Re: [cryptography] TrueCrypt

2014-05-28 Thread Lukasz Biegaj
W dniu 28.05.2014 22:35, Sadiq Saif pisze: http://truecrypt.sourceforge.net/ https://gist.github.com/anonymous/e5791d5703325b9cf6d1 https://twitter.com/matthew_d_green So WTF happened? The same thing that happened with Lavabit. -- Lukasz Biegaj ___

Re: [cryptography] TrueCrypt

2014-05-28 Thread Kevin
On 5/28/2014 4:35 PM, Sadiq Saif wrote: http://truecrypt.sourceforge.net/ https://gist.github.com/anonymous/e5791d5703325b9cf6d1 https://twitter.com/matthew_d_green So WTF happened? So encrypt with BitLocker and decrypt with TrueCrypt? Why? -- Kevin

Re: [cryptography] TrueCrypt

2014-05-28 Thread Sadiq Saif
On 5/28/2014 17:04, Kyle Maxwell wrote: > Sabu told me over lunch that Snowden revealed the NSA compromise of > TrueCrypt while having lunch with Putin in Crimea. > Good one. -- Sadiq Saif ___ cryptography mailing list cryptography@randombit.net http:

Re: [cryptography] TrueCrypt

2014-05-28 Thread Kyle Maxwell
Sabu told me over lunch that Snowden revealed the NSA compromise of TrueCrypt while having lunch with Putin in Crimea. On Wed, May 28, 2014 at 4:02 PM, Swair Mehta wrote: > 1) Microsoft ended support for XP. > 2) Elcomsoft claims the ability to retrieve master & secondary (XTS mode) > keys for Tr

Re: [cryptography] TrueCrypt

2014-05-28 Thread Swair Mehta
1) Microsoft ended support for XP. 2) Elcomsoft claims the ability to retrieve master & secondary (XTS mode) keys for TrueCrypt volumes/partitions from hibernation files. 3) Passware same as above. 4) https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assess

[cryptography] TrueCrypt

2014-05-28 Thread Sadiq Saif
http://truecrypt.sourceforge.net/ https://gist.github.com/anonymous/e5791d5703325b9cf6d1 https://twitter.com/matthew_d_green So WTF happened? -- Sadiq Saif ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/list

Re: [cryptography] Is it time for a revolution to replace TLS?

2014-05-28 Thread Watson Ladd
On Wed, May 28, 2014 at 3:24 AM, Michael Rogers wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On 28/05/14 10:54, Mansour Moufid wrote: >> On Fri, 2014-04-25 at 09:28 -0700, Tony Arcieri wrote: >> >>> There's an entire class of memory safety bugs which are possible >>> in C but not

Re: [cryptography] Is it time for a revolution to replace TLS?

2014-05-28 Thread Michael Rogers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 28/05/14 10:54, Mansour Moufid wrote: > On Fri, 2014-04-25 at 09:28 -0700, Tony Arcieri wrote: > >> There's an entire class of memory safety bugs which are possible >> in C but not possible in Rust. These also happen to be the class >> of bugs th

Re: [cryptography] Is it time for a revolution to replace TLS?

2014-05-28 Thread Mansour Moufid
On Fri, 2014-04-25 at 09:28 -0700, Tony Arcieri wrote: > There's an entire class of memory safety bugs which are possible in C but > not possible in Rust. These also happen to be the class of bugs that lead > to Heartbleed-like secret leakage or remote code execution vulnerabilities. It seems we'