Category Archives: Uncategorized

Yes… TrueCrypt is still safe to use.

So opens the short editorial I wrote this morning and placed at the top of GRC’s new TrueCrypt Final Version Repository page. The impetus for the editorial was the continual influx of questions from people asking whether TrueCrypt was still … Continue reading

Rate this:

Posted in Uncategorized | Tagged , | 127 Comments

An Imagined Letter from the TrueCrypt Developer(s)

As I wrote yesterday, we know virtually nothing about the developer(s) behind TrueCrypt. So any speculation we entertain about their feelings, motives, or thought processes can only be a reflection of our own. With that acknowledgement, I’ll share the letter … Continue reading

Rate this:

Posted in Uncategorized | 99 Comments

Whither TrueCrypt?

My guess is that the TrueCrypt self-takedown is going to turn out to be legitimate. We know NOTHING about the developers behind TrueCrypt. Research Professor Matthew Green, Johns Hopkins Cryptographer who recently helped to launch the TrueCrypt Audit, is currently … Continue reading

Rate this:

Posted in Uncategorized | 138 Comments

A quick mitigation for Internet Explorer’s new 0-day vulnerability

The Internet industry press has been milking the news of the end of Windows XP support for much more than it’s worth. Now, over the weekend, we get news of another, in a continuing series of, (0-day) flaws in Internet … Continue reading

Rate this:

Posted in Uncategorized | 92 Comments

The Lesson of Lavabit

An implication of undeliverable security painted a bullseye…Post’s Permalink On Thursday, August 8th, Ladar Levison, the owner and operator of the semi-secure Lavabit.com eMail system, shut down his nearly ten year old service rather than be forced to continue to … Continue reading

Rate this:

Posted in Uncategorized | 196 Comments

IronMan 3 was “Unbelievable”… but not in a good way.

My two-cent take on IronMan 3: This was a Disney/Marvel collaboration. Perhaps one problem was that it was too much Disney and insufficient Marvel. The thing I was conscious of at many points throughout the movie, was that in ridiculously … Continue reading

Rate this:

Posted in Uncategorized | Tagged , , , | 31 Comments

Reverse Engineering RSA’s “Statement”

Responsible Disclosure?  Ummm, not so much…Sharable Shortlink On March 17th, 2011, Art Coviello, RSA Security‘s Executive Chairman, posted a disturbingly murky statement on their website disclosing their discovery of an “APT” (Advanced Persistent Threat). In other words, they discovered that … Continue reading

Rate this:

Posted in Uncategorized | 124 Comments