [Micronet] TrueCrypt
I've been doing a lot of work on data protection, and haven't found a free direct replacement for TrueCrypt. The problem with any of the cloud services is that they can't provide zero-knowledge encryption; at some level you're trusting the vendor to not screw up. For some data risks that's acceptable, but it depends on the specific needs. I've used BestCrypt as a drop-in replacement for TrueCrypt, and it's good, much better than TrueCrypt in terms of UI. But it's not free; whether it makes sense in your environment depends on how many nodes you need to install it on, and who you're collaborating with. On Friday, March 13, 2015, Ian Crew ic...@berkeley.edu wrote: Hi Sergey: There are campus-supplied and supported services that support both MSSEI PL1 (Box, Google Drive, and bCourses Project Sites) and MSSEI PL2 (CalShare) data, which may remove the need to use per-file encryption tools at all. See http://kb.berkeley.edu/page.php?id=44390 for a comparison among those 4 tools. Hope that's helpful, Ian On Mar 13, 2015, at 3:51 PM, Sergey Shevtchenko serg...@berkeley.edu javascript:_e(%7B%7D,'cvml','serg...@berkeley.edu'); wrote: Dear Micronetters, It's been a year since TrueCrypt has been abandoned by its developers, and we can't recommend the Dropbox/TrueCrypt solution anymore :( What are you folks using for free, cross-platform, on-the-fly container encryption/decryption these days? It does not look like those audits found any vulnerabilities with TrueCrypt 7.1a, so perhaps its still in use? Searching on Google didn't really reveal any good alternatives, since whole-disk encryption and single-file encryption/decryption routines don't compare to ole TrueCrypt's mountable containers... Sergey Shevtchenko IT Director Goldman School of Public Policy http://gspp.berkeley.edu/ University of California, Berkeley tel.: (510) 643-0077 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. ___ Ian Crew IST-Architecture, Platforms and Integration (API) Earl Warren Hall, Second Floor University of California, Berkeley -- Tom Holub, Founder Totally Doable Consulting, http://totallydoable.com http://totallydoableconsulting.com/ Practical IT management consulting for education and non-profits t...@totallydoable.com t...@totallydoableconsulting.com, 510-957-8225 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Re: [Micronet] TrueCrypt
Even cloud services that offer encrypt at (remote) rest and encrypt in transmission cannot ensure local encryption. Which means you have to transition through an unencrypted state to copy to another service. TrueCrypt's encrypted object model was really handy in that respect. I think CalShare is the only suitable location for things like master password lists or anonymous data keys. Though one site is over-kill for my space requirements. There's scope for a collaborative space, i think. Graham On 3/13/15 4:32 PM, Tom Holub wrote: I've been doing a lot of work on data protection, and haven't found a free direct replacement for TrueCrypt. The problem with any of the cloud services is that they can't provide zero-knowledge encryption; at some level you're trusting the vendor to not screw up. For some data risks that's acceptable, but it depends on the specific needs. I've used BestCrypt as a drop-in replacement for TrueCrypt, and it's good, much better than TrueCrypt in terms of UI. But it's not free; whether it makes sense in your environment depends on how many nodes you need to install it on, and who you're collaborating with. On Friday, March 13, 2015, Ian Crew ic...@berkeley.edu mailto:ic...@berkeley.edu wrote: Hi Sergey: There are campus-supplied and supported services that support both MSSEI PL1 (Box, Google Drive, and bCourses Project Sites) and MSSEI PL2 (CalShare) data, which may remove the need to use per-file encryption tools at all. See http://kb.berkeley.edu/page.php?id=44390 for a comparison among those 4 tools. Hope that's helpful, Ian On Mar 13, 2015, at 3:51 PM, Sergey Shevtchenko serg...@berkeley.edu javascript:_e(%7B%7D,'cvml','serg...@berkeley.edu'); wrote: Dear Micronetters, It's been a year since TrueCrypt has been abandoned by its developers, and we can't recommend the Dropbox/TrueCrypt solution anymore :( What are you folks using for free, cross-platform, on-the-fly container encryption/decryption these days? It does not look like those audits found any vulnerabilities with TrueCrypt 7.1a, so perhaps its still in use? Searching on Google didn't really reveal any good alternatives, since whole-disk encryption and single-file encryption/decryption routines don't compare to ole TrueCrypt's mountable containers... Sergey Shevtchenko IT Director Goldman School of Public Policy http://gspp.berkeley.edu/ University of California, Berkeley tel.: (510) 643-0077 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. ___ Ian Crew IST-Architecture, Platforms and Integration (API) Earl Warren Hall, Second Floor University of California, Berkeley -- Tom Holub, Founder Totally Doable Consulting, http://totallydoable.com http://totallydoableconsulting.com/ Practical IT management consulting for education and non-profits t...@totallydoable.com mailto:t...@totallydoableconsulting.com, 510-957-8225 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. -- Graham Patterson, Systems Administrator Lawrence Hall of Science, UC Berkeley 510-643-1984 ...past the iguana, the tyrannosaurus, the mastodon, the mathematical puzzles, and the meteorite... - used to be the directions to my office. - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you
Re: [Micronet] TrueCrypt
Hi Sergey: There are campus-supplied and supported services that support both MSSEI PL1 (Box, Google Drive, and bCourses Project Sites) and MSSEI PL2 (CalShare) data, which may remove the need to use per-file encryption tools at all. See http://kb.berkeley.edu/page.php?id=44390 for a comparison among those 4 tools. Hope that's helpful, Ian On Mar 13, 2015, at 3:51 PM, Sergey Shevtchenko serg...@berkeley.edu wrote: Dear Micronetters, It's been a year since TrueCrypt has been abandoned by its developers, and we can't recommend the Dropbox/TrueCrypt solution anymore :( What are you folks using for free, cross-platform, on-the-fly container encryption/decryption these days? It does not look like those audits found any vulnerabilities with TrueCrypt 7.1a, so perhaps its still in use? Searching on Google didn't really reveal any good alternatives, since whole-disk encryption and single-file encryption/decryption routines don't compare to ole TrueCrypt's mountable containers... Sergey Shevtchenko IT Director Goldman School of Public Policy http://gspp.berkeley.edu/ University of California, Berkeley tel.: (510) 643-0077 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. ___ Ian Crew IST-Architecture, Platforms and Integration (API) Earl Warren Hall, Second Floor University of California, Berkeley - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
[Micronet] TrueCrypt
Dear Micronetters, It's been a year since TrueCrypt has been abandoned by its developers, and we can't recommend the Dropbox/TrueCrypt solution anymore :( What are you folks using for free, cross-platform, on-the-fly container encryption/decryption these days? It does not look like those audits found any vulnerabilities with TrueCrypt 7.1a, so perhaps its still in use? Searching on Google didn't really reveal any good alternatives, since whole-disk encryption and single-file encryption/decryption routines don't compare to ole TrueCrypt's mountable containers... Sergey Shevtchenko IT Director Goldman School of Public Policy http://gspp.berkeley.edu University of California, Berkeley tel.: (510) 643-0077 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Re: [Micronet] TrueCrypt
Based on: https://www.grc.com/misc/truecrypt/truecrypt.htm TrueCrypt 7.1a is still in use and considered by many to be secure. I still use it. On Fri, Mar 13, 2015 at 3:51 PM, Sergey Shevtchenko serg...@berkeley.edu wrote: Dear Micronetters, It's been a year since TrueCrypt has been abandoned by its developers, and we can't recommend the Dropbox/TrueCrypt solution anymore :( What are you folks using for free, cross-platform, on-the-fly container encryption/decryption these days? It does not look like those audits found any vulnerabilities with TrueCrypt 7.1a, so perhaps its still in use? Searching on Google didn't really reveal any good alternatives, since whole-disk encryption and single-file encryption/decryption routines don't compare to ole TrueCrypt's mountable containers... Sergey Shevtchenko IT Director Goldman School of Public Policy http://gspp.berkeley.edu University of California, Berkeley tel.: (510) 643-0077 - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past. - The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.