From TFA: "As we continue our tour around the GA-N680SLI-DQ6, you may notice that this board is equipped with nothing but solid-state capacitors; no electrolytic caps are to be found. This should help with the board's longevity as there no chance of a leaky cap.
Whoops! I hit the submit button before finishing my answer...
Your right of course If you want whole disk encryption with preboot you need to cough up a hundred bucks or so. If you want hardware based whole disk encryption you won't find any software acceptable because it requires the encryption to be built into the hardware (which I do not yet trust)
But Truecrypt is close enough to be enough (for me anyways).
And why would you trust it any more than MS or Cisco or others?
You do make some very good points, but because the Full Disk encryption software is not a chip soldered to my Motherboard. If the encryption software I choose is full of holes, I can then replace it with a certified paid product or another open source product.
The issue here is that the "security" offered by MS and TPM isn't all that secure to start with, and you can't get rid of it whether you want it on there or not... at least not without abandoning the MS OS and/or the hardware with TPM installed.
For something like truecrypt,http://www.truecrypt.org/ I don't think it's any more inherently insecure than most pay products, and since I actually use it I can personally attest that it is better than most.
I'll defer to your expertise regarding the architecture, however the author of the article used a qualifier, "Their performance should be identical to that of the real thing." and I also used a qualifier "Accuracy somewhat questionable".
I did think the scatter plot was cool but IMHO the testing can only provide a rough idea of cost to performance of the various tested CPUs.
FTA: "For instance, our Core 2 Duo E6600 and E6700 processors are actually a Core 2 Extreme X6800 processor clocked down to the appropriate speeds. Their performance should be identical to that of the real thing."
One must question the accuracy of the results due to the above verbiage.
As for why they cancelled the presentation, last year Cisco sued Black Hat conference organizers after a security researcher demonstrated a method for running unauthorized code on a Cisco router. That, or there was a deal made.
My question is why would anyone place their information security "Trust" in MS BitLocker, or Indochinese hardware (TPM chips) that likely already contain built in backdoors for John Law, and corporate drones?
Open Source Full disk encryption is fast and free, open source Firewalls and process restricting software are available for those who just can't resist getting infected with the latest malware. Most Open Source security software developers are likely NOT under the control of Big Brother in any form, be it corporate drones or big government fascists.
So while I'm a little disappointed that the Back Hatters decided to forgo the presentation of cracking TPM, since it was never trustworthy or secure to start with, and since anyone serious about security would never use such a faux security scheme at the outset, cracking TPM and "Trusted Computing" was only a curiosity anyway.
The "Trusted Computing Initiative" is simply a way to provide vendors "Plausible Deniability" and to limit liability for allowing exposed data, nothing more.
You may have been joking AC (Pun Intended), but the "Tesla Death Ray" has been suggested as one of the possible causes of the Tunguska event for many many years.
The Tunguska event took place on the morning of June 30th, 1908. An explosion estimated to be equivalent to 10-15 megatons of TNT flattened 500,000 acres of pine forest near the Stony Tunguska River in central Siberia. Whole herds of reindeer were destroyed. Several nomadic villages were reported to have vanished. The explosion was heard over a radius of 620 miles. When an expedition was made to the area in 1927 to find evidence of the meteorite presumed to have caused the blast, no impact crater was found. When the ground was drilled for pieces of nickel, iron, or stone, the main constituents of meteorites, none were found down to a depth of 118 feet.
Several explanations have been given for the Tunguska event. The officially accepted version is that a 100,000 ton fragment of Encke's Comet, composed mainly of dust and ice, entered the atmosphere at 62,000 mph, heated up, and exploded over the earth's surface creating a fireball and shock wave but no crater. Alternative explanations of the disaster include a renegade mini-black hole or an alien space ship crashing into the earth with the resulting release of energy.
Associating Tesla with the Tunguska event comes close to putting the inventor's power transmission idea in the same speculative category as ancient astronauts. However, historical facts point to the possibility that this event was caused by a test firing of Tesla's energy weapon.
In 1907 and 1908, Tesla wrote about the destructive effects of his energy transmitter. His Wardenclyffe facility was much larger than the Colorado Springs device that destroyed the power station's generator. Then, in 1915, he stated bluntly:
It is perfectly practical to transmit electrical energy without wires and produce destructive effects at a distance. I have already constructed a wireless transmitter which makes this possible.... But when unavoidable [it] may be used to destroy property and life. The art is already so far developed that the great destructive effects can be produced at any point on the globe, defined beforehand with great accuracy (emphasis added).
He seems to confess to such a test having taken place before 1915, and, though the evidence is circumstantial, Tesla had the motive and the means to cause the Tunguska event. His transmitter could generate energy levels and frequencies capable of releasing the destructive force of 10 megatons, or more, of TNT. And the overlooked genius was desperate.
Tesla was just enough of a mad scientist to make what would otherwise sound kooky, at least somewhat plausible.
Full disk encryption is "Pre-Boot" so you have to mount it to get any information from the disk at all. You actually don't need to have more going on than the hidden partition, because it not going to be decrypted without a key for at least a few hundred years (depending on law enforcement forensics access to a supercomputer).
In my haste I missed that TrueCrypt also does hidden OS partitions.
In case an adversary forces you to reveal your password, TrueCrypt provides and supports two kinds of plausible deniability:
1. Hidden volumes (for more information, see the section Hidden Volume).
2. It is impossible to identify a TrueCrypt volume. Until decrypted, a TrueCrypt volume appears to consist of nothing more than random data (it does not contain any kind of "signature"). Therefore, it is impossible to prove that a file, a partition or a device is a TrueCrypt volume or that it has been encrypted.
So no matter how paranoid you are... the Open Source community has got you covered!
"they'll just start pulling your fingernails out till you cough up the real password."
If it gets to the point that you will be tortured by Johnny Law for your password, then you have a lot more to worry about than a few MP3s on your hard disk.
How would anyone ever know there was any evidence? The "Decoy" OS is the "real McCoy" ( a fully functioning OS) and no one but the owner of the data even knows about the obfuscated OS.
You Gave them the encryption key to the computer OS. You Cooperated. Officer friendly found nothing, you go on your way.
Really, it's not that difficult, and it's what the corporations are doing right now to limit liability. If you have sensitive or compromising data, you should pursue an encryption plan today.
You can take it a step further... Drive encryption with a decoy OS to which you provide officer friendly the password, once logged in an auto overwrite process begins and the "Real" OS hidden in the FAT table of the Decoy OS is destroyed as all of the "Free Space" on the drive is overwritten with ones and zeros a time or ten.
LAMO... you said, "It's a shame I also can't run a betting pool about how likely I am to be told verbatim to again "shut the fuck up," in response to this as well."
Then I respond to you reasonably...and yet you think it's good to reply thusly;
"Maybe someone should sit _you_ down and explain to you why you are an idiot."
Ok, that's a reasonable way to continue a discussion...in opposite world.
I was only trying to discuss the GPLv3 and what it means beyond the Microsoft/Novell deal, and the effect it may have on wider usage of SUSE in particular.
I'll stay out of the capitalist vs. anti capitalist argument if you please. (because not all "Capitalists" are "free marketers" and not all "Anti Capitalists" are "anti market", and generally discussions of which is which and when can get heated and quickly go off topic)
Novell views GPLv3 as a danger to its agreement with MS to resell SUSE Linux certificates. Novell comments that if "the Free Software Foundation releases a new version of the GNU General Public License with certain currently proposed terms, our business may suffer harm." That verbiage is from the annual report's risk factors section.
The FSF has as much as said that they will target the Microsoft-Novell deal.
http://gplv3.fsf.org/rationale, and since it's not a matter of "if" GPLv3 becomes more than a draft, as much as it is "when"...
The current draft of GPLv3 can affect Novell's biggest source of cash - Microsoft. (and may also affect SUSE gaining more market share in the enterprise) If the final GPLv3 impacts the patent agreement between Microsoft and Novell, Novell has big problems. And (IMHO) increasing SUSE acceptance among enterprise customers suffers a setback.
Most of the Slashdot community? Most of Americans? Most of Government? Most of humanity?
Just who are you trying to dehumanize with that statement?
Earlier up this thread you said "The symbols are important, only because our population is comprised mainly of poor fools who know how to respond to nothing else."
Setting aside your hubris and arrogance, the point that you have failed to grasp is that the Pentagon's shape may not be as "Symbolic" as previously surmised. But please continue to embarrass yourself and wallow in self pity all you like, it may be totally off topic, but it is a bit entertaining.
I wonder, how do you feel about the use of symbols like the Christian cross or the American flag to justify every manner of barbarity.
I generally post what I Think, not how I Feel. Try it sometime (it requires effort, but you can do it!).
To me religion and it's various symbols (crosses, stars, moons, etc.) seem to be but a mere crutch for those unable, or worse, unwilling to do their own thinking. As far as what the American flag symbolizes, I think you are deliberately portraying extreme negative symbolism represented therein in order to elicit a heated response from your fellow slashdotters, (On Memorial Day no less)
I'm not trying to imply that you personally are a conspiracy nut, and while I may not agree with your assessment of the US role in global politics, you have a right to your opinion.
It's the whole religious nut aspect where the pentagram is supposed to actually have some evil spiritual meaning (i.e. other than a mere trig concept) that I just can't identify with.
Slashdot Mirror
From TFA: "As we continue our tour around the GA-N680SLI-DQ6, you may notice that this board is equipped with nothing but solid-state capacitors; no electrolytic caps are to be found. This should help with the board's longevity as there no chance of a leaky cap.
Or Jolt (Red Bull, Diet Coke, Mountain Due, etc.) and an energy bar, Email
Then of course ... check out /.
Your right of course If you want whole disk encryption with preboot you need to cough up a hundred bucks or so. If you want hardware based whole disk encryption you won't find any software acceptable because it requires the encryption to be built into the hardware (which I do not yet trust)
But Truecrypt is close enough to be enough (for me anyways).
truecrypt,http://www.truecrypt.org/
You do make some very good points, but because the Full Disk encryption software is not a chip soldered to my Motherboard. If the encryption software I choose is full of holes, I can then replace it with a certified paid product or another open source product.
The issue here is that the "security" offered by MS and TPM isn't all that secure to start with, and you can't get rid of it whether you want it on there or not ... at least not without abandoning the MS OS and/or the hardware with TPM installed.
For something like truecrypt,http://www.truecrypt.org/ I don't think it's any more inherently insecure than most pay products, and since I actually use it I can personally attest that it is better than most.
I did think the scatter plot was cool but IMHO the testing can only provide a rough idea of cost to performance of the various tested CPUs.
It was a very interesting review none the less.
One must question the accuracy of the results due to the above verbiage.
My question is why would anyone place their information security "Trust" in MS BitLocker, or Indochinese hardware (TPM chips) that likely already contain built in backdoors for John Law, and corporate drones?
Open Source Full disk encryption is fast and free, open source Firewalls and process restricting software are available for those who just can't resist getting infected with the latest malware. Most Open Source security software developers are likely NOT under the control of Big Brother in any form, be it corporate drones or big government fascists.
So while I'm a little disappointed that the Back Hatters decided to forgo the presentation of cracking TPM, since it was never trustworthy or secure to start with, and since anyone serious about security would never use such a faux security scheme at the outset, cracking TPM and "Trusted Computing" was only a curiosity anyway.
The "Trusted Computing Initiative" is simply a way to provide vendors "Plausible Deniability" and to limit liability for allowing exposed data, nothing more.
Here is an About.com article that talks about it more. http://paranormal.about.com/cs/earthmysteries/a/aa 021604.htm
The text below is lifted from this site: http://prometheus.al.ru/english/phisik/onichelson/ tunguska.htm
Tesla was just enough of a mad scientist to make what would otherwise sound kooky, at least somewhat plausible.
We used to play a (DOS) joke called "Turbo Copy"
Just press "ALT" then "E" then "A" ... then hit the Deliver key (DEL).
Turbo Copy! 100% data loss, but it sure is fast!
Maybe that's how MS saves their roadmap.txt file.
In my haste I missed that TrueCrypt also does hidden OS partitions.
http://www.truecrypt.org/
This is from their website:
So no matter how paranoid you are ... the Open Source community has got you covered!
If it gets to the point that you will be tortured by Johnny Law for your password, then you have a lot more to worry about than a few MP3s on your hard disk.
How would anyone ever know there was any evidence? The "Decoy" OS is the "real McCoy" ( a fully functioning OS) and no one but the owner of the data even knows about the obfuscated OS. You Gave them the encryption key to the computer OS. You Cooperated. Officer friendly found nothing, you go on your way. Really, it's not that difficult, and it's what the corporations are doing right now to limit liability. If you have sensitive or compromising data, you should pursue an encryption plan today.
http://www.securstar.com/products_drivecryptpp.php
That software is not open source however. but for the really paranoid a hundred and twenty five bucks is a small price to pay.
Ray Bradbury
http://www.truecrypt.org/
We're already using torrent encryption, Wireless encryption, anon HTTP Proxy, encrypted NNTP, etc.
Meh, what's one more. Go ahead officer friendly, take the drive, try to read it, what??? You can't see any data on it? How sad.
SRY
Then I respond to you reasonably...and yet you think it's good to reply thusly;
"Maybe someone should sit _you_ down and explain to you why you are an idiot."
Ok, that's a reasonable way to continue a discussion...in opposite world.
I'll stay out of the capitalist vs. anti capitalist argument if you please. (because not all "Capitalists" are "free marketers" and not all "Anti Capitalists" are "anti market", and generally discussions of which is which and when can get heated and quickly go off topic)
No Flame here...
http://www.sec.gov/Archives/edgar/data/758004/0000 95013407012375/0000950134-07-012375.txt
The FSF has as much as said that they will target the Microsoft-Novell deal. http://gplv3.fsf.org/rationale, and since it's not a matter of "if" GPLv3 becomes more than a draft, as much as it is "when"...
The current draft of GPLv3 can affect Novell's biggest source of cash - Microsoft. (and may also affect SUSE gaining more market share in the enterprise) If the final GPLv3 impacts the patent agreement between Microsoft and Novell, Novell has big problems. And (IMHO) increasing SUSE acceptance among enterprise customers suffers a setback.
Most of the Slashdot community? Most of Americans? Most of Government? Most of humanity?
Just who are you trying to dehumanize with that statement?
Earlier up this thread you said "The symbols are important, only because our population is comprised mainly of poor fools who know how to respond to nothing else."
Setting aside your hubris and arrogance, the point that you have failed to grasp is that the Pentagon's shape may not be as "Symbolic" as previously surmised. But please continue to embarrass yourself and wallow in self pity all you like, it may be totally off topic, but it is a bit entertaining.
I generally post what I Think, not how I Feel. Try it sometime (it requires effort, but you can do it!).
To me religion and it's various symbols (crosses, stars, moons, etc.) seem to be but a mere crutch for those unable, or worse, unwilling to do their own thinking. As far as what the American flag symbolizes, I think you are deliberately portraying extreme negative symbolism represented therein in order to elicit a heated response from your fellow slashdotters, (On Memorial Day no less)
At this point I think you are simply trolling.
I'm not trying to imply that you personally are a conspiracy nut, and while I may not agree with your assessment of the US role in global politics, you have a right to your opinion.
It's the whole religious nut aspect where the pentagram is supposed to actually have some evil spiritual meaning (i.e. other than a mere trig concept) that I just can't identify with.