On 6/30/2014 6:25 PM, Greg Rundlett (freephile) wrote:
> One more mention: Git-Annex Assistant is completely open source, free and
> offers encryption.
What does Git-Annex get you that Csync2 doesn't?
--
Rich P.
___
Discuss mailing list
Discuss@blu.or
One more mention: Git-Annex Assistant is completely open source, free and
offers encryption. I'm giving it a try to replace Ubuntu One (and also
DropBox).
cf. https://freephile.org/wiki/index.php/Git-annex
Greg Rundlett
http://eQuality-Tech.com
http://freephile.org
Richard Pieri wrote:
> Tom Metro wrote:
>> Uses closed-source, proprietary software. Nullifies the first point.
>
> Here's their Github repo:
> https://github.com/aerofs
>
> It's certainly not their entire code base but it's more than most of
> their competitors provide.
I just browsed this and
> From: Mike Small [mailto:sma...@panix.com]
> Sent: Sunday, April 20, 2014 11:20 AM
>
> How do you examine closed source crypto?
Actually, here's a real good point: I did /not/ read the Truecrypt or Keepass
source, in order to determine their strengths and weaknesses. I know from
documentati
> From: Mike Small [mailto:sma...@panix.com]
> Sent: Sunday, April 20, 2014 11:20 AM
>
> Then don't use closed source OSes?
LOL, yeah, my point. ;-) (Just to strip the potential for any
misunderstanding, this is sarcasm. The idea of only supporting open source
OSes is ridiculous, especial
Mike Small wrote:
vs. proprietary software in general. I question your response that
seemed to be saying black box testing is everything since whitebox
testing, code scanning and auditing are also obviously useful, but
mostly because I don't see how it protects you from purposeful
Auditing won'
Richard Pieri writes:
> Mike Small wrote:
>> So you're left with only black box testing. No static analysis tools, no
>> runtime memory debuggers, no discussing the problem and the general code
>> quality in public forums, no forking the project and trimming the awful
>> 300,000 lines down to som
On 04/19/2014 05:23 PM, Tom Metro wrote:
If the encryption is done properly, and can be verified, it doesn't
matter where your bits are stored.
Yes, but...
Two quibbles:
First quibble applies to all encryption and information security: Is the
rest of the system sound? If your keys are poor,
Mike Small wrote:
So you're left with only black box testing. No static analysis tools, no
runtime memory debuggers, no discussing the problem and the general code
quality in public forums, no forking the project and trimming the awful
300,000 lines down to something more manageable with the "exp
Richard Pieri writes:
> Mike Small wrote:
>> How do you examine closed source crypto? It's a fair argument that the
>> code being available isn't sufficient to have all its bugs (intentional
>> or normal) found, but if the code's not available at all...
>
> That's both simple and not so simple: y
Tom Metro wrote:
Also, on the proprietary side, there is a fairly new sync tool from
BitTorrent, http://www.bittorrent.com/sync .
I'm putting BTSync through it's paces now. Same data sets that I've been
doing with Unison all along and tested with AeroFS.
I think I like it. The UI is a little
Mike Small wrote:
How do you examine closed source crypto? It's a fair argument that the
code being available isn't sufficient to have all its bugs (intentional
or normal) found, but if the code's not available at all...
That's both simple and not so simple: you compare what should be
determin
"Edward Ned Harvey (blu)" writes:
>> From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss-
>> bounces+blu=nedharvey@blu.org] On Behalf Of Tom Metro
>>
>> Uses closed-source, proprietary software. Nullifies the first point.
>
> Disagree. Both windows and mac are closed-source OSe
Tom Metro wrote:
If you are syncing files among machines that are all within your
firewall, you may not even care about file encryption. Wire encryption
may be adequate, and even that may not be needed.
BYOD means anyone can sniff the wire, and WiFi everywhere is tantamount
to letting the whol
Bill Ricker wrote:
I am not talking Implementation but Requirements.
"Doing it right" is implementation.
Whether or not you trust that implementation is a different issue. But I
repeat myself.
--
Rich P.
___
Discuss mailing list
Discuss@blu.org
ht
> From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss-
> bounces+blu=nedharvey@blu.org] On Behalf Of Tom Metro
>
> Uses closed-source, proprietary software. Nullifies the first point.
Disagree. Both windows and mac are closed-source OSes, which provide standard
crypto libraries
On Sat, Apr 19, 2014 at 7:59 PM, Richard Pieri wrote:
> Which is a matter of trust rather than of implementation. Like I said.
>
I am not talking Implementation but Requirements.
Deaf ears.
Quite.
--
Bill Ricker
bill.n1...@gmail.com
https://www.linkedin.com/in/n1vux
_
Richard Pieri wrote:
> Tom Metro wrote:
>> Uses closed-source, proprietary software. Nullifies the first point.
>
> Here's their Github repo:
> https://github.com/aerofs
Excellent. They certainly didn't make that easy to find on their site.
(Though admittedly I didn't spent much time looking.)
I
Bill Ricker wrote:
any cryptography with keys held by third-parties breaks Ben Franklin's
dictum that a secret can be kept by 3 only if 2 are dead.
Which is a matter of trust rather than of implementation. Like I said.
(sadly the current CA PKI is little better, you'd be shocked whose CA
On Sat, Apr 19, 2014 at 6:53 PM, Richard Pieri wrote:
> Doing it right is not the same thing as being trustworthy.
any cryptography with keys held by third-parties breaks Ben Franklin's
dictum that a secret can be kept by 3 only if 2 are dead.
(sadly the current CA PKI is little better, you
Bill Ricker wrote:
If you can hand over keys, you're not doing it right !
Doing it right is not the same thing as being trustworthy.
--
Rich P.
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss
On Sat, Apr 19, 2014 at 6:32 PM, Richard Pieri wrote:
> Dropbox for example does the encryption properly but they can and do hand
> over the keys to law enforcement upon request.
If you can hand over keys, you're not doing it right !
--
Bill Ricker
bill.n1...@gmail.com
https://www.linkedi
Tom Metro wrote:
Uses closed-source, proprietary software. Nullifies the first point.
Here's their Github repo:
https://github.com/aerofs
It's certainly not their entire code base but it's more than most of
their competitors provide.
Encryption and certificates are OpenSSL.
If the encryp
Richard Pieri wrote:
> So I'm giving AeroFS a spin.
Uses client-side encryption. Good.
Uses closed-source, proprietary software. Nullifies the first point.
> None of my data is ever stored on their servers...
If the encryption is done properly, and can be verified, it doesn't
matter where your
24 matches
Mail list logo