-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 6 Nov 2008, Vali Dragnuta wrote: > Chestia asta la ultimul octet este o problema doar in cazuri extrem de > speciale, si chiar si acolo trebuie sa depui suficient efort ca sa te > poti folosi de acea problema. Prin comparatie, avantajele luks > (integrare, platforma curata de jos pina sus, posibilitatea de a avea > mai multe chei si/sau de a le schimba) sint niste avantaje majore. :-) Nice try. > 1). "Two years later I repeated my attempt > to encrypt my data by default, this time with loop-AES, a high > performance > encryption package for Linux. But due to its unrefined coding style, > next > to the author?s dislike for cooperation, the code was never included > into any > mainstream Linux project. > " Asa, si? Ce ar trebui sa-mi demonstreze asta? Ca daca Jari nu coopereaza gata, codul nu e bun? E foarte bun. Eu il folosesc de la kernel 2.4.18 incoace si nu am avut nici o problema vreodata (rehdat 9, fedora 1-10, rhel/centos 4-5). Eu nu am spus __foloseste loop-AES__. Am dat 2 alernative: dm-crypt si loop-AES. Fiecare alege ce-i place. > 2)." In the first quarter of 2004, Jari Ruusu, the author of > loop-AES, imple- > mented the water marking attack against the CBC on-disk format both ? > cryptoloop and dm-crypt ? were using. The attack was not taken > seriously, > especially not by me, as Jari Ruusu had no good reputation and was known > to spread more confusion than facts. After new threat models had shown > that > this attack can be relevant in some situations, I invented ESSIV to > remedy the > problem. Unfortunately, most Linux users were not well educated with > respect > to cryptography and were confused from the mixture of correct and > unobjective > claims Ruusu was still posting to the Linux mailing list. > " Asa poti sa-ti dau si eu citate din altii care spun contrarul. Sincer, nu am chef/timp de polemici cu nimeni. > In fine, recomand acest paper despre luks : > http://clemens.endorphin.org/nmihde/nmihde-A4-os.pdf E o discutie lunga despre asta pe mailing list-ul de la loop-AES. Adica a fost. Si nu s-a terminat foarte favorabil pentru articol. > Nu in ultimul rind, as vrea sa mai mentionez urmatoarele : > Daca criptez un usb stick cu luks apoi il infig intr-un linux de > generatie recenta imi va cere frumos cheia de decriptare inainte de a-l > monta automat. Bonus points for grandma-type users. Foarte bine. Daca asta te ajuta ma bucur pentru tine. Dar pana la urma e chestie de gust daca vrei sau nu sa-ti sara tot timpul o fereastra in fata daca s-a introdus stick-ul in calculator. Plus ca daca nu folosesti gnome/kde nu te mai intreaba nimeni nimic si tot la mount /dev/... /mnt/... ajungi. Gabriel - -- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFJEqmveWrbH+aEIG4RAtVqAJsFP4XmUjS+qq6k0ZQL/OYSWTxiUgCfWdkY 8k36WWHJqM+INcbgknyGEWA= =w1ZA -----END PGP SIGNATURE----- _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
