[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tor users are not anonymous
On Fri, Sep 06, 2013 at 02:46:06PM +0200, Andreas Krey wrote:
> On Fri, 06 Sep 2013 14:04:58 +0000, Eugen Leitl wrote:
> ...
> >
> > I wouldn't use TrueCrypt. Use open source tools (this includes the OS).
>
> Is there a connection between the two sentences? TrueCrypt is open source,
> so why wouldn't you use it?
I might have been too paranoid about TrueCrypt (while we don't
know the details yet, we know that certain proprietary and open source
products as well as protocols and algorithms have been deliberately
weakened by the NSA) as Snowden and Schneier seem to trust it but I
went for dm-crypt instead of TrueCrypt for a new Debian install, for
multiple reasons (history, license, mainline, full disk encryption
support).
If you're running a proprietary system, the weakest link will be
likely elsewhere.
For extra layers of tinfoilhattery you'd have to modify the hardware
(e.g. a FireWire port is wide open to a DMA attack, proprietary
blobs are a no-no for a trusted system, etc), but few people
bother to go that far, and if you're under that targeted a scrutiny
you have to bother about physical access you're somewhat screwed
already.
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk