Thread: Truecrypt 5.0 Released (now with system partition encryption)
View Single Post
  #15 (permalink)  
Old 02-07-2008, 06:45 AM
George Orwell
Guest
  
Posts: n/a
Default Re: Truecrypt 5.0 Released (now with system partition encryption)
nemo_outis wrote:

> The entire disk IS encrypted, with the exception of the boot stub
> on track 0.

No, it's not. If you have two partitions and encrypt only the
"system" partition the other isn't touched. If you encrypt both,
they still exist as independent partitions. Some amount of data
about each will be stored in the MBR depending on operating system,
and all the "gotchas" with respect to an OS stashing away
information about partition/file access and such still exist, even
for "hidden" volumes on non-system partitions.

We were just discussing the hows and whys of hiding the fact that
volumes exist can be significant guy, I'm surprised you can't see
why to some people this subtle difference would be important.

As to your "encrypted partition tables are asking for trouble"
guesswork, that's just pure bunk. All true WD encryption products
I'm aware of do exactly that, and a lot of other utilities like
whole disk compressors and certain boot managers perform similar
functions. So far the net hasn't been flooded with reports of all
the disasters you seem to think should be occurring.

*shrug*

Exposed partition tables absolutely are less secure than their
encrypted cousins, too. One of the first things any cryptanalyst
who isn't just plodding along doing brute force attacks asks is
*what* is being encrypted. That's an easy question to answer if
partition information is laid out at his feet[1].

> PS There will be all sorts of wailing and moaning over this post
> from various quibblers, cavillers, and whiners - have many large
> grains of salt handy to deal with their responses.

It's not quibbling and whining, it's called being accurate. The two
types of encryption being discussed here don't even function at the
same layer. Whole disk is "storage layer"[2] encryption and
Ttruecrypt obviously does business at the file system layer.

I'm sure you'd like people to think that difference is just mindless
nit picking because you can't stand being wrong about something,
but the fact remains that Truecrypt is not, and isn't even marketed
as, a whole disk encryption product. In fact the only person I've
seen call it that, is you.

[1] http://www.linux.com/base/ldp/howto/...roduction.html

[2] http://en.wikipedia.org/wiki/Encrypt..._storage_stack

Il mittente di questo messaggio|The sender address of this
non corrisponde ad un utente |message is not related to a real
reale ma all'indirizzo fittizio|person but to a fake address of an
di un sistema anonimizzatore |anonymous system
Per maggiori informazioni |For more info
https://www.mixmaster.it


Reply With Quote