• I complain about the weather.
• Sony drops price price of Playstaion in USA.
• The Daily Show now online full time.
• Valleywag has the best coverage of Web 2.0.
• Owen Thomas runs a talking points memo full cloth seeing a violation of the embargo agreement.
• Cisco raided in Brazil. Taxes are at issue, almost a billion dollars.
• Storage Expo 2007 going on in London.
• New enterprise drives to be encrypted.
• I recommend a good encryption product.
Click to listen:
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
#1 – pedro
I told you not to piss him off… Next, Helga will pay you a visit…
Other neat and free encryption software here – truecrypt and ironkey.
http://tinyurl.com/26b69f
Here [Brazil], we have a serious problem with corruption and all that kind of stuff.
About taxes? A Nintendo Wii would cost 500 reais [brazilian coin, 1 dollar = 2 reais]. If you include all the taxes involved the cost go up to 2000 reais [something about 1000 dollars]…
FreeOTFE is a free, open source, “on-the-fly” transparent disk encryption program for PCs and PDAs
Using this software, you can create one or more “virtual disks” on your PC/PDA. These disks operate exactly like a normal disk, with the exception that anything written to one of them is transparently, and securely, encrypted before being stored on your computer’s hard drive.
http://www.freeotfe.org/
Truecrypt is really the best choice.
– OpenSource, which encryption software MUST be, so it has been externally reviewed for backdoors and programming errors. For some things, like encryption, OpenSource is the ONLY way to go, regardless of what John may say.
– Plausible deniability. You can create a hidden encrypted partition inside an existing encrypted partition, so even if you are forced to reveal your password, the only files visible will be those in the first partition, with no indication of the second partition existing. You put your really important stuff in the second partition, and some important looking but not really important stuff in your first partition.
– Easy to move from one place to another. Unless you go the NOT recommended route of actually encrypting a partition, what you actually do is create a large standard file that is encrypted, and then mount that file as a disk. Your files actually go inside that main file. This means that you can move that file from drive to drive and it stays encrypted, backup works fine, etc. You can also easily have different encrypted ‘disks’ on the same physical disk without messing around with actual disk partitioning.
– Methods to thwart key loggers exist.
– Free.
Even if you have nothing to hide, it is a great utility to have available on your system, even if it’s just for keeping a password list and a list of financial account numbers hidden but readily available.
I finally listened to one of these… what’s with the water bubbling noise?
Is this recorded in John’s undersea lair?
what’s with the water bubbling noise?
Double, double, toil and trouble
Dvorak Rant,and Cauldron bubble.
[w/apologies]
J/P=?
#11 – Pedro –
I don’t trust such a big group of people with checking for security holes.
You obviously know very little about OpenSource software. It sounds like you think that whoever wants to writes or makes changes to software, and then it automatically gets published. That is not how it works.
All that OpenSource means is that the Source Code is freely available for inspection by anybody that wants to do so.
At least with big soft companies, I know what to expect and what kinds of backdoors can they put in place.,/i>
That makes absolutely no sense at all… you are saying that you know both what to expect and what they will do in terms of secret features. You must be a really good mind-reader or have special powers.
A prime example of a high security application where OpenSource is essential is the Electronic Voting systems. As soon as the Source Code was made available for review in California, the systems were decertified because the software was shown to be so poorly written.
In the case of encryption software like Truecrypt, the software has been heavily inspected and no backdoors or bugs have been found, something that is impossible to do without the source code.
It sounds like you would rather trust encryption to a big company that keeps everything secret… maybe some software written by ATT or Verizon would be more to your liking?
I’m very sorry to say I won’t be listening until the bubbling in the background stops. Pity. I guess I’m too cranky a geek to not be annoyed by unnecessary noise.
I’ll check in occasionally to see if John has taken his Ritalin and stopped twitching.
Otherwise, love the show.
Go with TrueCrypt for encryption, open source and doesn’t require filling out a form just to download it. It will do all the things John says Drivecrypt will do.
So as far as encrypting your PC data is concerned. The UK government presumes that you’re “guilty until proven innocent”. And if you don’t cough up the password for them, they lock you up for hiding something from them. So far they haven’t applied this to God, for hiding our genetic makeup in the DNA code. Will brits have to submit their DNA “password” someday, so they can be cleared off crimes commited by a tiny few?!
This isn’t about governments fighting crime or terrorism. It’s about high ranking government types maintaining their power over the masses, by ensure that they know what their all up too. That’s why they need to bug all of our communications, not just the criminals. The Pentagon got caught keeping lists of citizen groups, that merely disagreed with there being a war! They’ve probably been doing this kind of internal political spying since the Korean War. No doubt they were labeling all pacifists, potential “commies” back then. But now it’s more about tax dollars, and political support, being lost. And figuring out what kind of counter-propaganda is needed to offset this.
In any case. I have little doubt that the harddrive makers have already provided a “backdoor” in their encryption algorthms, for NSA and MI6 to crack any drive they get access to. But they want to us to think that a password must be submitted, to hid this trick. And if the harddrive makers didn’t make an easy way to crack the disk encryption. Then the Blackwater boys would probably be sent to visit their corporate HQ. Or they’d be made to swallow some other financial poison pill. A few years back, I read a newspaper article about how a Swiss firm had compromised an encryption machine that it made. For just that purpose, at the NSA’s request. And they kept it a secret for years, but sold the machines all over the world as “uncrackable”. Replacing the older “enigma” machines that had been cracked during WW2, and also kept a military secret, until leaked in 1970.
#16
I’m a bit confused here, pedro.
You don’t trust open source code that you can actually see, review and vet before it compiles and runs –
– but you do trust closed source code you are unable to see, review and vet before it runs?
WTF? I must be missing something really, really obvious but really important here.
YOU don’t have to check the code…there’s plenty of people out there that do that believe me. And if they found anything funny it would be all over the internet in seconds…..Maybe you remember TurboTax, and the spyware (C-Dilla) code that was found inside it…..Now there’s Corporate Amerika for you. I would be MUCH more afraid of backdoors in commercial software..”I forgot my password….PLEASE help”…..Or “We have a warrant here….”.lol……..z
FreeOTFE is easily the best; Truecrypt is alright but has a crap interface, and less options
http://www.freeotfe.org/