Re: DriveCrypt

Computer Software Security - Computer security - desktop and server software, encryption and similar subjects 

Bookmark this page:   Yahoo!   Google   Windows Live   del.icio.us   digg   Netscape

Subject Author Date Re: DriveCrypt Nomen Nescio 12-01-2008  Re: DriveCrypt nemo_outis 12-01-2008
Posted by Nomen Nescio on December 1, 2008, 9:40 am If you were  Registered and logged in, you could reply and use other advanced thread options nemo_outis wrote: > > ... > >> In short, there is NO substantive public evidence that Truecrypt's > >> source code has been the subject of thorough review, nor is there any > >> reason to rely on the credentials of the developers (since they > >> remain anonymous). In that absence, using Truecrypt is an act of > >> blind faith every bit as much (or more!) than using a closed-source > >> encryption program. > > > "You can't trust code that you did not totally create yourself" > > Ken Thompson "Reflections on Trusting Trust" > > Yes, the above paper - which everyone here should read! - makes a very > powerful point. If you're a moron. There's nothing wrong with trusting code someone else wrote. individuals, businesses, and even governments do it every day with no ill effects. The key is learning enough to know WHICH code to trust and definitely not listening to idiots like you. > > But it gets worse, much worse. > > Open source code is no panacea. Nobody ever said it was. It makes you feel like a grownup to lie and try to make it sound like someone did, but it never happened. Once again, open source is an additional barrier for bad or evil code to overcome. The ideal would be poth public and private review. > First of all, I don't believe most open > source code gets anything more than very cursory review Yeah, that's why the last two flaws in GnuPG were discovered by an independent reviewer. And why the last SSL bug was discovered the same way. Never mind the fact that reality PROVES it works or anything, just go ahead on and blither. > Good thorough code review and testing is hard, tedious, painstaking work. Wy do you suppose it is you have to pretend it's an either/or world just to try and make a point? Do you suppose you've had your ass handed to you over this before and now your ego just won't let you sleep unless you spread this sort of nonsense? Of course that's it. <rest snipped unread> Posted by nemo_outis on December 1, 2008, 12:35 pm If you were  Registered and logged in, you could reply and use other advanced thread options >>> "You can't trust code that you did not totally create yourself" >>> Ken Thompson "Reflections on Trusting Trust" >> Yes, the above paper - which everyone here should read! - makes a >> very powerful point. > If you're a moron. Dear, dear! What to do? What to do? Listen to K. Thompson - a giant of computing, the recipient of the Turing Award, the corecipient (with Ritchie) of the National Medal of Technology from President Clinton for co- inventing the UNIX operating system and the C programming language - in his paper published by the ACM, which is considered a classic of computer literature, or instead to the whinings of an anonymous troll? Back under your bridge, troll! Similar Threads Posted Re: DriveCrypt November 26, 2008, 8:45 am Re: DriveCrypt November 26, 2008, 6:11 pm DriveCrypt July 7, 2009, 4:29 am bestcrypt 7.20 vs drivecrypt 4.4 December 18, 2006, 7:37 am DriveCrypt Plus Boot Problem November 16, 2008, 3:50 pm Drivecrypt won't open dcv file on DVD disk February 10, 2008, 11:57 am Drivecrypt pre-boot auth versus multiple users October 11, 2005, 3:12 pm