tag archive: crypto

Many years ago I read Hackers for the first time and thoroughly enjoyed it. Levy takes exhaustive research and interviews and weaves them in to a great tale. I like reading about the people behind technology and how they came to do what they do (or did what they did), and this book is full of characters and their stories: “The Heroes of the Computer Revolution.” Starting with the origins of hacker culture at MIT in the Tech Model Railroad Club, I felt transported back in time and was absorbed by the story.

“Travellin’ and livin’ off the web…”

I have a GPG key, freshly created a couple of days ago. GPG is the GNU Privacy Guard, also known as GnuPG, used for encryption and digital signatures.

Many people include helpful comments about GPG encryption on a page with their public key and fingerprint. Instead of making similar remarks (which I don’t feel qualified to make), I’ll point to some examples: Karl Fogel, Peter S. May, and Henrik Lund Kramshoej.

I’ve read Karl’s page with interest in the past, and revisited it while preparing my own GPG key page. His comments have been influential in adding to my doubts about using the software and keys properly. I found Peter’s and Henrik’s pages recently in Google search results as I’ve been reading about the …

I’ve been using Password Safe in Windows for many years to manage my passwords. It seemed credible to me because it was originally designed by Bruce Schneier and made by his company, Counterpane Systems. It uses either the twofish or blowfish block cipher, depending on the version. I respect Bruce’s knowledge and opinions on security and figured it would be a robust application, free from obvious security flaws.

And it was free for use. As in free beer. At some point it was released under the free and open source Artistic …

My search brought me to EncFS, which I think will work really well for me. It uses the regular file system and grows or shrinks as needed. From what I can tell, it is reasonably secure and robust. It also is licensed under the GPL, which is a big plus for me. Thanks to Valient Gough for creating, maintaining, and sharing this great work of free software.

[...]

On the other hand, the advantages are nice. There is the flexibility already mentioned in not having to specify the size of the encrypted space. It just dynamically grows and plays nicely with other non-encrypted files on the disk. You can backup the encrypted files using something like rsync, without having to decrypt them first. It works for a regular user and there is no need for SUID as in TrueCrypt, with resulting risks. The clear files are only accessible by your user account while mounted.

Update, 1 June 2007: Version 4.3a, released May 2007, removes support for SUID.

I’ve been using TrueCrypt to encrypt financial and personal documents in Windows for a while now and it has worked just fine for the way I want to use it. I’m doing file-based encryption where you mount a single file as a virtual volume that appears as a normal drive in Windows. I knew there was a GNU/Linux version, so it seemed like a logical choice to use for the same purposes in the free world.

TrueCrypt is free-as-in-freedom (according to my hearsay understanding of the license), but the TrueCrypt Foundation behind it is apparently kind of secretive and closed with its development processes. I’m not sure how much of a concern this should be for me.

I briefly looked at …