The sad thing is the NYC metro system is the best in the US. Where I live, you -can- try to bike it places [1], or perhaps find a bus line that goes near your destination, but your commute time will be 2-3 hours for a distance that should be 15-30 minutes at most.
Here in the US, the best bet for mass transportation are autopiloted cars, just due to the distance, and the unwillingness of cities to work on mass transportation as opposed to a new football stadium every 10 years or so.
[1]: Austin is fairly bike friendly, but there are some corridors that one either spends a good time taking a bikable route, or risks life and limb hoping that some soccer mom doesn't hit them while going around a blind turn. Oh, expect to wait for more than one bus (or commute using a folding bike) since usually the bike racks on the front of the buses tend to be taken.
What has kept physical security from being such a concern is that in the past, every company had its own data center, so an intruder would have to learn the ways of that places's coming and going, and eventually find the way to start playing the social engineering job.
People have tried to make calls at places where I worked to get access, one notable one was someone claiming to act on behalf of a corporate officer, and demanded certain permissions for a sensitive share or else be fired. My response was, "blow me or fire me.", and I noted those exact words when sending an E-mail to higher ups noting the attempt. This did some good, it got the corporate brass nervous about people trying to break in with a phone, not a computer. They even had some pen testers running random stuff for a while.
With a cloud provider, there are a lot of eggs in that basket, so the payoff is immense to start coercing or bribing people for info, then start making a call at one point masquerading at a muckety-muck PHB just starting out and wanting info, and so on.
As someone who has been in IT for a while, if I don't know how secure the datacenter is where stuff is being stored, I'm acting in bad faith. Would I trust handing over a sack of cash from my job to someone who pulls up in a 1980s rape van with "Armured Kar" spray-painted on the sidem with a guy who comes out and says, "trust us, we have 'locks' and 'security guards'", and expect the cash to get to the bank? If I did so, I'd probably be tossed in jail for criminal negligence. Similar with a cloud provider.
Most cloud providers provide no assurances on physical security. At least when data is stored locally, all the questions asked above can be answered, even hard questions as what is done if someone is in the lobby showing off their blinged out 9mm and demanding access. Banks have holdup alarms and duress codes, and have -far- less valuable stuff than a data center.
There is one possible answer, and that would be either a private company that is big enough to tell places no if they want fudged results, or a government agency. Said party would audit data centers, physically, network-wise, and by host/OS security. The audit findings would be made public. We do this with food health safety, why not the health of data at a data center? Of course, a cloud provider wouldn't have to have this accreditation, but it would be similar to an armored car company not having any insurance or bonding.
As it stands now, a Linux iptables list is sequential. Packets go through the input/output/forward queues.
If one wants a true network OS, this needs to be changed to a config-based system similar to what Cisco/Alcatel-Lucent/Juniper use. With this, each adapter gets a configuration attached for starters, then things go from there (VLANs, ACLs, etc.)
If Linux could make the jump from sequential parsing to configs, it might just be something that can do the job, but then it moves to the hardware, and a lot of routers have specific ASICs dedicated to packet crunching as opposed to general CPUs.
Citrix can be fiddly, but I've seen pretty decent working setups. It definitely isn't a perfect solution (Citrix servers are another point of failure, and they can go down), but they are sort of a middle ground between all in-house versus all in the cloud.
If it does work, it makes life easy because clients only need a Citrix client as opposed to an office suite.
Another alternative are packaging utilities. A few years ago, there was a program called Thinstall (now bought up by EMC.) I had good success with this program because I could package Office suites and other in-house stuff, host it on a CIFS share, and just push out some shortcuts on client machines. The client machines would cache/stream the package. When it came to update time, I just locate the updated packages in the same directory as the first ones, and the bootstrap application was smart enough to grab those and run it, making updates on the client side just a simple quit/re-run of the program.
There is another program similar, which I eventually want to get around to trying, Evalaze, which offers some more functionality.
The advantage of virtualizing the apps is that nothing has to be installed (via policies or MSI pushes) on the client side. All that is needed is to throw some shortcuts on the client box, and that is done.
As a compromise, for sensitive documents, Citrix applications seem to work. This allows viewing of docs pretty much anywhere, but the items are stored in a secure area (namely the business's data center) and not stored by a third party who realistically has little to no legal responsibility for the documents getting compromised.
A business pays for the servers, either at their own data center, or at the cloud provider's data center, so might as well keep the data where one physically knows where it is.
All an attacker has to do is get admin access to the cloud servers, and every single user and company is theirs. With data stored locally, an attacker would have to pick and choose targets by risk/reward value.
Cloud storage has its uses (especially if I do the encryption locally before it is sent up, such as via a TrueCrypt container), but writing documents on a cloud provider can spell out bad news, especially if someone decides to compromise the provider, tar up all the storage directories, and offer it all for download as an anonymous torrent.
Don't you know, those things amplify the mind control waves? Oh wait... they require brains to work. I'm safe.
The reason for the concern is that we have had shenanigans in government before. Had it not been for multiple whistleblowers, ACTA would be the law of the land in US and Europe, a treaty that would never have seen the light of day until it became ratified. This would have mandated DRM stacks and expanded monitoring.
There is a lot of stuff that we an fix with technological solutions, and not with laws.
The ad intrusion problem is fairly easily dealt with by sandboxing and adblocking, and in worst case getting alternative sites up. When the lawmakers are called in, they are not going to represent the people. They are going to represent their customers (i.e. lobbyists who donate big at the campaign fundraisers.)
If we saw any laws about ads, it would be more laws like CETA making it an arrestible offense to view a website with adblocking.
Instead, a company can always run a clearinghouse. Pay a subscription fee to the clearinghouse, and websites get paid per user viewing. Since the clearinghouse's data and the website user data is separate [1], a user can be known to the clearinghouse, but anonymous to the client website, and the client website gets their microtransaction.
Maybe I'm naiive, but laws should be few, and mainly for mala in se type of stuff. Too much mala prohibitia and we end up with everyone being a lawbreaker, and nothing but contempt for all laws. There is a lot technology can do and do effectively that lawmaking will try and fail at.
[1]: The clearinghouse has a SLA, and also is inspected by third parties (the EU perhaps) to ensure that keeping data protected is actually done, not just lip service rendered.
Consider a grid down scenario done by some intruder. There would be laws passed by Congress, but I would be genuinely surprised if any of what they passed actually did anything for genuine security.
Instead, it would likely be laws for expanded surveillance 24/7 on US citizens, mandatory DRM stacks in all hardware accessing the Internet, trying to make it illegal to be anonymous to websites, and things that wouldn't prevent another power loss, but lowering the bar for arrests and seizures, a la SOPA/PIPA. We'd see far more curious teenagers being hauled in front of judges than we would ever see true blackhats trying to attack the power grid.
I use different browsers for different tasks, as well as Sandboxie for additional separation (the sandboxes are stored on a different volume, so all writes are redirected there. I'm glad I did this since I have had some malware tried to do a "mkdir foo, cd foo" loop and getting rid of it was trivial compared to it happening on a needed disk volume -- a quick diskpart clean and reformat did the trick.
Nothing is certain security, but keeping the bank stuff stays in one browser, while my general stuff stays in another browser/sandbox has seemed to have done a good job for security. I might see about going another notch and browsing in a VM, but sandboxing is almost as secure and it doesn't slow things down as much.
Browser security still seems to be the weakest link these days, but it seems to be getting better. However, it would be nice if functionality to redirect all writes was in the OS, so one could use a disposable volume to protect against stuff trying to use all inodes or using hidden browser cookie-like functionality to continue to identify a user.
Each key has an ID. If someone plops a key with the same key ID, the server will keep and propagate both. This is actually an attack one can do. To deter it, that is why keys are signed, so that a key belonging to prz@acm.com with a page of signatures from old school USENET people is likely to be the right one, while a prz@acm.com with 1-2 bogus signatures and the same key ID (but a different fingerprint) isn't likely to be Phil's key.
We have this technology... keyservers that replicate among each other. Someone's key that is deleted from one will remain on the others, and eventually gets propagated back. Keyservers are designed to copy and add data, never delete/remove items. So, a key that gets on there will remain there forever.
Of course, if every keyserver gets compromised at the same time, that is an attack, but if one is left that still has the key on it, it will propagate the next replication session.
That's the rub: With how everything else has advanced, the only backup software that does deduplication are products like Mozy and Carbonite, where there is financial interest in just sending changes. Of course, there is rsync as well, but that is more of file copying than a backup utility.
Other than those products, backup utilities are still in the Stone Age. Want just changes or deduplication, one has to spend the megabucks for Netbackup, TSM, ArcServe, or an enterprise-grade utility. Even then, backup utilities tend to be platform specific (a backup saved on a Mac can't be restored to a Windows box, unless one uses a samba server as an intermediate step.)
I do wish backup software does deduplication, but most just doesn't bother, so a utility like FileVault with its structure of bands can be more useful than just a program that mounts a flat file as a volume.
Barring multiple companies that messages pass through in multiple countries (likely countries that don't like each other so multi-national warrants won't go through), the only place one can really be assured of security would be the endpoints. One has to assume that every point a message goes through, be it a router or a mailbox, the message is saved off permanently.
Self-destructing messages are a joke. I've read some ways of trying to implement it through having a number of places that store a piece of the message's encryption key, but even that can be compromised by an attacker making a lot of bogus key storage sites, enough to possibly decrypt the messages.
If endpoints are not secure, one is fscked anyway, so might as well focus on a web of trust system so data never is stored in plaintext once it leaves the endpoint.
Apple's solution is quite elegant to this problem with the 8MB bands, so if one change is done to a very large file, only one, possibly two bands change. I just wish something similar was available on other platforms.
Of course the downside is that a determined attacker can see what bands change over time and then guess what is in that data, but that is a relatively low threat, and could be countered by tossing some files in a junk directory and deleting them at random.
Similar with me. The NSA invading privacy is one issue, but I have higher priorities on my list to guard against. I like packing my own parachute so if some criminal organization hacks my remote storage provider [1], the data is still secure.
Is TrueCrypt insecure? Unknown. Is it good enough to keep a criminal organization out of my old tax papers? More likely than not, although I have been moving to storing data in GnuPG [2] encrypted ZIP archives with an accompanying signature and manifest file (also encrypted) which will allow the contents to be opened up on more platforms than just what TC supports.
[1]: When deploying a storage service in a private cloud, I deployed it where the data stored on the SAN LUNs were encrypted. This made great internal PR, but it still didn't solve the problem that if someone hacked the client, the data was a sftp command away from being slurped off.
[2]: Well, on Linux and OS X, GnuPG. On Windows, Symantec's PGP Desktop because it supports my ancient Aladdin (now SafeNet) eTokens.
What would be nice would be a platform independent version of PhonebookFS/EncFS/EFS [1].
With this, one can mount a directory on a mount point, and all files written to the mount point get stored in the directory encrypted. The filesystem is important, but not critical, and the directory of encrypted files can be moved, archived, stuffed onto DropBox, etc. without loss of file integrity or security. PhoneBookFS is especially nice because a directory can have multiple layers in it, so there can be encrypted files which are never used and are just there as chaff, or the directory can have one layer full of innocuous stuff, another layer with the true sensitive data in it. The explanation about chaff always being present provides enough plausible deniability.
[1]: EFS as in the mid-90s version, and perhaps AIX's implementation, not EFS as in Windows's encrypted file support on NTFS.
GPG isn't perfect either. Trying to get it to compile on Solaris or AIX is a very long exercise in grabbing libraries, building them, grabbing more libraries (prereqs), and a long chain of code. It would be nice if GPG had far fewer dependencies.
Of course, there is NetPGP (which is used in NetBSD because GPG is GPL v3 licensed), but I wonder how hard it would be to port that to other operating systems and rely on its security.
Also, GNUpg is for file encryption. Volume encryption requires a different set of code.
At the 10gigE point, things diverge. There is single mode ("don't look at laser with remaining eye") media which is great for long distances, but more expensive, multi-mode which is good enough for inside the server room, and good ol' copper. However, this is what SFP modules are for.
It would be nice if fiber optic made it to the home, other than S/PDIF connections, and preferably with a more idiot-resistant connector than what existing fiber uses, especially with fouling lightpipes due to dust and such. Copper is useful, but eventually for faster connections, we will have to jump ship completely to fiber.
Of course, once we get 400Gbps, there will be the issues of how it filters down and all the switching/routing fabric needed. Most companies were dragged kicking and screaming to 1Gbps, and might use 10gigE for their trunk, or perhaps their SAN fabric. Trying to get them to 400Gbps for anything other than maybe storage will take a very long time.
Truecrypt's main advantage is that it is cross platform. I can make a TC volume on Windows, stash it on Dropbox, then later on open it on my Mac or Linux box.
However, each of the operating systems generally has some method which doesn't have the hidden volumes and the plausible deniability aspect, but some form of volume encryption.
OS X has FileVault 2, which can encrypt drives with a couple clicks. OS X also has a utility that makes sparse images, using "bands", which allows one to have an encrypted volume grow and shrink as needed. Of course, there is a loss of security with this feature, but it adds versatility.
Linux has LUKS and dm-crypt (Android uses a modified version of dm-crypt to protect the/data partition in newer revs.)
Windows has BitLocker. Windows 8 and newer's implementation of BitLocker allow for it to ask for a password before boot even if a TPM chip isn't present. Of course, not all Windows editions have BitLocker usable.
Of course, there are third party utilities. PGP (the commercial version owned by Symantec) comes to mind, which can encrypt Windows, Linux, and Mac volumes. I doubt this would ever be possible, but if their code was released with a free license, this likely would be the best Truecrypt replacement, although it wouldn't have hidden volume functionality.
It still is acting in bad faith. Even though nobody comes out to actively defend a work, it still isn't ethical to recopy and relicense someone else's stuff without permission.
If TC turns out to have issues, the best thing would be to get behind a project like FreeOTFE and have that thoroughly audited and vetted. The second best would be to see about getting a company who has a product with similar functionality (BestCrypt or even better, Symantec's PGP Desktop) and having them create an "open" version. This likely will be extremely difficult at best.
GPG has had a number of eyeballs on it, as well as funding from more than one government (Germany in particular.)
All and all, it is a good program, although trying to build 2.x on a number of platforms like AIX can be an exercise in frustration due to the sheer number of libraries it uses.
I wonder what will replace Lavabit for secure E-mail [1] these days. There is always the old standby Hushmail, but it would be nice to find something that can do other features (calendars and such.)
[1]: Others, it is different, but to me, a secure mail provider, where I am their paying customer and not their product, where they have innate intrusion resistance, and their mail service is designed so an attacker couldn't just grab Exchange mailboxes, or scp off/var/spool/mail/*. More assurance than "yes, we use 'encryption', 'passwords', and 'firewalls'."
How is sending someone money related to free speech? Free speech and financial campaign contributions are completely different things, and this is probably one of the core reasons why Congress has little to no interest in actually doing what their constituents want.
The no confidence vote is the last resort. Right now, there is no lever that the American people have against a failed Congress. Even if it takes two months for a new crew to come into office with a government shut down, that is better than an unlimited duration of the current circus we have right now.
Going out on a limb, maybe the answer isn't voting people in at all. It might just be a lottery draw from the pool of US citizens similar to how juries are done. That way, the whole issue of campaign finance/reform is completely moot. Of course, there are issues with that, but having a representative who is drawn at random might just bring less corruption than people who get seats on the behest of super-PACs.
It is interesting watching FB's reaction to this. This doesn't seem to bode well for people who want to work outside the ecosystem FB has.
Short term, this can be understandable -- if it is not using the API, or things FB can control, it can't be monetized, so FB seems to take steps to stop it.
Long term, it may not be in FB's best interest. Right now, there is no competition on the horizon other than G+ [1] and possibly VK, but there is a tipping point somewhere that people might start moving to another provider and its relatively higher privacy controls en masse, forcing their friends to come along, and we will see something similar to the MySpace -> FB transition.
I don't see many people really loving FB. It tends to be more of something tolerated, with people sighing and grumbling every time there is a UI change. Too much pressure, and people eventually will start moving over to another service.
Who knows... maybe this might be another market for Apple. They already have the in-house expertise for it (iTunes Ping), and I'm sure that if they opened their doors for a social network, they would get people flooding in just on name recognition alone.
Slashdot Mirror
The sad thing is the NYC metro system is the best in the US. Where I live, you -can- try to bike it places [1], or perhaps find a bus line that goes near your destination, but your commute time will be 2-3 hours for a distance that should be 15-30 minutes at most.
Here in the US, the best bet for mass transportation are autopiloted cars, just due to the distance, and the unwillingness of cities to work on mass transportation as opposed to a new football stadium every 10 years or so.
[1]: Austin is fairly bike friendly, but there are some corridors that one either spends a good time taking a bikable route, or risks life and limb hoping that some soccer mom doesn't hit them while going around a blind turn. Oh, expect to wait for more than one bus (or commute using a folding bike) since usually the bike racks on the front of the buses tend to be taken.
What has kept physical security from being such a concern is that in the past, every company had its own data center, so an intruder would have to learn the ways of that places's coming and going, and eventually find the way to start playing the social engineering job.
People have tried to make calls at places where I worked to get access, one notable one was someone claiming to act on behalf of a corporate officer, and demanded certain permissions for a sensitive share or else be fired. My response was, "blow me or fire me.", and I noted those exact words when sending an E-mail to higher ups noting the attempt. This did some good, it got the corporate brass nervous about people trying to break in with a phone, not a computer. They even had some pen testers running random stuff for a while.
With a cloud provider, there are a lot of eggs in that basket, so the payoff is immense to start coercing or bribing people for info, then start making a call at one point masquerading at a muckety-muck PHB just starting out and wanting info, and so on.
As someone who has been in IT for a while, if I don't know how secure the datacenter is where stuff is being stored, I'm acting in bad faith. Would I trust handing over a sack of cash from my job to someone who pulls up in a 1980s rape van with "Armured Kar" spray-painted on the sidem with a guy who comes out and says, "trust us, we have 'locks' and 'security guards'", and expect the cash to get to the bank? If I did so, I'd probably be tossed in jail for criminal negligence. Similar with a cloud provider.
Most cloud providers provide no assurances on physical security. At least when data is stored locally, all the questions asked above can be answered, even hard questions as what is done if someone is in the lobby showing off their blinged out 9mm and demanding access. Banks have holdup alarms and duress codes, and have -far- less valuable stuff than a data center.
There is one possible answer, and that would be either a private company that is big enough to tell places no if they want fudged results, or a government agency. Said party would audit data centers, physically, network-wise, and by host/OS security. The audit findings would be made public. We do this with food health safety, why not the health of data at a data center? Of course, a cloud provider wouldn't have to have this accreditation, but it would be similar to an armored car company not having any insurance or bonding.
As it stands now, a Linux iptables list is sequential. Packets go through the input/output/forward queues.
If one wants a true network OS, this needs to be changed to a config-based system similar to what Cisco/Alcatel-Lucent/Juniper use. With this, each adapter gets a configuration attached for starters, then things go from there (VLANs, ACLs, etc.)
If Linux could make the jump from sequential parsing to configs, it might just be something that can do the job, but then it moves to the hardware, and a lot of routers have specific ASICs dedicated to packet crunching as opposed to general CPUs.
Citrix can be fiddly, but I've seen pretty decent working setups. It definitely isn't a perfect solution (Citrix servers are another point of failure, and they can go down), but they are sort of a middle ground between all in-house versus all in the cloud.
If it does work, it makes life easy because clients only need a Citrix client as opposed to an office suite.
Another alternative are packaging utilities. A few years ago, there was a program called Thinstall (now bought up by EMC.) I had good success with this program because I could package Office suites and other in-house stuff, host it on a CIFS share, and just push out some shortcuts on client machines. The client machines would cache/stream the package. When it came to update time, I just locate the updated packages in the same directory as the first ones, and the bootstrap application was smart enough to grab those and run it, making updates on the client side just a simple quit/re-run of the program.
There is another program similar, which I eventually want to get around to trying, Evalaze, which offers some more functionality.
The advantage of virtualizing the apps is that nothing has to be installed (via policies or MSI pushes) on the client side. All that is needed is to throw some shortcuts on the client box, and that is done.
As a compromise, for sensitive documents, Citrix applications seem to work. This allows viewing of docs pretty much anywhere, but the items are stored in a secure area (namely the business's data center) and not stored by a third party who realistically has little to no legal responsibility for the documents getting compromised.
A business pays for the servers, either at their own data center, or at the cloud provider's data center, so might as well keep the data where one physically knows where it is.
To me, none.
All an attacker has to do is get admin access to the cloud servers, and every single user and company is theirs. With data stored locally, an attacker would have to pick and choose targets by risk/reward value.
Cloud storage has its uses (especially if I do the encryption locally before it is sent up, such as via a TrueCrypt container), but writing documents on a cloud provider can spell out bad news, especially if someone decides to compromise the provider, tar up all the storage directories, and offer it all for download as an anonymous torrent.
Don't you know, those things amplify the mind control waves? Oh wait... they require brains to work. I'm safe.
The reason for the concern is that we have had shenanigans in government before. Had it not been for multiple whistleblowers, ACTA would be the law of the land in US and Europe, a treaty that would never have seen the light of day until it became ratified. This would have mandated DRM stacks and expanded monitoring.
There is a lot of stuff that we an fix with technological solutions, and not with laws.
The ad intrusion problem is fairly easily dealt with by sandboxing and adblocking, and in worst case getting alternative sites up. When the lawmakers are called in, they are not going to represent the people. They are going to represent their customers (i.e. lobbyists who donate big at the campaign fundraisers.)
If we saw any laws about ads, it would be more laws like CETA making it an arrestible offense to view a website with adblocking.
Instead, a company can always run a clearinghouse. Pay a subscription fee to the clearinghouse, and websites get paid per user viewing. Since the clearinghouse's data and the website user data is separate [1], a user can be known to the clearinghouse, but anonymous to the client website, and the client website gets their microtransaction.
Maybe I'm naiive, but laws should be few, and mainly for mala in se type of stuff. Too much mala prohibitia and we end up with everyone being a lawbreaker, and nothing but contempt for all laws. There is a lot technology can do and do effectively that lawmaking will try and fail at.
[1]: The clearinghouse has a SLA, and also is inspected by third parties (the EU perhaps) to ensure that keeping data protected is actually done, not just lip service rendered.
I hate so state this, but you are actually right.
Consider a grid down scenario done by some intruder. There would be laws passed by Congress, but I would be genuinely surprised if any of what they passed actually did anything for genuine security.
Instead, it would likely be laws for expanded surveillance 24/7 on US citizens, mandatory DRM stacks in all hardware accessing the Internet, trying to make it illegal to be anonymous to websites, and things that wouldn't prevent another power loss, but lowering the bar for arrests and seizures, a la SOPA/PIPA. We'd see far more curious teenagers being hauled in front of judges than we would ever see true blackhats trying to attack the power grid.
I use different browsers for different tasks, as well as Sandboxie for additional separation (the sandboxes are stored on a different volume, so all writes are redirected there. I'm glad I did this since I have had some malware tried to do a "mkdir foo, cd foo" loop and getting rid of it was trivial compared to it happening on a needed disk volume -- a quick diskpart clean and reformat did the trick.
Nothing is certain security, but keeping the bank stuff stays in one browser, while my general stuff stays in another browser/sandbox has seemed to have done a good job for security. I might see about going another notch and browsing in a VM, but sandboxing is almost as secure and it doesn't slow things down as much.
Browser security still seems to be the weakest link these days, but it seems to be getting better. However, it would be nice if functionality to redirect all writes was in the OS, so one could use a disposable volume to protect against stuff trying to use all inodes or using hidden browser cookie-like functionality to continue to identify a user.
Each key has an ID. If someone plops a key with the same key ID, the server will keep and propagate both. This is actually an attack one can do. To deter it, that is why keys are signed, so that a key belonging to prz@acm.com with a page of signatures from old school USENET people is likely to be the right one, while a prz@acm.com with 1-2 bogus signatures and the same key ID (but a different fingerprint) isn't likely to be Phil's key.
We have this technology... keyservers that replicate among each other. Someone's key that is deleted from one will remain on the others, and eventually gets propagated back. Keyservers are designed to copy and add data, never delete/remove items. So, a key that gets on there will remain there forever.
Of course, if every keyserver gets compromised at the same time, that is an attack, but if one is left that still has the key on it, it will propagate the next replication session.
That's the rub: With how everything else has advanced, the only backup software that does deduplication are products like Mozy and Carbonite, where there is financial interest in just sending changes. Of course, there is rsync as well, but that is more of file copying than a backup utility.
Other than those products, backup utilities are still in the Stone Age. Want just changes or deduplication, one has to spend the megabucks for Netbackup, TSM, ArcServe, or an enterprise-grade utility. Even then, backup utilities tend to be platform specific (a backup saved on a Mac can't be restored to a Windows box, unless one uses a samba server as an intermediate step.)
I do wish backup software does deduplication, but most just doesn't bother, so a utility like FileVault with its structure of bands can be more useful than just a program that mounts a flat file as a volume.
Barring multiple companies that messages pass through in multiple countries (likely countries that don't like each other so multi-national warrants won't go through), the only place one can really be assured of security would be the endpoints. One has to assume that every point a message goes through, be it a router or a mailbox, the message is saved off permanently.
Self-destructing messages are a joke. I've read some ways of trying to implement it through having a number of places that store a piece of the message's encryption key, but even that can be compromised by an attacker making a lot of bogus key storage sites, enough to possibly decrypt the messages.
If endpoints are not secure, one is fscked anyway, so might as well focus on a web of trust system so data never is stored in plaintext once it leaves the endpoint.
Apple's solution is quite elegant to this problem with the 8MB bands, so if one change is done to a very large file, only one, possibly two bands change. I just wish something similar was available on other platforms.
Of course the downside is that a determined attacker can see what bands change over time and then guess what is in that data, but that is a relatively low threat, and could be countered by tossing some files in a junk directory and deleting them at random.
Similar with me. The NSA invading privacy is one issue, but I have higher priorities on my list to guard against. I like packing my own parachute so if some criminal organization hacks my remote storage provider [1], the data is still secure.
Is TrueCrypt insecure? Unknown. Is it good enough to keep a criminal organization out of my old tax papers? More likely than not, although I have been moving to storing data in GnuPG [2] encrypted ZIP archives with an accompanying signature and manifest file (also encrypted) which will allow the contents to be opened up on more platforms than just what TC supports.
[1]: When deploying a storage service in a private cloud, I deployed it where the data stored on the SAN LUNs were encrypted. This made great internal PR, but it still didn't solve the problem that if someone hacked the client, the data was a sftp command away from being slurped off.
[2]: Well, on Linux and OS X, GnuPG. On Windows, Symantec's PGP Desktop because it supports my ancient Aladdin (now SafeNet) eTokens.
What would be nice would be a platform independent version of PhonebookFS/EncFS/EFS [1].
With this, one can mount a directory on a mount point, and all files written to the mount point get stored in the directory encrypted. The filesystem is important, but not critical, and the directory of encrypted files can be moved, archived, stuffed onto DropBox, etc. without loss of file integrity or security. PhoneBookFS is especially nice because a directory can have multiple layers in it, so there can be encrypted files which are never used and are just there as chaff, or the directory can have one layer full of innocuous stuff, another layer with the true sensitive data in it. The explanation about chaff always being present provides enough plausible deniability.
[1]: EFS as in the mid-90s version, and perhaps AIX's implementation, not EFS as in Windows's encrypted file support on NTFS.
GPG isn't perfect either. Trying to get it to compile on Solaris or AIX is a very long exercise in grabbing libraries, building them, grabbing more libraries (prereqs), and a long chain of code. It would be nice if GPG had far fewer dependencies.
Of course, there is NetPGP (which is used in NetBSD because GPG is GPL v3 licensed), but I wonder how hard it would be to port that to other operating systems and rely on its security.
Also, GNUpg is for file encryption. Volume encryption requires a different set of code.
At the 10gigE point, things diverge. There is single mode ("don't look at laser with remaining eye") media which is great for long distances, but more expensive, multi-mode which is good enough for inside the server room, and good ol' copper. However, this is what SFP modules are for.
It would be nice if fiber optic made it to the home, other than S/PDIF connections, and preferably with a more idiot-resistant connector than what existing fiber uses, especially with fouling lightpipes due to dust and such. Copper is useful, but eventually for faster connections, we will have to jump ship completely to fiber.
Of course, once we get 400Gbps, there will be the issues of how it filters down and all the switching/routing fabric needed. Most companies were dragged kicking and screaming to 1Gbps, and might use 10gigE for their trunk, or perhaps their SAN fabric. Trying to get them to 400Gbps for anything other than maybe storage will take a very long time.
Truecrypt's main advantage is that it is cross platform. I can make a TC volume on Windows, stash it on Dropbox, then later on open it on my Mac or Linux box.
However, each of the operating systems generally has some method which doesn't have the hidden volumes and the plausible deniability aspect, but some form of volume encryption.
OS X has FileVault 2, which can encrypt drives with a couple clicks. OS X also has a utility that makes sparse images, using "bands", which allows one to have an encrypted volume grow and shrink as needed. Of course, there is a loss of security with this feature, but it adds versatility.
Linux has LUKS and dm-crypt (Android uses a modified version of dm-crypt to protect the /data partition in newer revs.)
Windows has BitLocker. Windows 8 and newer's implementation of BitLocker allow for it to ask for a password before boot even if a TPM chip isn't present. Of course, not all Windows editions have BitLocker usable.
Of course, there are third party utilities. PGP (the commercial version owned by Symantec) comes to mind, which can encrypt Windows, Linux, and Mac volumes. I doubt this would ever be possible, but if their code was released with a free license, this likely would be the best Truecrypt replacement, although it wouldn't have hidden volume functionality.
It still is acting in bad faith. Even though nobody comes out to actively defend a work, it still isn't ethical to recopy and relicense someone else's stuff without permission.
If TC turns out to have issues, the best thing would be to get behind a project like FreeOTFE and have that thoroughly audited and vetted. The second best would be to see about getting a company who has a product with similar functionality (BestCrypt or even better, Symantec's PGP Desktop) and having them create an "open" version. This likely will be extremely difficult at best.
GPG has had a number of eyeballs on it, as well as funding from more than one government (Germany in particular.)
All and all, it is a good program, although trying to build 2.x on a number of platforms like AIX can be an exercise in frustration due to the sheer number of libraries it uses.
I wonder what will replace Lavabit for secure E-mail [1] these days. There is always the old standby Hushmail, but it would be nice to find something that can do other features (calendars and such.)
[1]: Others, it is different, but to me, a secure mail provider, where I am their paying customer and not their product, where they have innate intrusion resistance, and their mail service is designed so an attacker couldn't just grab Exchange mailboxes, or scp off /var/spool/mail/*. More assurance than "yes, we use 'encryption', 'passwords', and 'firewalls'."
How is sending someone money related to free speech? Free speech and financial campaign contributions are completely different things, and this is probably one of the core reasons why Congress has little to no interest in actually doing what their constituents want.
The no confidence vote is the last resort. Right now, there is no lever that the American people have against a failed Congress. Even if it takes two months for a new crew to come into office with a government shut down, that is better than an unlimited duration of the current circus we have right now.
Going out on a limb, maybe the answer isn't voting people in at all. It might just be a lottery draw from the pool of US citizens similar to how juries are done. That way, the whole issue of campaign finance/reform is completely moot. Of course, there are issues with that, but having a representative who is drawn at random might just bring less corruption than people who get seats on the behest of super-PACs.
It is interesting watching FB's reaction to this. This doesn't seem to bode well for people who want to work outside the ecosystem FB has.
Short term, this can be understandable -- if it is not using the API, or things FB can control, it can't be monetized, so FB seems to take steps to stop it.
Long term, it may not be in FB's best interest. Right now, there is no competition on the horizon other than G+ [1] and possibly VK, but there is a tipping point somewhere that people might start moving to another provider and its relatively higher privacy controls en masse, forcing their friends to come along, and we will see something similar to the MySpace -> FB transition.
I don't see many people really loving FB. It tends to be more of something tolerated, with people sighing and grumbling every time there is a UI change. Too much pressure, and people eventually will start moving over to another service.
Who knows... maybe this might be another market for Apple. They already have the in-house expertise for it (iTunes Ping), and I'm sure that if they opened their doors for a social network, they would get people flooding in just on name recognition alone.