What is Digg?131 Comments
- KnightCrawler, on 10/12/2007, -9/+78http://www.truecrypt.org/
- netburnr, on 10/12/2007, -8/+48People can post anything they want, thats what Digg is about.
If someone has another choice that they want to let people know about, then they have the freedom to post that choice in the comments. I dont know how many times I've found something usefull in comments either about the linked to story, or an alternative to the linked to story. - DarthTurducken, on 10/12/2007, -3/+40Why don't they just call it "Pr0n Folder"?
- syneo, on 10/12/2007, -8/+44> Don't spam my threads with alternatives, no one cares.
Why do you think no one cares? Why would anyone ever want to use encryption software from Microsoft who has been known to implement back doors in their products (the string "NSA key" was found in the leaked Windows source code). Why would you use this, instead of TrueCrypt, which is open source and thus can be peer reviewed by anyone on Earth?
I simply completely fail to understand your sentence "Don't spam my threads with alternatives, no one cares." - nTensify, on 10/12/2007, -4/+34"How secure is this compared to truecrypt?"
Seeing as you can adjust the encryption strenght, algorithms used, and hashes used, and the fact that TrueCrypt is open source (and thusly peer-reviewable code), I'd say TrueCrypt is at least an order of magnitude more secure. - Kazenodeku, on 10/12/2007, -4/+33"Install the Genuine Windows Validation Component"
Pah! - syneo, on 10/12/2007, -9/+37It will probably hurt you as the OP. But I will say it anyway:
TruCrypt is:
- Open source (MS products are closed source; closed source security = no peer review = illusion of security)
- Cross platform (you can mount the encrypted data under Linux, and OS X is planned)
- Plausible deniability (this feature will never be in a MS product, for they must fight the terrorists). - Jams, on 10/12/2007, -1/+28To be honest this app will most likely appeal to the average home user wishing to hide his/her porn collection. Obviously someone who is really concerned with security will seek out a better app.
Also don't forget Microsoft's EFS. - syneo, on 10/12/2007, -9/+32I really wonder why they release it. Did the US government come to them and tell them: "Hey, guys, this TrueCrypt with its plausible deniability is becoming increasingly wide-spread. It's a trouble for us. Help us fight the terrorists -- do a free alternative with a backdoor for us."
- syneo, on 10/12/2007, -7/+28You didn't get it. It's not about Windows vs. Linux. Ask _any_ decent cryptographer and he or she will tell you that for anything to be considered potentially secure it has to be open for public review. Microsoft products don't meet this condition, while open source products, like TrueCrypt, do. The message is simple, if you want serious security, don't use this. From a cryptographer's point of view, this prouct is a toy.
- pedmond, on 10/12/2007, -10/+29My threads? Possessive, are we? And what would please your other rules be?
- syneo, on 10/12/2007, -12/+28@ziadoz
I understand you are a MS fanboy (no offence), but here are the reasons why TrueCrypt is a better alternative:
- Open source (MS products are closed source; closed source security = no peer review = illusion of security)
- Cross platform (you can mount the encrypted data under Linux, and OS X is planned)
- Plausible deniability (this feature will never be in a MS product, for they must fight the terrorists).
So as you can see, TrueCrypt is not better out of pure zeal. There are real reasons not to use this product from Miicrosoft and choose a better alternative. The fact that you consider posts mentioning alternives as spam tells something about you. - crash2005, on 10/12/2007, -0/+14Direct .exe/.msi Download link.
http://download.microsoft.com/download/9/f/e/9fee44c7-70ac-46d8-a11c-c3fdc2c3c265/MSPF10ENU.msi - ceribik, on 11/17/2007, -9/+21not very. truecrypt is much safer and secure.
- asplodzor, on 10/12/2007, -10/+22ziadoz, you're an ass
- Wolfbeta, on 10/12/2007, -4/+16you're not funny.
- Lare2, on 10/12/2007, -16/+27As people mentioned above, I'll trust more an open source program like Truecrypt to protrect my files, than a program made by Microsoft.
- Reweave, on 10/12/2007, -5/+16> gcnaddict
Oh that's right, because having a PROMISE that BitLocker (or any closed source solution, for that matter) will be flawless is SO much more valuable that being able to look at the code and have the KNOWLEDGE that it is so.
Willful ignorance equals stupidity. - FLarsen, on 10/12/2007, -3/+11"...no one cares."
Until now 29 people care enough to give it a thumb up. - Lynn, on 10/12/2007, -1/+8Exactly what I was looking for. A simple app to hide my personal files from my kids. Thanks.
- Ikioi, on 10/12/2007, -4/+10I keep reading, "OMFG, why are you listing alternatives?!?!!1one"
Simple. Passworded folders are nothing new. All you really need is to create a passworded .zip file which Windows will treat as a folder. And yes, it's horrible security. I prefer full encrypted file systems on a separate partition (loadable under *nix boot, live CD, or VMWare Server. This solution is for many files. If you don't have that many, use GPG to encrypt individually or encrypt a full archive. I've not used TrueCrypt, so I can't speak for how good it is.
And, it's not about Microsoft bashing, it's just nothing new, nothing more than what you can't get for free already, and makes you go through the WGA twice (I have legitimate copy, but it seems more like spy-ware to me). It's also not a serious product. It's a trinket, a toy, just to get more people to install the WGA. I mean, it was released to China first. Does anyone honestly believe there aren't several back doors for both the NSA and the Chinese? Secret backdoor = security hole = worthless as a security product.
Why jump through hoops for something that is not as good as another free product that works better and has no hoops? At the very LEAST, Microsoft could have made it an encrypted online folder accessible from any computer (with sufficient storage for important documents, such as the same as a free web hosting site), which Google already does for Firefox settings. This just look extremely lame in comparison, and not useful.
If I want people to use my computer and not see my files, I'll let them use an unprivileged guest-like account, and use the default Windows file encryption to encrypt all sensitive files to my user. I wouldn't let anyone use my computer anyways, but how is this folder better than what's even available from MS already? - tlink211, on 10/12/2007, -5/+11Firefox,Opera and IE all take me straight to a Windows Genuine Advantage download, with this link. I wasn't "real happy" about WGA befor e they started "improving" it, now the mention of the thing makes me bristle. I've passed their Genuine Advantage in the past, now they have to add more spyware and make me pass it again?...I don't think so!
- mskadu, on 10/12/2007, -3/+9Buried story because the main link takes you to installing WGA (ughh)
- wallclimber, on 10/12/2007, -6/+12ziadoz: "Yes, because as we all know Microsoft are out to get you!"
===================================================
I think there may be some misunderstanding here. One thing I've noticed with Microsoft folks (I truly hate the word "fanboys") is that they are used to just accepting what's offered without question. As in: Authenticate (WGA), download nice free tool from MS, follow the bouncing install wizard, click "OK" when asked (no matter what it asks), restart (if needed), then use the program.
Whereas people who enjoy open source software tend to be more curious and like to know what's under the hood (so to speak). They also seem to be more enthusiastic about sharing information than MS people. It's the discussion and discovery that makes them an interesting group. They keep things lively and create opportunities for us non-techie folks to learn new stuff.
Your peevish posts just seem kind of sadly desperate to me. I don't see anyone "spamming" here. Can't see anything they are trying to sell or profit from, and the advice that's been offered has been useful. Since I have no desire to have to validate my system in order to download a free Microsoft tool, I have now downloaded the TrueCrypt program. I'm looking forward to learning more about it.
See how useful your article has been? Be proud that you've contributed, and for God's sake, lighten up.
: ) - DarthTurducken, on 10/12/2007, -4/+9Yay! Mass down-diggs are the highlight of my day.
- KAMI_no_kodomo, on 10/12/2007, -2/+7Completely correct that. I was searcing the bury function 'autor is lame'. But it isn't there. :(
- jbus, on 10/12/2007, -5/+10So who else besides Microsoft, the NSA, the FBI, the DOJ, the RIAA, the MPIAA, and other Microsoft business partners will have access to this "private" folder???
- syneo, on 10/12/2007, -9/+14> This isn't for cryptographers,
You are completely mistaken. TrueCrypt is not just for cryptographers, it is also for the inexperienced layman. The key difference is that TrueCrypt is open source, so it can be reviewed by cryptographers (who may publicly comment on its security). Closed source products (such as this "Private Folder") can only be reviewed by its developer. Which one do you think is more trustworthy? - ignavia, on 10/12/2007, -1/+6You can think alternative recommendations are spam all you want, but I came to the comments page solely so I could see what trustworthy alternatives would be mentioned.
- wtfunkymonkey, on 10/12/2007, -1/+6I can't even count how many times I had to bury a folder so my mom wouldn't find my prono collection.
Funny, now that I think about it, I learned how to surf for porn before I learned how to encrypt files... - OBKenobi, on 10/12/2007, -0/+4Haha. So much for your Private Folder. You get one folder, while WGA opens up the rest of your PC to the terrorists. No thanks MS! Take your WGA and shove up YOUR private folder!
- jurassic, on 10/12/2007, -2/+6private folder is good for the normal user.. but power users should not trust it.. remember, MS is always watching..... always... TrueCrypt is the way to go.
- goblindegook, on 10/12/2007, -1/+5"Don't spam my threads with alternatives, no one cares."
1) It's not "your" thread. And 2) I care. In fact, I'm installing TrueCrypt on my laptop right now. You never know when it might get stolen, putting all my personal info in the hands of criminal with only Microsoft's basic and possibly unreliable authentication methods to protect it. - Magadass, on 10/12/2007, -1/+5Its not a sad thought, if your married and your wife finds your porn station your up ***** creek. But since I have trueCrypt installed I am safe as a whistle! I also keep my MP3 collection inside of it just in case the RIAA decides to prosecute me for anything they wont find a damn thing of evidence!
- Unicron, on 10/12/2007, -3/+7estvir:
I'm really not anyone's zealot, I think competition is great and am really looking forward to Vista (typing this from Ubuntu though).
But security is one place where I would say F/OSS _is_ more secure than closed source because of, as you say, peer review. Anyone who feels like it can run through the code and see where weak encryption was used or whatever, with closed source you're trusting one source(note: I am in no way a cryptography expert, but I play one on TV).
I guess what I'm trying to say is, if you're interested enough in privacy to consider installing this, you should really look around and do some research and I think you'll end up with F/OSS solution.
And that comment just went on a lot longer than I'd expected ;) - matx, on 10/12/2007, -7/+11How secure is this compared to truecrypt?
- nTensify, on 10/12/2007, -1/+5"I don't see a functional OSS alternative to BitLocker, with it's 256 bit Rijndael encryption, backed with the promise that there will be no back doors ;)"
No, but what you CAN do is look at all of the different encryption options you have with TrueCrypt (http://www.truecrypt.org/user-guide/encryption-algorithms.php ), and/or USE ALL OF THEM, and have your data under (at least) 7 levels of encryption, each of which has been peer reviewed by countless authors in the Open Source world and Closed Source world combined.
Hell, many of the algorithms and their implementations were built and are serviced by Fortune 500 companies (possibly including Microsoft themselves), and do (for certain) include names such as IBM and the NSA.
Besides, if you're *REALLY* paranoid about backdoors, you can look at every letter of the source code (and probably find a tiny bug or two, but that's the nature of _all_ software), compile it yourself, and call it a day. Use a strong enough hashing algorithm (I recommend RIPEMD-160, developed and designed by the NSA), and a long enough, strongly varied key, and your data will be incredibly safe. Until Microsoft can offer that to me, I'm sticking with TrueCrypt. - SoulMaster2, on 10/12/2007, -4/+7It makes it easier to find the porn
- kowcop, on 10/12/2007, -5/+8it would be sorta useful if I could change the freakin path to the folder.. it isn't much good sticking it on the system drive which will run out of space fairly quick if I fill it up with all my private data. Would it have been so hard to make an option to move it to another partition?
- minerva43, on 10/12/2007, -1/+4Why did it take so long for Microsoft to release a password protected folder option! I've been waiting for this since high school. There were a lot of things that needed to be password protected back then when I didn't have a clue what open source meant.
- RonDutt, on 10/12/2007, -0/+3Thank you! *goes back to finding the latest WGA crack*
Edit: Ugh nevermind...Halfway through the intall it checks again :( - nTensify, on 10/12/2007, -6/+9"average home user wishing to hide his/her porn collection."
That's a sad thought, especially when it's so much better tailored to hiding bank information, credit card information, home business documentation, personal health documents, even online shopping cookies.
I have an entire Firefox profile stored on a TrueCrypt volume that is used specifically when balancing my checkbook or shopping online. And because TrueCrypt makes the encrypted volume act just like a hard disk, there is zero noticable loss in performance. It's really an ideal solution, I'm surprised Microsoft and Apple haven't aggressively applied it towards their browsers. - Ikioi, on 10/12/2007, -2/+5@estvir
"yes, truecrypt and many other apps are more secure, but get over yourselves and try and realise what they're doing."
They're giving a false sense of security.
http://www.schneier.com/blog/archives/2004/12/burglars_and_fe.html
"From Confessions of a Master Jewel Thief by Bill Mason (Villard, 2003):
Nothing works more in a thief's favor than people feeling secure. That's why places that are heavily alarmed and guarded can sometimes be the easiest targets. The single most important factor in security -- more than locks, alarms, sensors, or armed guards -- is attitude. A building protected by nothing more than a cheap combination lock but inhabited by people who are alert and risk-aware is much safer than one with the world's most sophisticated alarm system whose tenants assume they're living in an impregnable fortress.
The author, a burglar, found that luxury condos were an excellent target. Although they had much more security technology than other buildings, they were vulnerable because no one believed a thief could get through the lobby. "
Straight from a theif's mouth. If you want me to go into Microsoft's track record on security, it's a Who's Who of who makes profit from stealing data from unwhitting users. I can also go into the many examples of harddrive theft/purchase that have resulted in personal data lost. And yes, there are certainly people who buy computers in search of personal data. They buy, steal, borrow, leave behind trojans, etc.
I've got all the realism you want. My point isn't theoretical at all, but backed again and again by example. - nTensify, on 10/12/2007, -2/+5"Open source doesn't solve anything. Its a buzz word that is abused over and over. Peer review does not require open source"
Peer Review is a process in which a Peer (aka Someone Else) looks at your code, and verifies that it checks out. Open Source is the Ultimate Peer Review, because the peers aren't limited to a handful of peers; _ANYONE_ can peer review an application, and either find trivial problems (such as a tiny buffer overflow), or major problems (such as breakage in an encryption algorithm).
No, Open Sourcing doesn't guarentee something will be peer reviewed, that's a misconception a lot of people make. But, it does increase the odds by an order of magnitute, simply because a lot of beginning students will often start with an Open Source application (reading through its code to get an understanding of what it does), and move on to making things of their own some day. So, at this point, the source becomes an educational tool as well as a tool of its original purpose (in this case, encrypting data).
Furthermore, because a lot of these algorithms are actually taken from the original publishers of these algorithm's papers, they are fully peer reviewed by the scientific body, as well as the Open Source developers for the given application.
So, Open Source solves the, rather obvious, problem of transparency and peer review at the same time, as well as creating an educational opportunity. The only thing "lost" in the entire process is security (because if there IS a flaw, the person has a choice on whether or not to go public about it), but due to the number of eyes on any given Open Source'd application, this contengency is very well mediated. Furthermore, because the community as a whole is more geared towards people being helpful to each other than competing against each other, they are far more likely to point out bugs than they are to sit on them and make viruses. (Hell, when I was a coder for KDE, I could have written all kinds of nasty things against it, but I rather like my desktop environment ;) - inactive, on 10/12/2007, -0/+2I know this may be slightly off topic but I'm sure someone can answer my question.
Is it true that encrpytion software leaves backdoors for the government? If so, is it possible that TrueCrypt also contains this backdoor? - CoolWind, on 10/12/2007, -0/+2Microsoft Private Folder only works with WinXP SP2 (like all of their newer programs). I've never been able to succesfully upgrade from SP1 to SP2 and I don't feel like starting from scratch and reinstalling more than a hundred programs.
I'm sure glad MS hasn't done anything innovative or compelling in many years, so I can just stick with OSS products like Truecrypt and AXCrypt. - Reweave, on 10/12/2007, -1/+3> Shivetya
Are you implying that a review conducted by a handful of programmers, no matter how good they can be, is more reliable than a review conducted by millions of professionals worldwide?
Also, open source in the context of encryption isn't just a buzzword. If you're serious about encryption, access to the source code is a base requirement, plain and simple. Open source guarantee that. Granted though, it's not the one and only solution, you can have access to source code without it being open for all to see. - gilsmethod, on 10/12/2007, -0/+2so the verdict is truecrypt is a better tool than that offered by MS? It seems to be the general consensus just reading the comments above. What about PGP?
- Lynn, on 10/12/2007, -1/+3Look, I just want to hide a few files from my kids. So, I am going to use the easier solution. If I need to hide something from the NSA I will take your advice and use TrueCrypt. Until then it is Private Folder for me.
- PaulGriffin, on 10/12/2007, -1/+3I've been wanting to password protect my porn for years! Awesome.
-
Show 51 - 100 of 131 discussions
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is