Re: Encrypt file while you are using it
if you mount a truecrypt volume, the volume itself remains encrypted. the truecrypt driver decrypts and encrypts access in real time. you cannot mount an encrypted volume and not expose it at the file system level while its mounted, by definition. look at the possibility of a write only mount but i can't help you with this. alternatively, use passworded archives instead of a filesystem solution. Manuel Gomez wrote: Hi, i would like to maintain encrypt an archive in all moment, so i would like to know what software can be this. Now i am using Truecrypt, but when i mount the encrypted directory it's vulnerable. I want to mount the file and that the file can remains encrypt. Somebody can help me? Thank you very much, I appreciate your help. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Rainbow tables on Linux?
Johann Spies wrote: On Fri, Oct 24, 2008 at 12:12:40PM +0200, Maciej Korze?? wrote: You can crack hashes on-line for free at http://www.freerainbowtables.com/. I have tried, but when I paste a hash into the window and click on submit, I get the message: 'no hash found'. I could so far not find out what format the hash must have to be accepted. Regards Johann rainbow tables are useless (or near useless) against salted hashes (as used in linux) so you can forget about cracking it this way. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
md5 hashes used in security announcements
i have sent an email a while ago about the security implications of using MD5 hashes in the security announcements (DSA), but i didn't get any reply at all from this. has it been overlooked? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
md5 checksums used in DSA
MD5 is still used to produce file hashes in the DSA mails, for users to verify the integrity against errors and malicious intent. the use of PGP signing further suggests the intent to protect against malicious intent. MD5 should not be used for this purpose. MD5 collisions can be produced by individuals on meaningful files. http://www.win.tue.nl/hashclash/Nostradamus/ demonstration: produced 10 different, meaningful, PDF documents with the same MD5 hash to predict the winner of the 2008 US elections. http://www.win.tue.nl/hashclash/TargetCollidingCertificates/ demonstration: X.509 certificates from 2 different owners with the same MD5 hash MD5 should be abandoned immediately in favor of a new hash. 2 possible candidates: - SHA-1: the present day de-facto standard hash. no collisions have been found or published yet. it is currently broken to the extent that a collision can be produced with complexity 2^69. it is suggested that one can produce collisions in 56 hour per collision, with custom hardware worth USD 38 million. http://www.schneier.com/blog/archives/2005/02/sha1_broken.html recommendation is to not use it in new systems if possible. - SHA-256: newer, bigger, hash function, not yet broken, should provide security for a very long time to come -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]