On Sun, Jun 01, 2014 at 11:37, Theo de Raadt wrote:
>> Could you please provide a little bit more information? What causes 
>> encrypted vnd to be insecure
> Ted went a bit far; it is unusual for him to be melodratic.
> Basically -- less than state of the art crypto.

You would never use blowfish-cbc (with a 64-bit blocksize) for disk
encryption today. You can probably find a wiki page somewhere with
details, but the reality is most people aren't capable of assessing
whether this is "secure enough".

Part of the deprecation / migration process is identifying the weird
ways people use vnd and finding solutions for them. But as we've seen,
people never move forward without the occasional push.

Reply via email to