undefined | Better HN

0 pointsdiminoten11y ago0 comments

http://www.markus-gattol.name/ws/dm-crypt_luks.html

"The term "full-disk/on-disk encryption" is often used to signify that everything on a disk is encrypted, including the programs that can encrypt bootable operating system partitions."

Are you going to tell Markus Gattol he's wrong? No? Good, let's move on.

What matters here is the security, and the adoption rate of TrueCrypt is/was through the roof, because of how it allowed folks to move encrypted volumes across various platforms without much hassle.

What you wrote seems to intimate there's no actual need or value in moving encrypted volumes across platforms, and that if folks actually want to do that they should just encrypt individually and at a FS level and do so using PGP, which has existed for years, and whose adoption rate and ease-of-use are both, compared to TrueCrypt, through the floor.

The fact is, people want to move encrypted volumes across platforms. It's not more secure than anything else, but it presents a workflow that might actually be more secure, due simply to it's ease of implementation.

You're right, security is all that matters here, and folks aren't going to be secure if it remains impossibly difficult to be secure.

0 comments

tptacek11y ago

The reference you just provided, with your "are you going to tell Markus Gattol he's wrong" quip, starts out as follows:

Block-layer encryption, also known as "whole disk encryption", "on-disk encryption" or "full-disk encryption"

I think you're just trolling. Sorry, I didn't even finish reading your comment.

Amusingly (edit: given how you cited it), there is in fact cryptographic stuff wrong in that article.

diminotenOP11y ago

> Amusingly, there is in fact cryptographic stuff wrong in that article.

Oh yeah? That it wasn't personally endorsed by you?

SamReidHughes11y ago

(IMO) In that what it says about what specific things do does not correspond with objective reality. (As a product of the enlightenment I believe that such a concept exists and that correspondence with such is what makes something "wrong" or "right." ;-) If you want to know why, just look at what the article says, then observe objective reality, and see how they differ. The "Salt, Stretching" section is one place to look, it's the only one I really bothered reading.

2 more replies

diminotenOP11y ago

It's like I'm talking to a child when I talk to you. I wouldn't bother if you didn't constantly pop up to derail conversations about crypto with your "crypto should stay hard" attitude. I suspect you want crypto to remain impossible to get right just so you can continue to stay relevant.

The rest of my comment frankly wasn't for you, it's for the folks reading what you write and blindly accepting it. At least now they can see how petulant you can be when facing differing points of view.

YuriNiyazov11y ago

Up until this comment, I thought you might have a point against tptacek, but now it's clear you are trolling. Or at least, not operating under the "give your opponent a charitable interpretation" rule of HN.

1 more reply

j / k navigate · click thread line to collapse

0 pointsdiminoten11y ago0 comments

http://www.markus-gattol.name/ws/dm-crypt_luks.html

"The term "full-disk/on-disk encryption" is often used to signify that everything on a disk is encrypted, including the programs that can encrypt bootable operating system partitions."

Are you going to tell Markus Gattol he's wrong? No? Good, let's move on.

What matters here is the security, and the adoption rate of TrueCrypt is/was through the roof, because of how it allowed folks to move encrypted volumes across various platforms without much hassle.

You're right, security is all that matters here, and folks aren't going to be secure if it remains impossibly difficult to be secure.

0 comments

tptacek11y ago

The reference you just provided, with your "are you going to tell Markus Gattol he's wrong" quip, starts out as follows:

Block-layer encryption, also known as "whole disk encryption", "on-disk encryption" or "full-disk encryption"

I think you're just trolling. Sorry, I didn't even finish reading your comment.

Amusingly (edit: given how you cited it), there is in fact cryptographic stuff wrong in that article.

diminotenOP11y ago

> Amusingly, there is in fact cryptographic stuff wrong in that article.

Oh yeah? That it wasn't personally endorsed by you?

SamReidHughes11y ago

2 more replies

diminotenOP11y ago

YuriNiyazov11y ago

1 more reply

j / k navigate · click thread line to collapse