Bitcoin Forum
December 09, 2016, 04:15:39 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: My reply to zombie thread "GnuPG versus TrueCrypt"  (Read 743 times)
monsto
Newbie
*
Offline Offline

Activity: 1


View Profile
June 22, 2012, 03:08:06 AM
 #1

Original thread: https://bitcointalk.org/index.php?topic=16266.0

I bought a laptop specifically for "more secure" uses and am (haven't done it yet) trying to decide what to do. I googled "gpg vs truecrypt' and that thread came up. Since i've considered bitcoin and am a kinda familiar with it (read up on it more than 'a bit'), i had a passing interest in the specifics of the topic as well. there were a number of suggestions as well as deeper information (if you're really interested, skim the thread) on what is and isn't "good", including a 5 char brute force test (it was "for fun" as one of the posters said, but anyone that only uses 5 char for anything but fora pretty much deserves what they get.)


So my reply:

the one thing that i don't think the more knowledgeable posters in that thread took into account is usability. An encryption situation is only as good as the users diligence and the tools usability combined. And yes usability is only as good as a person's willingness to learn the tools, that is also diligence. If a situation is "highly reliable" (whatever that means) but is so many steps and enough time to be such a giant pain in the ass that the user doesn't complete it each time (forgetting the steps is a good reason) then it's no good... well, it loses security by the orders of magnitude. While the 7zip solution was mildly shit upon, it has a very high likelihood of being completed 100% every time because it's fast, simple and reasonably secure for 99.7% of the days applications.

So which is better? a supremely secure (9/10) result from a series of steps thats only partially complete because the user doesn't feel like it, or a moderately secure (5/10) result from a canned, 1-click, windows app that is completed everytime? In most situations, I would call the 7zip solution practically best. (as long as you use more than a 5 char pass)

My point is this: between the 1-click 7zip solution and the method suggested in this post (and it's follow up) there's no accounting for people. it's up to people to find that balance between the diligence required and the encryption desired. Crap all over it if you want, but the reality is that in general people aren't diligent. The Instant Total Gratification Society wants it perfect right now. I know some of you will berate such people, and i appreciate your help on the subject.

For my purposes, tho, I believe whole-disk Truecrypt would be my best bet... it doesn't require surfing man files or various forums for hrs and days trying to find a practical and usable config. And, from what i've read, is generally proven.

P.S. What would be useful is a compiled link-list of "known methods" that range from the simple 1-click solutions to "best known" solutions and scenarios and ppl would find their balance.
1481256940
Hero Member
*
Offline Offline

Posts: 1481256940

View Profile Personal Message (Offline)

Ignore
1481256940
Reply with quote  #2

1481256940
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
lanternblue
Newbie
*
Offline Offline

Activity: 14


View Profile
July 01, 2012, 10:25:30 PM
 #2

Truecrypt of course, GnuPG is for mail, go read the manuals.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 2506


View Profile
July 02, 2012, 02:11:17 AM
 #3

I use TrueCrypt for most encryption and 7-zip for some things. TrueCrypt's method is definitely very strong. 7-zip's method is less strong, but still good enough IMO. GPG can be configured to securely encrypt files, but the default symmetric encryption method isn't very good and the interface sucks (gpg's asymetrical interface sucks, too...).

Truecrypt of course, GnuPG is for mail, go read the manuals.

You should read the manuals.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!