encryption

queso, i was reading about encryption.
with a program like truecrypt, couldn't someone just hax your volume by guessing your password?

i see the advantage if they can't guess it - the data is all encrypted.

but how do you make a crazy ass password that can't be found out?

Passphrases, moron.

but how do you make a crazy ass password that can't be found out?

Like this for example:

BP*++v4q64806bvw088t$=T204vh0ewveuhwv0zv4eh)T)%tz9t5)Z=)NVZ)Z93hz9v3ngz)9tbv953z9z4v90ne0nezü0az8wvez0at8z04t6309775%T=)§$/%VZN=)ZN509zv5n0435zvnz50538v5n35v3ü50wn5z3t0

>>3
A password longer than the hash output is moronic.

>>4
But relatively secure.

>>5
No securer than the three-character password that maps to the same hash.

>>6
umm excuse me, u don't know what ur talking about.

>>5
Not really. The strength of your password doesn't matter for shit if you have to copy/paste it just to get it right.
Passphrases are much better.

>>7
Hash collisions. Look it the fuck up. Every input larger than the hash length almost certainly shares its hash with an input smaller than said length.
The odds of it being exactly three are rather small, but the point is still a valid one.

>>8
Passphrases are dictionary based. At least for most people.

If you have to use a passphrase to be able to remember shit, at least obfuscate it.

>>8
umm excuse me, u don't know what ur talking about.

>>9
A passphrase consisting of x words is more secure (and often easier to remember) than a password consisting of x characters, dictionary-based or not.

>>11
umm excuse me, u don't know what ur talking about.

>>11
Umm excuse me, you don't know what you are talking about.

>>11
Umm excuse me, you don't know what you are talking about.

>>11
Uhh, 'scuse me, but you do not know what you're talking aboot.

>>11
Uhh, 'scuse me, but you do not know what you're talking aboot.

>>11
umm excuse me, u don't know what ur talking about.

>>1

dont pick a dictionary password ;)

>>18
umm excuse me, u don't know what ur talking about.

>>18
Uhh, 'scuse me, but you do not know what you're talking aboot.

>>20
umm excuse me, u don't know what ur talking about.

LOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOLLOL

>>22
umm excuse me, u don't know what ur laughing about.

>>23
umm excuse me, u don't know about mudkipz

>>24
so i herd he lieked dem, doze mudkipz, aneewayz

>>25
umm excuse me, i liek mudkipz

>>26
no eckyoos, itz nyce to liek mudkipz

mudkipz! mudkipz! mudkipz!

What about leasing an RSA SecurID or something similar? You know, to randomly change the password every minute or so? I know it's pretty extreme, but if someone really has data they need to secure you can't really get much better than that (well, besides biometrics). Or is that just beyond the scope of what TrueCrypt offers?

>>28
Not sure about RSA SecurID, but biometrics would not make sense in the context of TrueCrypt. The only feature of TC worth mentioning is the ability to have hidden partitions, the existence of which cannot be discovered without knowledge of the password. If you use biometrics, someone who wants to know whether or not you have a hidden partition will get a court order forcing you to attempt to open said hidden partition using each finger (in the case of fingerprint readers), and if you refuse you'll be held in contempt of court.

>>29

>>7,10,12,13,14,15,16,17,19,20,21,23,24,25,26,27
would like to have a word with you.

a court order forcing you to attempt to open [...] a court order forcing you to attempt to open
Lol third world countries.

>>29
Umm excuse me, you don't know what you are talking about.

>>31
America, Canada, UK, Australia = 3rd world now? Fascinating!
All the encryption in the world won't mean shit when the government can throw in jail for refusing to unencrypt data for them, as is the case in most western nations. If you have a TrueCrypt hidden partition with some reasonably secure non-biometric password, you're essentially in the clear; the government cannot prove that the partition exists without the password, and therefore cannot prove you are withholding the password. They cannot get a court order requiring you to attempt to open the possible hidden partition with every possible password. However, if you do use biometrics - say, a fingerprint - they can and will get a court order forcing you to attempt to decrypt a hidden partition using each finger. If you think that's shitty and borders on violating the fifth amendment in the US, we're in complete agreement; but your opinion isn't going to mean shit to a judge.

Biometrics are great (read: >= normal passwords) for protecting your data from parties on roughly equal footing with you. For protecting it from a party which can punish you for refusal to cooperate, they are idiotic and useless.

>>33
Umm excuse me, you do know what you are talking about.

>>33
the government can throw in jail for refusing to unencrypt data for them, as is the case in most western nations
America, Canada, UK, Australia = most western nations now? Fascinating!

>>35
You may want to learn basic fucking grammar, dipshit. "as is the case in most western nations" = IN ADDITION TO America, Canada, UK, Australia.

You could just bury a nortech compy in your backyard hooked up to power and a wireless gaming adapter, then do freakin everything possible to hide it on your network.

>>36
You may want to learn reading comprehension, cockwad. >>35 was suggesting that Americ, Canada, UK, and Australia are the only Western nations where this is the case.
Which is not quite true: they can't in Canada, and they can in Germany. Otherwise, though, it's accurate.

>>38
they can in Germany
Bullshit.

>>39
If only.

>>39
Are you sure? I am no lawyer but I think a judge can send you to jail if you refuse to give away your password or are not willing to use your finger in case of biometrics.