DCPP

DCPP
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
DCPP Peter 01-24-2007
---> Re: DCPP Sebastian Gotts...01-24-2007
| | ---> Re: DCPP Sebastian Gotts...01-24-2007
| | `--> Re: DCPP Volker Birk01-25-2007
| ---> Re: DCPP Sebastian Gotts...01-25-2007
| | |--> Re: DCPP Volker Birk01-25-2007
| |--> Re: DCPP Volker Birk01-25-2007
| ---> Re: DCPP Sebastian Gotts...01-25-2007
| | ---> Re: DCPP Volker Birk01-25-2007
| | ---> Re: DCPP Sebastian Gotts...01-25-2007
| | ---> Re: DCPP Volker Birk01-25-2007
| | | `--> Re: DCPP Sebastian Gotts...01-25-2007
| | `--> Re: DCPP Frank Slootweg01-25-2007
| ---> Re: DCPP Sebastian Gotts...01-26-2007
| ---> Re: DCPP Frank Slootweg01-26-2007
| ---> Re: DCPP Sebastian Gotts...01-26-2007
| ---> Re: DCPP Frank Slootweg01-26-2007
| ---> Re: DCPP Sebastian Gotts...01-26-2007
| ---> Re: DCPP Frank Slootweg01-26-2007
| ---> Re: DCPP Sebastian Gotts...01-26-2007
| `--> Re: DCPP Frank Slootweg01-26-2007
|--> Re: DCPP Volker Birk01-25-2007
Posted by Volker Birk on January 25, 2007, 4:59 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> Notan wrote:
> >> Brute-forcing the key by
> >> attacking the key-generation scheme or some other flaw in the
> >> implementation has usually been very successful against this crappy
> >> software.
> > Cites?
> Is your Google broken?

Mine seems to be b0rken, too.

DriveCrypt and TrueCrypt both are derivates of E4M. What is your problem
with DriveCrypt?

Yours,
VB.
--
"Pornography is an abstract phenomenon. It cannot exist without a medium
to propagate it, and it has very little (if anything at all) to do with sex."
Tina Lorenz
<https://events.congress.ccc.de/congress/2006/Fahrplan/events/1422.en.html>

Posted by Sebastian Gottschalk on January 25, 2007, 5:23 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Volker Birk wrote:

>> Notan wrote:
>>>> Brute-forcing the key by
>>>> attacking the key-generation scheme or some other flaw in the
>>>> implementation has usually been very successful against this crappy
>>>> software.
>>> Cites?
>> Is your Google broken?
>
> Mine seems to be b0rken, too.
>
> DriveCrypt and TrueCrypt both are derivates of E4M. What is your problem
> with DriveCrypt?

The implementation of the key generation and key management. We've seen the
plain keys being dumped to the swap file, we've seen the entropy collection
reducing itself to about 40 bits of entropy...

Posted by Volker Birk on January 25, 2007, 5:38 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> The implementation of the key generation and key management. We've seen the
> plain keys being dumped to the swap file, we've seen the entropy collection
> reducing itself to about 40 bits of entropy...

Proofs for these claims?

Yours,
VB.
--
"Pornography is an abstract phenomenon. It cannot exist without a medium
to propagate it, and it has very little (if anything at all) to do with sex."
Tina Lorenz
<https://events.congress.ccc.de/congress/2006/Fahrplan/events/1422.en.html>

Posted by Notan on January 25, 2007, 9:41 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Sebastian Gottschalk wrote:
> Volker Birk wrote:
>
>>> Notan wrote:
>>>>> Brute-forcing the key by
>>>>> attacking the key-generation scheme or some other flaw in the
>>>>> implementation has usually been very successful against this crappy
>>>>> software.
>>>> Cites?
>>> Is your Google broken?
>> Mine seems to be b0rken, too.
>>
>> DriveCrypt and TrueCrypt both are derivates of E4M. What is your problem
>> with DriveCrypt?
>
> The implementation of the key generation and key management. We've seen the
> plain keys being dumped to the swap file, we've seen the entropy collection
> reducing itself to about 40 bits of entropy...

We?

--
Notan

Posted by Peter on January 24, 2007, 2:45 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
> Who knows? Read the documentation and ask the vendor. Generally, the
> answer
> seems to be: No, almost all of these software packages are totally fucked
> up and add some random information that you'll lose.

> Anyway, who cares? You're running DriveCrypt, thus the encryption is just
> a
> worthless additional transformation of your data. Brute-forcing the key by
> attacking the key-generation scheme or some other flaw in the
> implementation has usually been very successful against this crappy
> software.

Thank you for your helpful contribution. I know a lot more now...



Similar ThreadsPosted
DCPP user password?! September 16, 2007, 1:37 pm

The site map in XML format XML site map

Contact Us | Privacy Policy