On Mon, 04 Aug 2014 03:45:48 +1000 Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> wrote: > Yes, but the method of encryption used (aes-xts-plain64) does NOT > lend itself to this kind of analysis. Not that we know of… XTS doesn't seem to be a right choice: http://sockpuppet.org/blog/2014/04/30/you-dont-want-xts/ > btw aes-xts-plain64 (for 2TB+ sized drives) is the default for > version 1.6.0 onwards, but Debian stable is using version 1.4.3 at > this time. > > Just don't use defaults; case in point is using the CAST5 cipher > for symmetric encryption with gpg ... what a joke that default is! You're right, some packages really have strange defaults. In my diversion of the encfs thread, I forgot to mention that a real (exhaustive) FAQ about crypto + a forum (where you don't get dismissed) would be a very good thing. -- * gael thinks he's developing a tonsillitis… <Mwyann> in which language?
Attachment:
signature.asc
Description: PGP signature