I'd like to apologize to all.
Fortune told me yesterday that assumptions are the mother of all
screw-ups.
I assumed I was educated about the subject. I was not.
I forget it's not my tree.
I assumed that the OpenBSD developers desired cryptographic disks. There
may be a want for them, but its
Travers Buda wrote:
> On Friday 06 January 2006 14:46, Ted Unangst wrote:
>
>>i had an afternoon free and nothing better to do. i probably stored
>>about 10k of data on a cgd partition for about 5 minutes to see if it
>>worked, then deleted it. the stats with encrypted s
Travers Buda wrote:
On Friday 06 January 2006 14:46, Ted Unangst wrote:
i had an afternoon free and nothing better to do. i probably stored
about 10k of data on a cgd partition for about 5 minutes to see if it
worked, then deleted it. the stats with encrypted svnd are pretty
similar
On 1/6/06, Travers Buda <[EMAIL PROTECTED]> wrote:
> On Friday 06 January 2006 14:46, Ted Unangst wrote:
> > i had an afternoon free and nothing better to do. i probably stored
> > about 10k of data on a cgd partition for about 5 minutes to see if it
> > worked, then
On Friday 06 January 2006 14:46, Ted Unangst wrote:
> i had an afternoon free and nothing better to do. i probably stored
> about 10k of data on a cgd partition for about 5 minutes to see if it
> worked, then deleted it. the stats with encrypted svnd are pretty
> similar, though i
On 1/6/06, Travers Buda <[EMAIL PROTECTED]> wrote:
> YOU thought using CGD was good long before I ever did. Was there some
> reason behind this? Was there reason behind then using svnd? Am I to
i had an afternoon free and nothing better to do. i probably stored
about 10k of d
From: Travers Buda [mailto:[EMAIL PROTECTED]
> I think YOU need to articulate why CGD is not making it in.
> Why is the
> burden of proof on me? After all, YOU ported it in the first place!
> YOUr desire preceded mine.
Travers - are you bipolar or just hyper?
I think it was made c
> I think YOU need to articulate why CGD is not making it in. Why is the
> burden of proof on me? After all, YOU ported it in the first place!
> YOUr desire preceded mine.
It's our source tree.
End of story.
You really need to adjust your attitude. Or, if you won't, p
Ted Unangst,
Well, I don't think I need to articulate anymore why CGD ought to make
it in. I already have stated my reasons, so I won't do it again. But
there is something I'm lacking from you:
I think YOU need to articulate why CGD is not making it in. Why is the
burden of pro
I think I made a good application for the final round of the
"Moron Of The Year 2006" contest. My comprehension of the
matter is obviously not as good as it appeared, as some of
the last mails and also some private point out. I am sorry for
that.
All I really proved was that salting would be a good
Andreas Gunnarsson wrote:
On Wed, Jan 04, 2006 at 11:11:01PM +0100, knitti wrote:
my threat model includes the follwing two cases. for both of then svnd
can't protect me really well
case 1) lets say someone can predict some blocks in my encrypted data,
then she can find every block (64bit)
ay around that unless you find the key, so while this
can be a problem it is a little less severe than you say.
This is a problem with cbc, to avoid it you need to use another block
chaining mode or add some integrity check. CGD also uses cbc according
to http://www.imrryr.org/~elric/cgd/html4
warning! spoilers! openbsd svnd is not safe for general use.
On 1/4/06, Ted Unangst <[EMAIL PROTECTED]> wrote:
> this is good idea. the first thing you need to do is identify your
> threat model. can you write it down? and if it starts with "somebody
> stealing", you lose. amidst all the yamme
On 1/4/06, Karl O. Pinc <[EMAIL PROTECTED]> wrote:
> another point of my post was to indicate that yes, tedu is right
> in that most people _won't_ run CGD (or svnd) but people _still_
> appreciate having the option open. I, like IMO a lot of
> people, have only enough int
On 1/4/06, Ted Unangst <[EMAIL PROTECTED]> wrote:
>
> aes has faster key setup, which is important for swap but not for
> svnd. the cvs changelog says as much. swap encryption started out
> using blowfish as well.
i also should have pointed out that swap was converted to using
rijndael, not aes,
On 1/4/06, knitti <[EMAIL PROTECTED]> wrote:
> > this is really not that useful. why would you pick anything other
> > than "the best" when setting it up?
>
> because no one knows what the best is. blowfish appears to be the best
> at the moment, because its secure and fast. some other people don'
On 1/4/06, Marco Peereboom <[EMAIL PROTECTED]> wrote:
> > because no one knows what the best is. blowfish appears to be the best
> > at the moment, because its secure and fast. some other people don't like
> > block sizes of 64 bit. so perhaps they take aes, which is slightly slower
> > but encrypt
> > this is really not that useful. why would you pick anything other
> > than "the best" when setting it up?
>
> because no one knows what the best is. blowfish appears to be the best
> at the moment, because its secure and fast. some other people don't like
> block sizes of 64 bit. so perhaps t
On 1/4/06, Ted Unangst <[EMAIL PROTECTED]> wrote:
> On 1/3/06, knitti <[EMAIL PROTECTED]> wrote:
> > cgd gives users some choice over how to build their encrypted partition.
> > you're able to use different ciphers.
> > in the unlikely case of a cipher getti
On 02/04/2006 01:05:17 AM, veins wrote:
I think you are missing the point, cgd and salting are two different
and
unrelated things. It's not because cgd isn't making it into OpenBSD,
that salting won't make it into svnd. I'd explain, but frankly after a
night at work i&#
that the people asking for cgd really even intend to
use it.
I don't intend to use svnd (and so have not been paying attention
but am venturing to comment anyway), but I do _like_ the idea
of having it there to use should the need arise. Salting sounds
like something I want because, agai
On 01/03/2006 09:45:02 PM, Ted Unangst wrote:
On 1/3/06, kami petersen <[EMAIL PROTECTED]> wrote:
> on a related subject: what's keeping that diff you did to add
salting to
> vnconfig from hitting the tree? (or something like it)
i don't believe that the people aski
--- Ted Unangst <[EMAIL PROTECTED]> wrote:
> On 1/3/06, knitti <[EMAIL PROTECTED]> wrote:
> > cgd gives users some choice over how to build their encrypted partition.
> > you're able to use different ciphers.
> > in the unlikely case of a cipher getting
--- Ted Unangst <[EMAIL PROTECTED]> wrote:
> On 1/3/06, kami petersen <[EMAIL PROTECTED]> wrote:
> > on a related subject: what's keeping that diff you did to add salting to
> > vnconfig from hitting the tree? (or something like it)
>
> nobody commented on it.
> [...]
>
I didn't see that diff :(
On 1/3/06, veins <[EMAIL PROTECTED]> wrote:
> --- Ted Unangst <[EMAIL PROTECTED]> wrote:
> > On 1/3/06, kami petersen <[EMAIL PROTECTED]> wrote:
> > > on a related subject: what's keeping that diff you did to add salting to
> > > vnconfig from hitting the tree? (or something like it)
> >
> > nobody
On 1/3/06, kami petersen <[EMAIL PROTECTED]> wrote:
> on a related subject: what's keeping that diff you did to add salting to
> vnconfig from hitting the tree? (or something like it)
nobody commented on it. the lifecycle of this entire conversation has
gone something like:
w
On 1/3/06, knitti <[EMAIL PROTECTED]> wrote:
> cgd gives users some choice over how to build their encrypted partition.
> you're able to use different ciphers.
> in the unlikely case of a cipher getting broken, you have the possibility to
> switch instantly, using a tool yo
On 1/4/06, Nick Holland <[EMAIL PROTECTED]> wrote:
> knitti wrote:
> > cgd gives users some choice over how to build their encrypted partition.
> > you're able to use different ciphers.
>
> More stuff to test to make sure it works perfectly...
> "Knob
knitti wrote:
> On 1/3/06, Ted Unangst <[EMAIL PROTECTED]> wrote:
>> On 1/2/06, Travers Buda <[EMAIL PROTECTED]> wrote:
>> > You've made it very clear that CGD won't be imported into OpenBSD, yet
>> > you've never explained why, or why you por
Travers Buda wrote:
> Ted Unangst,
>
> Yes, I've looked at the archives.
>
> You've made it very clear that CGD won't be imported into OpenBSD, yet
> you've never explained why, or why you ported it in the first place.
>
> Care to let us in on
Ted Unangst wrote:
On 1/2/06, Travers Buda <[EMAIL PROTECTED]> wrote:
You've made it very clear that CGD won't be imported into OpenBSD, yet
you've never explained why, or why you ported it in the first place.
Care to let us in on why? I expect your reply will be a short
On 1/3/06, Ted Unangst <[EMAIL PROTECTED]> wrote:
> On 1/2/06, Travers Buda <[EMAIL PROTECTED]> wrote:
> > You've made it very clear that CGD won't be imported into OpenBSD, yet
> > you've never explained why, or why you ported it in the first place.
>
On 1/2/06, Travers Buda <[EMAIL PROTECTED]> wrote:
> You've made it very clear that CGD won't be imported into OpenBSD, yet
> you've never explained why, or why you ported it in the first place.
>
> Care to let us in on why? I expect your reply will be a short &quo
Ted Unangst,
Yes, I've looked at the archives.
You've made it very clear that CGD won't be imported into OpenBSD, yet
you've never explained why, or why you ported it in the first place.
Care to let us in on why? I expect your reply will be a short "no" just
lik
Hi,
I had read on the mail lists that Ted U. had ported cgd to OBsd for
3.3, but that those patches are no longer maintained and that there
are no intentions of re-porting cgd to OBSD. cgd and (s)vnd are the
best encryption methods compared with cfs or tcfs, but cgd seems to a
more flexible and
35 matches
Mail list logo
