I guess the "Everything's fine" canary helps avoid the TrueCrypt scenario.
In the case of TrueCrypt, they put up a bunch of vague clues that something might not be ok. They told people to use BitLocker, which, prior to their implosion, they had a FAQ that says you should never use TPM. So it was highly suspect that they would ever willingly tell people to use BitLocker. They also told people to use encrypted sparsebundles, and provide instructions on how to do so, but if you look at their instructions, the screen capture with the "[_] Encrypt" checkbox is un-checked. Which is again, highly suspicious. And there were a few other clues that I'm forgetting off the top of my head ... which tend to suggest they didn't willingly give up TrueCrypt development. _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
