That is incorrect, currency has to be backed by gold.
That is not true, but I think I know where you're getting the idea. You should look up the "Gold Standard". Very few currencies (if any) are currently on a Gold Standard.
Well, certainly you're not going to get the service at cost, and presumably you could go to your bank and convert that money to dollars, then buy at the US dollar price?
That said, it's not just 2% charge, it's the infrastructure to support the multiple currencies (now, I don't know, nor do I understand everything that would be required for that, is it as simple as getting payments into your account in Euros/Pounds/Lira/Peso's and having your bank run a batch conversion? Or is the bank taking a transaction fee each time?)
Also, is there special accounting they need to do to handle taxes/etc in those countries they accept payments from?
It's certainly not going to be a simple 2% difference. Once you take into account all the costs, all the added risks, the extra employees (if required) and consider the volume, 20% may be a real deal.
That's a lot of assumptions though, and knowing business: I'd fall back to: "You're getting boned, man."
My only complaint and the reason I will one day move away from them is there continued overcharging of non-US based customers. Electrons and bits don't cost more on the other side of the pond!
No, but converting from your currency to our currency isn't free (it's a service provided by banks generally, and at a price). Passing costs on to the customer is normal business practice.
Oh well. Ive already taken a mod hit (I dont care). Ill respond to your refutation.
---Incorrect, there is no container file inside the first container, and if you don't enter the password for the second container the same time as the first container you *CAN* overwrite the data in the second container, thus corrupting it.---
I am talking about this link in which displays a large container and 2 containers inside of it. The text accompanying it is also sort of misleading. What does worry me is this statement:
"NTFS file system stores various data throughout the entire volume (as opposed to FAT) leaving little room for the hidden volume."
This indicates that the hidden volume is just a free-space volume. This can be attacked by my method: get the 'sucker volume' and swap bits on the files stored to get an idea on how big the hidden is.
Except that isn't what happens. The *ONLY* time truecrypt has knowledge of the hidden volume is when you provide the correct hidden volume password. If you don't provide that password, it treats the outer volume as though there is no inner volume. Thus, if you make a change to the outer volume while there is no inner volume information entered/read into truecrypt, truecrypt will allow that hidden volume information to be overwritten. So someone who gets your outside volume password and tries to attack the inner volume by writing data to the free space in the outer volume will be allowed to corrupt the inner volume, thus destroying any data you had there.
---From the website (If only people would RTFM (no, I'm not new here)):---
I did read the fucking manual (and website). Free space storage can be 'found out' rather readily. Yes, they do use "advanced encryption techniques" and such, but as they warn, someone who has access to the unmounted volume over many writes can prove there are hidden volumes. This is no good thing in any way. Also there is provided a way to "maintain data security": context levels suggested by Shamir is the way to go, and not the Truecrypt way. Placing multiple sectors along with reed solomon codes would allow rebuilding of partially corrupted hidden files, even if somebody knew the password for a specific context.
In this context, RTFM is "read the fine material". I believe the warning you are pointing out is the following:
If an adversary has access to a (dismounted) TrueCrypt volume at several points over time, he may be able to determine which sectors of the volume are changing. If you change the contents of a hidden volume (e.g., create/copy new files to the hidden volume or modify/delete/rename/move files stored on the hidden volume, etc.), the contents of sectors (ciphertext) in the hidden volume area will change. After being given the password to the outer volume, the adversary might demand an explanation why these sectors changed. Your failure to provide a plausible explanation might cause the adversary to suspect that the volume contains a hidden volume.
The same is true of stegography, if you hide your data in the unused bits of a jpeg file and that jpeg file data changes over the course of time as you update your data you run into the same issue. That said, you can easilly add an extra level of deniability by just mounting the outer volume in protected mode after you update your hidden volume and write/delete some data. That way sectors all over the container change, and you have your plausible deniability.
Also, how does one prevent Windows from cacheing any of this in places it shouldnt? Does Windows even offer a way to encrypt a swap? Or has one hibernated with this program in memory?
Truecypt flags it's memory to not be swapped, and generally (not always) windows will obey that request. That said, there is a long list of security precautions on their website with the solution and/or workaround for each.
If you have a container X big, one can have smaller containers inside that. The key opens the outer container, but exposes the inside (to use their language). Even if these hidden volumes dont have publically readable containers, one can still see them and delete them.
Incorrect, there is no container file inside the first container, and if you don't enter the password for the second container the same time as the first container you *CAN* overwrite the data in the second container, thus corrupting it.
From the website (If only people would RTFM (no, I'm not new here)):
Protection of Hidden Volumes Against Damage
As of TrueCrypt 4.0, it is possible to write data to an outer volume without risking that a hidden volume within it will get damaged (overwritten).
When mounting an outer volume, the user can enter two passwords: One for the outer volume, and the other for a hidden volume within it, which he wants to protect. In this mode, TrueCrypt does not actually mount the hidden volume. It only decrypts its header and retrieves information about the size of the hidden volume (from the decrypted header). Then, the outer volume is mounted and any attempt to save data to the area of the hidden volume will be rejected (until the outer volume is dismounted).
Note that TrueCrypt never modifies the filesystem (e.g., information about allocated clusters, amount of free space, etc.) within the outer volume in any way. As soon as the volume is dismounted, the protection is lost. When the volume is mounted again, it is not possible to determine whether the volume has used hidden volume protection or not. The hidden volume protection can be activated only by users who supply the correct password (and/or keyfiles) for the hidden volume (each time they mount the outer volume).
We can't. But purjury is a felony, and I presume that the attorney in question would rather not be brought up on those charges. A false set of books presented as evidence would be purjury.
Oh, I don't bother with that -- I just use Firefox instead.
Incidentally, that still doesn't match the functionality of Firefox, since you lose the ability to search from the address bar. The only way to really fix it would be to not have a URL for the error "page."
In IE7 there is a search bar right next to the addressbar. But that said, I don't bother with searching from either, I just goto google and type in my search. Same on Firefox.
Compared to leaving it in the address like Firefox does, IE's practice of forcing me to copy and paste it back from the search field is incredibly (and needlessly!) annoying.
Tools -> options -> Advanced -> Scroll down to "Search from Address Bar" -> [*] "Do not search from addressbar"
How about the Geneva Conventions. They include a clause against torture, but the US has Used torture in the "War on Terror".
Before I post, let me make it clear that I am completely opposed to using torture as a method of interrogation, specifically because the information you get isn't reliable. That said:
The Third Geneva Convention covers the treatment of POW's. Article 2, specifically "That the relationship between the "High Contracting Parties" and a non-signatory, the party will remain bound until the non-signatory no longer acts under the strictures of the convention. "...Although one of the Powers in conflict may not be a party to the present Convention, the Powers who are parties thereto shall remain bound by it in their mutual relations. They shall furthermore be bound by the Convention in relation to the said Power, if the latter accepts and applies the provisions thereof."" (Emphasis mine).
Basically we don't have to act under the Geneva convention because our foe #1: Didn't sign the convention and #2: Isn't following it.
It's a tragedy, and I really wish we would take the moral high ground (Which is why I voted strongly for representatives that were anti-torture in the recent election), but according to the convention, we're playing by the rules we agreed to.
Yes, and we haven't "not-honored" any that we've signed on to, we've used clauses in treaties to pull out of the treaty itself, but we did it in the way agreed upon by that treaty, thus honoring the treaty. (We're idiots for doing so in most cases, but that doesn't mean we didn't honor the treaty.)
This is typical for X and indeed quite useful. But quite different of automatically pasting anything selected without any further action. Which was the system outlined here.
I believe you are mistaken, please re-read the thread. Nothing mentioned about autopasting, just autocopy.
This is the default (and very useful) behavior in each of the linux install's I've ever done.
Being able to highlight something, then middle click to paste it somewhere is huge.
You still have a separate ctrl-c and ctrl-v functionality with a separate clipboard for your manual copy/paste, so you're not losing any functionality.
It's a *very* useful feature, and far from useless, I keep looking for something similiar for windows but can't find anything that works for me.
clipboard.autocopy is the setting to tell you if you want highlighted text to automagically be copied instead of doing it with the mouse/keyboard.
signed.applets.codebase_principal_support Gives scripts using codebase principals access advanced scripting capabilities. Basically, it allows signed applets out of the sandbox because they've promised to play nice. One of the main uses of this (according to the help page) is to allow IRC applications access to your clipboard.
Not sure why you replied to my message with this, but you're just expanding on exactly the point I was making. Perhaps you meant to reply to the parent?
However, we, in the US, have this little thing called the first amendment. The right to free speech. What Spamhaus (or rather, the email server admin) does is interfere with end users ability to receive free speech.
This is an opt-in DNSBL. So your little "free speach" defense doesn't work.
Even considering SPAM to be free speach, it doesn't hold up. The people subscribing to the DNSBL are doing do with their own private property. Your right to free speach ends on my property, just as your right to swing your arms wherever you want ends at my nose.
Infant mortality rates for the US are worse than those of practically every industrialized nation. Cuba has better infant mortality rates than the USA [geographyiq.com]. And remember that if you're black in the USA, the rate is 3x higher...
I would like to see a study which removed all premature births from the statistics on both sides.
Fact is, the US goes to truely heroic measures to save children born months premature, and when doctors are unable to save the child it isn't marked as a "miscarriage" it gets marked as "baby died".
Which is fine and all, except that THE PROGRAM ENCRYPTS THE DOCUMENTS. It has to know the password it uses to encrypt the document. Sure, if it was a decryption routine, that is fine, it never needs to know the actual password, just a hash, etc of the password. But a hash of a password will not encrypt something the same way as the password itself.
No, you are missing the point. The code needs to know the password to use to excrypt the file. With just an MD5 hash of the password there is no way for the code to get the password itself to actually use.
You're missing the context of this. it's not a decryption routine. It's an encryption routine.
Seems to me that if you run a (public) NTP server with a publicly available IP address and/or DNS resolution, that means anyone (public) can use the (public) service - no?
Slashdot Mirror
That is incorrect, currency has to be backed by gold.
That is not true, but I think I know where you're getting the idea. You should look up the "Gold Standard". Very few currencies (if any) are currently on a Gold Standard.
Well, certainly you're not going to get the service at cost, and presumably you could go to your bank and convert that money to dollars, then buy at the US dollar price?
That said, it's not just 2% charge, it's the infrastructure to support the multiple currencies (now, I don't know, nor do I understand everything that would be required for that, is it as simple as getting payments into your account in Euros/Pounds/Lira/Peso's and having your bank run a batch conversion? Or is the bank taking a transaction fee each time?)
Also, is there special accounting they need to do to handle taxes/etc in those countries they accept payments from?
It's certainly not going to be a simple 2% difference. Once you take into account all the costs, all the added risks, the extra employees (if required) and consider the volume, 20% may be a real deal.
That's a lot of assumptions though, and knowing business: I'd fall back to: "You're getting boned, man."
My only complaint and the reason I will one day move away from them is there continued overcharging of non-US based customers. Electrons and bits don't cost more on the other side of the pond!
No, but converting from your currency to our currency isn't free (it's a service provided by banks generally, and at a price). Passing costs on to the customer is normal business practice.
Oh well. Ive already taken a mod hit (I dont care). Ill respond to your refutation.
---Incorrect, there is no container file inside the first container, and if you don't enter the password for the second container the same time as the first container you *CAN* overwrite the data in the second container, thus corrupting it.---
I am talking about this link in which displays a large container and 2 containers inside of it. The text accompanying it is also sort of misleading. What does worry me is this statement:
"NTFS file system stores various data throughout the entire volume (as opposed to FAT) leaving little room for the hidden volume."
This indicates that the hidden volume is just a free-space volume. This can be attacked by my method: get the 'sucker volume' and swap bits on the files stored to get an idea on how big the hidden is.
Except that isn't what happens. The *ONLY* time truecrypt has knowledge of the hidden volume is when you provide the correct hidden volume password. If you don't provide that password, it treats the outer volume as though there is no inner volume. Thus, if you make a change to the outer volume while there is no inner volume information entered/read into truecrypt, truecrypt will allow that hidden volume information to be overwritten. So someone who gets your outside volume password and tries to attack the inner volume by writing data to the free space in the outer volume will be allowed to corrupt the inner volume, thus destroying any data you had there.
---From the website (If only people would RTFM (no, I'm not new here)):---
I did read the fucking manual (and website). Free space storage can be 'found out' rather readily. Yes, they do use "advanced encryption techniques" and such, but as they warn, someone who has access to the unmounted volume over many writes can prove there are hidden volumes. This is no good thing in any way. Also there is provided a way to "maintain data security": context levels suggested by Shamir is the way to go, and not the Truecrypt way. Placing multiple sectors along with reed solomon codes would allow rebuilding of partially corrupted hidden files, even if somebody knew the password for a specific context.
In this context, RTFM is "read the fine material". I believe the warning you are pointing out is the following:
If an adversary has access to a (dismounted) TrueCrypt volume at several points over time, he may be able to determine which sectors of the volume are changing. If you change the contents of a hidden volume (e.g., create/copy new files to the hidden volume or modify/delete/rename/move files stored on the hidden volume, etc.), the contents of sectors (ciphertext) in the hidden volume area will change. After being given the password to the outer volume, the adversary might demand an explanation why these sectors changed. Your failure to provide a plausible explanation might cause the adversary to suspect that the volume contains a hidden volume.
The same is true of stegography, if you hide your data in the unused bits of a jpeg file and that jpeg file data changes over the course of time as you update your data you run into the same issue. That said, you can easilly add an extra level of deniability by just mounting the outer volume in protected mode after you update your hidden volume and write/delete some data. That way sectors all over the container change, and you have your plausible deniability.
Also, how does one prevent Windows from cacheing any of this in places it shouldnt? Does Windows even offer a way to encrypt a swap? Or has one hibernated with this program in memory?
Truecypt flags it's memory to not be swapped, and generally (not always) windows will obey that request. That said, there is a long list of security precautions on their website with the solution and/or workaround for each.
At least
If you have a container X big, one can have smaller containers inside that. The key opens the outer container, but exposes the inside (to use their language). Even if these hidden volumes dont have publically readable containers, one can still see them and delete them.
Incorrect, there is no container file inside the first container, and if you don't enter the password for the second container the same time as the first container you *CAN* overwrite the data in the second container, thus corrupting it.
From the website (If only people would RTFM (no, I'm not new here)):
Protection of Hidden Volumes Against Damage
As of TrueCrypt 4.0, it is possible to write data to an outer volume without risking that a hidden volume within it will get damaged (overwritten).
When mounting an outer volume, the user can enter two passwords: One for the outer volume, and the other for a hidden volume within it, which he wants to protect. In this mode, TrueCrypt does not actually mount the hidden volume. It only decrypts its header and retrieves information about the size of the hidden volume (from the decrypted header). Then, the outer volume is mounted and any attempt to save data to the area of the hidden volume will be rejected (until the outer volume is dismounted).
Note that TrueCrypt never modifies the filesystem (e.g., information about allocated clusters, amount of free space, etc.) within the outer volume in any way. As soon as the volume is dismounted, the protection is lost. When the volume is mounted again, it is not possible to determine whether the volume has used hidden volume protection or not. The hidden volume protection can be activated only by users who supply the correct password (and/or keyfiles) for the hidden volume (each time they mount the outer volume).
come to think of it, screw the millions over millions, just bring on the chicks for free
I'm going to rot in hell for this, but:
In Soviet Russia we screw the chicks and bring on the millions over millions for free.
We can't. But purjury is a felony, and I presume that the attorney in question would rather not be brought up on those charges. A false set of books presented as evidence would be purjury.
Oh, I don't bother with that -- I just use Firefox instead.
Incidentally, that still doesn't match the functionality of Firefox, since you lose the ability to search from the address bar. The only way to really fix it would be to not have a URL for the error "page."
In IE7 there is a search bar right next to the addressbar. But that said, I don't bother with searching from either, I just goto google and type in my search. Same on Firefox.
(BTW: I use firefox as well)
Compared to leaving it in the address like Firefox does, IE's practice of forcing me to copy and paste it back from the search field is incredibly (and needlessly!) annoying.
Tools -> options -> Advanced -> Scroll down to "Search from Address Bar" -> [*] "Do not search from addressbar"
Please cite who this "Major video rental place" is.
Thank you
I'm not particularly looking for a challenge. I'm looking to have fun and relax.
How about the Geneva Conventions. They include a clause against torture, but the US has Used torture in the "War on Terror".
Before I post, let me make it clear that I am completely opposed to using torture as a method of interrogation, specifically because the information you get isn't reliable. That said:
The Third Geneva Convention covers the treatment of POW's. Article 2, specifically "That the relationship between the "High Contracting Parties" and a non-signatory, the party will remain bound until the non-signatory no longer acts under the strictures of the convention. "...Although one of the Powers in conflict may not be a party to the present Convention, the Powers who are parties thereto shall remain bound by it in their mutual relations. They shall furthermore be bound by the Convention in relation to the said Power, if the latter accepts and applies the provisions thereof."" (Emphasis mine).
Basically we don't have to act under the Geneva convention because our foe #1: Didn't sign the convention and #2: Isn't following it.
It's a tragedy, and I really wish we would take the moral high ground (Which is why I voted strongly for representatives that were anti-torture in the recent election), but according to the convention, we're playing by the rules we agreed to.
The American government honours treaties now?
Yes, and we haven't "not-honored" any that we've signed on to, we've used clauses in treaties to pull out of the treaty itself, but we did it in the way agreed upon by that treaty, thus honoring the treaty. (We're idiots for doing so in most cases, but that doesn't mean we didn't honor the treaty.)
This is typical for X and indeed quite useful. But quite different of automatically pasting anything selected without any further action. Which was the system outlined here.
I believe you are mistaken, please re-read the thread. Nothing mentioned about autopasting, just autocopy.
This is the default (and very useful) behavior in each of the linux install's I've ever done.
Being able to highlight something, then middle click to paste it somewhere is huge.
You still have a separate ctrl-c and ctrl-v functionality with a separate clipboard for your manual copy/paste, so you're not losing any functionality.
It's a *very* useful feature, and far from useless, I keep looking for something similiar for windows but can't find anything that works for me.
clipboard.autocopy is the setting to tell you if you want highlighted text to automagically be copied instead of doing it with the mouse/keyboard.
c onfig_Entries
signed.applets.codebase_principal_support Gives scripts using codebase principals access advanced scripting capabilities. Basically, it allows signed applets out of the sandbox because they've promised to play nice. One of the main uses of this (according to the help page) is to allow IRC applications access to your clipboard.
http://kb.mozillazine.org/Firefox_:_FAQs_:_About:
Nicely taken out of context. Lrn2Comprehend.
Or, you could not buy it and cost Sony the full $800
Not sure why you replied to my message with this, but you're just expanding on exactly the point I was making. Perhaps you meant to reply to the parent?
Can you point me to where I opted in?
When you ordered comcast's service.
However, we, in the US, have this little thing called the first amendment. The right to free speech. What Spamhaus (or rather, the email server admin) does is interfere with end users ability to receive free speech.
This is an opt-in DNSBL. So your little "free speach" defense doesn't work.
Even considering SPAM to be free speach, it doesn't hold up. The people subscribing to the DNSBL are doing do with their own private property. Your right to free speach ends on my property, just as your right to swing your arms wherever you want ends at my nose.
Infant mortality rates for the US are worse than those of practically every industrialized nation. Cuba has better infant mortality rates than the USA [geographyiq.com]. And remember that if you're black in the USA, the rate is 3x higher...
I would like to see a study which removed all premature births from the statistics on both sides.
Fact is, the US goes to truely heroic measures to save children born months premature, and when doctors are unable to save the child it isn't marked as a "miscarriage" it gets marked as "baby died".
Which is fine and all, except that THE PROGRAM ENCRYPTS THE DOCUMENTS. It has to know the password it uses to encrypt the document. Sure, if it was a decryption routine, that is fine, it never needs to know the actual password, just a hash, etc of the password. But a hash of a password will not encrypt something the same way as the password itself.
I think you are missing a really big point.
No, you are missing the point. The code needs to know the password to use to excrypt the file. With just an MD5 hash of the password there is no way for the code to get the password itself to actually use. You're missing the context of this. it's not a decryption routine. It's an encryption routine.
Seems to me that if you run a (public) NTP server with a publicly available IP address and/or DNS resolution, that means anyone (public) can use the (public) service - no?
No.