| 1 |
On Sunday, 22 March 2020 03:00:51 GMT William Kenworthy wrote: |
| 2 |
> On 22/3/20 2:29 am, Dr Rainer Woitok wrote: |
| 3 |
> > Dale, |
| 4 |
> > |
| 5 |
> > On Saturday, 2020-03-21 13:01:01 -0500, you wrote: |
| 6 |
> >> ... |
| 7 |
> >> |
| 8 |
> >> Thing is, if I |
| 9 |
> >> |
| 10 |
> >> give it to someone who uses windoze, can they just put in the password |
| 11 |
> >> and open it or does it have to be on the original system? |
| 12 |
> > |
| 13 |
> > They just have VeraCrypt to be installed and they have to know the cred- |
| 14 |
> > entials, which may be a password and/or a certain file on each system. |
| 15 |
> > |
| 16 |
> >> Basically, I'd like to transfer |
| 17 |
> >> |
| 18 |
> >> files from one system to another but it be encrypted while in transit. |
| 19 |
> >> I use Linux, they use windoze tho. That make sense? |
| 20 |
> > |
| 21 |
> > I do exactly that: transfering files from Gentoo to Windows and back. |
| 22 |
> > And if anybody else would try to read the USB stick they would only find |
| 23 |
> > white noise on it. |
| 24 |
> > |
| 25 |
> > Sincerely, |
| 26 |
> > |
| 27 |
> > Rainer |
| 28 |
> |
| 29 |
> Good point - securestick leaves the "structure" of directories visible |
| 30 |
> on the standard exfat FS but encrypts the files in place. My view is its |
| 31 |
> "good enough" for my purposes and while veracrypt is better - it wont |
| 32 |
> work in my use case. |
| 33 |
> |
| 34 |
> |
| 35 |
> BillK |
| 36 |
|
| 37 |
I'd like to add the "good enough" encryption requirement Bill mentions here, |
| 38 |
appropriate to a particular use case should be understood for what it is. A |
| 39 |
relative measure of security and retention of privacy. Many hardware and |
| 40 |
software data encryption schemes offer only a relative level of security and |
| 41 |
are not strong enough to trust them with your life. Convoluted methods using |
| 42 |
browsers and what not open additional side-channel attack opportunities and |
| 43 |
increase exposure. Software solutions which work today, may stop working |
| 44 |
tomorrow on the next release of MSWindows OS. Many hardware solutions |
| 45 |
promising built-in encryption, well ... they are not to be trusted: |
| 46 |
|
| 47 |
https://www.ieee-security.org/TC/SP2019/papers/310.pdf |
| 48 |
|
| 49 |
Many of these methods are weak for a determined and technically capable |
| 50 |
attacker, but they are perfectly adequate stopping the general public from |
| 51 |
accessing your data. |
Archives