To me I think they should recognize that perception of something like upholding the tradition of a warrant canary that they started many years ago is important in and of itself. But other than that there is no evidence to suggest that its been compromised and my opinion is that used properly it is still rock solid.Īlso, to expound on the above, I don't think the folks at SpiderOak would have made the decision lightly to can the Warrant canary. The other big thing is that for FDE, it doesn't support GPT meaning anything in UEFI mode or larger than 2TB as primary disk for full disk encryption won't work with TrueCrypt. The shame about TrueCrypt was that its password iteration rounds were hardcoded at only 1,000 rounds, meaning in this day and age you have to use a very long high entropy passcode to prevent brute forcing, but its cap at 64 char should be sufficent for all purposes. As for the code, its open source and other projects like VeraCrypt have now built upon that. Ironic that they shutdown TrueCrypt right after the publically funded audit came up largely clean, in fact in two seperate audits nothing of real note or concern was ever found. I think TrueCrypt was given NSL and instead of agreeing to put a hard-to-detect backdoor or slip a vulnerability into the next version, instead they closed shop, not entirely unliked Lavabit did. It might sound expensive to have dedicated netbook or similar for this purpose but ask yourself, is the value of backed up data plus the value of privacy higher than a $200 one-time cost? So basically, use TrueCrypt to encrypt files on work-computer, then move the encrypted container to Spider-Oak dedicated computer for cloud backup using a thumb drive. If it's not possible, make sure the computer that has SpiderOak client installed doesn't have access to unencrypted files. However, avoid using SpiderOak client and use browser to upload the file if possible. This makes spying on content and metadata practically impossible. Just remotely delete the backup file and upload newer container. You don't have to download the previous container by downloading it first, unless you lose your data. Mount the encrypted container on your OS, add files to the virtual hard drive, and dismount the drive Keep a copy of that password database on cheap thumb drive, and make sure you memorize that password database password.) Preferably generate strong password using an offline password manager like KeepassXC or Keepass2 that remembers it for you. (Make sure the password is really, really strong. Here's how:ĭownload and install some open source encryption program like TrueCrypt or VeraCrypt.Ĭreate an encrypted, static sized container larger than what you need, but not too large to slow down upload unnecessarily. You can still use SpierOak for weekly/monthly backups safely. Orgīuilding the global movement for the protection of privacy.Įxactly! To explain, only if you need to work directly from cloud are you fucked. Related Subreddits:Ĭonsider donating to one of the organizations that fight for your rights. u/blackhawk_12 Subreddit Rules and Wikiīefore posting in /r/privacy, read the Sidebar Rules.Įnjoy our Wiki! It has all sorts of nifty advice and explains most topics you’re interested in if you’re reading this. "I don't have anything to hide but I don't have anything I want to show you either" Dedicated to the intersection of technology, privacy, and freedom in the digital world.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |