PGP encryption

[creep]

I'm sorry guys but I won't trust any of them. They are good products for keeping "normal" people out of your files. Most friends and family members won't be able to access your files. However if the feds get a hold of your Hard Drive I don't care what software your running they'll get in. I'm a novice and can crack a lot of the freeware thats out there. Imagine what a trained professional can do? I wish I had some good news for you but the best most expensive encription software out there can be cracked.

 

[oneandthesame]

I'm sorry guys but I won't trust any of them. They are good products for keeping "normal" people out of your files. Most friends and family members won't be able to access your files. However if the feds get a hold of your Hard Drive I don't care what software your running they'll get in. I'm a novice and can crack a lot of the freeware thats out there. Imagine what a trained professional can do? I wish I had some good news for you but the best most expensive encription software out there can be cracked.

blowfish cannot be cracked not by the feds of course nsa maybe, but he wouldn't have to worry about them over this stuff

 

[creep]

I'm not familier with blowfish but anything can be cracked. It's been proven time and time agian. Everything out there was "crack proof" untill it got cracked. Maybe the feds can't crack it yet but give them time. Rembember they have the time, the money and the resources to do what ever they want. I'm not trying to disencourge anybody from using these products. Just be aware that you not 100% safe and to take precautions.

 

[daemon]

I'm not familier with blowfish but anything can be cracked. It's been proven time and time agian. Everything out there was "crack proof" untill it got cracked. Maybe the feds can't crack it yet but give them time. Rembember they have the time, the money and the resources to do what ever they want. I'm not trying to disencourge anybody from using these products. Just be aware that you not 100% safe and to take precautions.

First off, I'm not necessarily worried about the feds. They've got better things to do then waste thier time on me. I haven't done anything worthy of them getting involved in my life.

Your right in the sense that I wouldn't trust ANY computer program out there if I was to get raided by some large gov't agency. There are too many factors to consider.

As to your assertation that crypto algorithms are crackable. I think your bieng overly dramatic. Popular algorithms have undergone years of peer study by some of the brightest people in the world. Unless a significant scientific advance comes, in line with the ability to factor large prime numbers, the algorithms are sounds and definately unbreakable by todays technology. The government wouldn't endorse something like AES and let the countries largest businesses use a flawed algorithm. If they see a weekness then the possability exists for others to see the weekness which in turn could cause catastrophic consequences to our nations financial infrastructure. In the end, flaws are usually found in the implementation rather than the algorithm.

 

[daemon]

okay so I should put all files/programs that can provide any form of evidencein a mounted scramdisk-disk? like explorer, the windows map etc.. but that you can do with pgp too, right? I have now one E: (scramdisk) and one E: (PGP) and both I can encrypt decrypt.. why would scramdisk be better..? sorry if I put stupid questions.. I've read the link and a few other security pages but my english isn't that good..

Scramdisk isn't necessarily better. The reason I used it was because it was free and it was faster.

Without fully encrypting your windows bootdisk you won't be getting everything. You have your swap file, windows temp files, registry entries, etc, etc. If your just storing things like text documents or pictures, you'd probably be okay. If your start installing programs or use programs which cache information.... your fighting an uphill battle.

An inconvenient but safe way to do things is to completely wipe your drive. Use a multiple overwrite program from a dos bootdisk. Reinstall the OS with all the applications you'll use. Image the drive. Do what you want to do. Occassionally rewipe the drive, restore from the image and your back to a known clean state. It's a pain in the ass but it's generally safe.

 

[SweOldSchool]

Without fully encrypting your windows bootdisk you won't be getting everything. You have your swap file, windows temp files, registry entries, etc, etc. If your just storing things like text documents or pictures, you'd probably be okay. If your start installing programs or use programs which cache information.... your fighting an uphill battle.

that's sounds like somehing I would like to do.. is it hard? I just don't want anyone (feds or other) to see my swap file, windows temp files, registry entries, etc, etc... nor I wouldn't like them to see some documents that I have or the stuff I say (write) on IRC (irc might be impossible).. I'm a bit dumb when it comes to computer so can I create a mounted disk with scramdisk and put the c:\windows map and mIRC and my documents in that disk? or am I way off?


btw about that password I use "fart" do you think I sould add a number to increase the secutriy?

 

[voodoo]

Scramdisk calls the windows API's related to security, so no information about your passphrase whould ever be paged out (or swap out for win 9x).

Blowfish is a good crypto, it wass one of the final canidate to replace DES. I don't know the spelling but something ryjell won and is now know as AES or advanced encryption standard.

All of these can be brute force hacked, its just a matter of time and money (CPU time on big systems costs $). Most locals will not spend the $ to send it to the FBI for processing. They may run some tools themselves, but if you use a large complex passphrase they will prob. give up.

Depending where you live (country) a court could require you to supply the passwords etc.

 

[daemon]

that's sounds like somehing I would like to do.. is it hard?

Absolutely. So much that I've given up trying.

nor I wouldn't like them to see some documents that I have or the stuff I say (write) on IRC (irc might be impossible)..

IRC is a joke. If the feds are interested they'll simply tap your connection from your ISP. True they won't be able to access what you typed from your computer unless you save log files but, it's much simpler to tap your line. If you become a target of an investigation, I'm almost positive they'll go that route.

it dumb when it comes to computer so can I create a mounted disk with scramdisk and put the c:\windows map and mIRC and my documents in that disk? or am I way off?

The only way I know to encrypt the windows partition is to use something like drive crypt plus pack.

btw about that password I use "fart" do you think I sould add a number to increase the secutriy?

Uhm.. yeah. For scramdisk at the very least you should be using two line passphrases.

 

[daemon]

Blowfish is a good crypto, it wass one of the final canidate to replace DES. I don't know the spelling but something ryjell won and is now know as AES or advanced encryption standard.

Rijndael

All of these can be brute force hacked, its just a matter of time and money (CPU time on big systems costs $). Most locals will not spend the $ to send it to the FBI for processing. They may run some tools themselves, but if you use a large complex passphrase they will prob. give up.

From the Rijndael FAQ:

Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255 keys per second), then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old.