From owner-freebsd-hackers@FreeBSD.ORG Thu Mar 3 22:54:20 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9FD2416A4CE for ; Thu, 3 Mar 2005 22:54:20 +0000 (GMT) Received: from hiroshima.ihack.net (209-6-103-199.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com [209.6.103.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B69B43D41 for ; Thu, 3 Mar 2005 22:54:20 +0000 (GMT) (envelope-from abuse@spamalicious.com) Received: by hiroshima.ihack.net (Postfix, from userid 27753) id 02A4F2A65D5; Thu, 3 Mar 2005 22:53:50 +0000 (UTC) From: "Charles M. Hannum" Organization: By Noon Software, Inc. To: "ALeine" Date: Thu, 3 Mar 2005 22:53:49 +0000 User-Agent: KMail/1.7 References: <200503030243.j232hegV089625@marlena.vvi.at> In-Reply-To: <200503030243.j232hegV089625@marlena.vvi.at> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200503032253.49819.abuse@spamalicious.com> X-Mailman-Approved-At: Fri, 04 Mar 2005 16:36:07 +0000 cc: elric@imrryr.org cc: tls@rek.tjls.com cc: phk@phk.freebsd.dk cc: hackers@freebsd.org cc: tech-security@netbsd.org cc: ticso@cicely.de Subject: Re: FUD about CGD and GBDE X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Mar 2005 22:54:20 -0000 I'm not going to defend what Thor said, nor do I even think it's worth discussing as it largely amounts to an "appeal to privileged knowledge." However, this is some extremely sloppy thinking in your writing. To wit: On Thursday 03 March 2005 02:43, ALeine wrote: > At any time half of all the people are wrong about something, it's > only a matter of time when your time will come to be in the wrong > half or rather the right half to be wrong. That's a false dichotomy. There are many subjects on which the vast majority of people agree (such, as, I'll wager, the roundness of the Earth). > Just because there is a tendency for new cryptographic systems to > be broken does not mean this applies to GBDE, otherwise anything > new would be considered wrong and we might as well stop even trying > to innovate. Give GBDE a chance. It is being given a chance. "Giving it a chance" does not mean "stepping back and ignoring it until someone publishes an exploit." At least one weakness has been identified -- namely, using a weaker encryption mode for the key-key blocks can reduce the strength of the entire system. Or to put it metaphorically, "an algorithm is only as strong as its weakest link." > GBDE is not replacing anything because there was nothing like it to > replace in the first place. That's purely false. There are several other disk encryption systems around.