Hi chaps.

I've just been taking a little time to look at the software known as Truecrypt in a little bit more depth.

I was just reading an article which makes for some uncomfortable reading.

In short, the article states that



I have used it myself previously, but I have become a bit more wary of it, with the discovery that there is software available which can detect the existence of truecrypt partitions.

It operates on the basis of identifying them using 4 criteria ;

1. No File Header.
2. (File size / 512) = 1
3. Successful X2 and Arithmetic Mean tests on certain bytes.
4. File size greater than 15 MB.

Anyone have any thoughts on either the integrity of the (presumed unknown) authors, or of the integrity of the executable binaries which are made available?

I think encryption is illegal in some countries especially in the US, so the authors could be rightly nervous about revealing their identities

as for 'fit for purpose' ..in the uk a least



depending on what your encrypting you could end up with a longer sentence for withholding the key than you would get for the encrypted data, its not really possible to hide truecrypt from someone who's looking for it, a better solution would be to write your own encryption tool then it wouldn't have a known signature than can be detected by a scan, not as hard as it sounds ..you could use MS batch code or just about any other lang that's capable of reading a single byte from a file

Mmmm yes, I am not too familiar with US law, so I couldn't comment on the legality of encryption methods over there.

There are several appealing features of Truecrypt, namely that it supports full disk encryption, and supposedly undetectable hidden truecrypt filesystems, and it is portable across a variety of platforms.

(I don't actually have anything to hide, I simply hold an amatuer interest in the field. I think my truecrypt volume contains a few philosophy ebooks, and some football stuff, I don't ever use it really)

It just strikes me as a highly irregular mode of operation on behalf of the maintainers of truecrypt. Making alterations to executable binaries without detailing exactly what changes have been made is, in my opinion, highly irregular in the field of 'open' development.

As you fine well know Shadester, it certainly couldnt be classed as `open source` if the source code is not publicly available,
is it possible that the devs just cannot be bothered highlighting changes in the code to n00bs with 101 q`s when all could be revealed by an examination of the code?

Philosophy books? is that what they are called nowadays? ah must be well behind on the modern jargon!

thats uk law ..the link is to the home office website

Hi, i have used this prog for years especially the plausible deniability, i use this as people may know/find out you have an encrypted partition but they can not see the hidden partition or know you have one.

a friend of mine who studyed encryption and security (amongst other things) at uni is happy with it and the availability of the code. He did say that some of the questions asked on the forum would make him fuck people off, a bit like someone on here asking if you need lights to grow. As to a backdoor, after a conversation with the same guy (most of which i have no idea wtf he was on about) i am happy to use it. Just make sure you use a decent password using caps, lower case, numbers,punctuation and special symbols. an easy way to remember a long password is by using the first letter from the words in a memorable song or piece of writing, if it contains no numbers replace a letter or throw 1 in. My password is 37 characters long and is the only password i never forget!

PS if you use a song try not to hum/sing it to yourself when people are watching you by the computer.

Atssau.Aiwwamwoy.Mba,msfc,aigstaso@uk420

Snow patrol Open your eyes, 41 character password crack that G man.

You should ask them then, cos ye certainly fit that description yerself.
The only 'code' you've ever examined is the writing on the menu at the cantonese takeaway when yer pished.



The only Plato you're familiar with is a Plato mince'n'tatties.