On Sun, Jan 6, 2013 at 1:47 PM, Jacob Appelbaum <ja...@appelbaum.net> wrote:
> I generally agree that the data should be encrypted, though I think it > should also be authenticated and integrity checked before it is actually > used. > If this level of paranoia is relevant to you, then maintain multiple offline SHA, MD5, and other checksum formats before use. It would be trivial to script this outside of Dropbox's scope. > I also think most disk images are not actually that difficult to brute > force - I was involved in a project to perform FileVault bruteforcing > accelerated by an FPGA a few years ago. With a modern GPU, I think > things are pretty slanted toward the attacker. > Saying that it's possible to break all encryption, all the time, is a non-answer and doesn't address practical uses of cryptography. It also creates an environment of fear for casual users. In the case of pure AES (and not putting reliance on flaws in the implementation of systems like Filevault), a reasonable attack on the algorithm still doesn't exist. (see: http://www.schneier.com/blog/archives/2012/03/can_the_nsa_bre.html) What the user needs to do is to measure acceptable risk and weigh that against the encryption system being used. It's also relevant to know the validity of the information and the required amount of time it takes to break the file. If you said 'meet me here next week' and it takes three weeks to break AES-256, then I don't really care if you find out where I was weeks ago. > In this - I rather like what I've read about SpiderOak but I haven't > seen a totally free implementation of the client or the server side... I haven't looked at it, but I'd like to. -john
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
