Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Don't get me wrong, I love truecrypt. But their documentation is ... well ... sort of crazy. This is the toned down version of saying "they're totalitarian extremist and elitist, to the point of being coercive and misleading to innocent civilians in order to drive some sort of self-serving agenda." Here's an example: http://www.truecrypt.org/faq In the FAQ, there's the section about TPM. They say "The only thing that TPM is almost guaranteed to provide is a false sense of security (even the name itself, "Trusted Platform Module", is misleading and creates a false sense of security). As for real security, TPM is actually redundant (and implementing redundant features is usually a way to create so-called bloatware). Features like this are sometimes referred to as security theater" If you read the rest of that FAQ about the TPM, they mostly rant, in almost incoherent logic, about how TPM's can be attacked, and to back up these opinions, they cite examples of attacks that would work even on truecrypt without using the TPM. Which is just ... plain ... crazy. I could write about how the TPM works, and what the actual strengths/weaknesses are of this versus other implementations, but... It's really not needed, as long as the readers know they should take the truecrypt documentation with a spoonful of salt.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |