The Three Branches Of Government In One Cartoon

Tyler Durden's picture

The golf ball buck stops here.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Kirk2NCC1701's picture

Scotty:  Aye, aye, aye.

Pure Evil's picture


For truecrypt users, you may want to read this and follow the suggestions further down in the article.

Seize Mars's picture

Pure Evil

Thanks but I'm kind of in the dark here? What does it mean?

Pure Evil's picture

Follow their advice:  (from the article in the link above)

  1. Do not under any circumstances download, install, or run the version 7.2 installers now offered on the sourceforge site. The new builds are still being analyzed and evaluated to determine their safety, and besides, they are known to be crippled, with the capability to perform new encryption disabled. Stay on version 7.1a or your earlier installed version.
  2. Continue to use your existing TrueCrypt processes and procedures normally, version 7.1a or earlier, until we all figure out what’s really going on here. There is no proof yet of any security flaw in the existing program. Do not start migrating to BitLocker or another solution just yet. That’s a whole mess of its own as I will get to in a future post.

My advice is to do nothing for now until more info is forthcoming.

Unless you've installed version 7.2 from the website, if so remove it.


As for the rest, I have no more idea what's going on anymore than anyone else does.

Spread this around as much as possible.

It's quite possible, Microevil offered them more money then even they could refuse to stop development, why else would a new webpage encourage everyone to migrate to Bitlocker which only Microsoft offers?

I am more equal than others's picture



Treating the constitution like Larry, Moe and Curly. 

Whuupp! Whuupp! Whuupp!

wee-weed up's picture

And guess what? If the spineless congresscritters won't do anything about his dictatorship - he's won! Heil Amerika!

seek's picture

Honestly at this point I think the safest presumption is that truecrypt is compromised (given the developer's sign-off message) and that all closed source encryption is compromised as well.

It seems far more likely given how quickly truecrypt was shut down that it's not Microsoft at work here, but the government. If you're a handful of loosely associated and largely anonymous developers, it's going to be pretty easy for the government to order you to do something or get disappearred if you live in the US.

I'd advise to just go 100% open source and switch to the built-in AES256 (or alternates supported) in the linux kernel and anything that's too important just stays in a PC permanently rendered offline (remove network cards, disable speakers just in case the audio-based BIOS compromise rumors are true.)

BlindMonkey's picture

How is the best way to deal with the likely compromises in the randomization engines?  I am not a linux guru so I am not sure if that section of the code needs to be swapped or what to manage that.

seek's picture

Linux doesn't use just one source of entropy, it uses multiple sources and combines them, so compromised hardware engines actually don't compromise the entire RNG chain (and the decision to mix sources is fucking brilliant in retrospect, isn't it?) There are tools to increase the entropy of /dev/random if you wish to use them. While there's a study that suggests the PRNG of linux isn't robust enough, with the mixing and the fact that no exploits have emerged, and the fact that you can add your own sources into the entropy pool all point at linux (on PCs anyway, on things like cheap routers it's a different story) is pretty secure with respect to randomization.

An outright hack/capture of keys from RAM/keystrokes is a far, far more likely attack vector than someone taking advantage of a few altered bits of an entropy source and reversing disk encryption. I would be super wary of anyone that's suggesting replacing the kernel code with a single source of entropy -- since that could compromise things. If you dig into the internals you find a lot of debate on how to handle Intel's RDRAND instruction, but no debate over the concept of mixing to prevent any one source from compromising the whole mess.

Short answer: I'm pretty sure the architectural implementation of randomness in the linxu kernel pisses the NSA off to no end.

logicalman's picture

Closest thing to total security is the use of a 'one-time-pad'

Theoretically uncrackable.

It's a lot of work and only works between a small number (ideally 2)

Just FYI

seek's picture

Yup! We usually get people that pop and here and try to convince us that all encryption is breakable and that the NSA can do it when you say that, though, even though we both know better.

I suspect they're either ill-informed, trolls, or work for the gov't to convince people to give up and do nothing to secure their info.

MontgomeryScott's picture

You're kind of silly.

Encryption is what it is, like guns are 'what they are'.

A gun without ammunition is a CLUB, and all the encryption in the universe won't matter if the internet goes down.

BOTH items must be in place (like ammunition and guns); or neither one matters.

Encryption is good. Guns are also good.

Guns need ammunition that functions.

Encryption requires an INTERNET that functions.

A DDOS attack on a nation that shuts off the internet makes all the ENCRYPTION in the UNIVERSE mean absolutely NOTHING for those who are affected.

It helps, though, when the source-coder is strong-armed in to allowing a 'backdoor' (under threat of being subjected to a DDOS attack).


Those who rely on secrecy and subterfuge are trying to use the same weapons that are used by their enemies. You can't ultimately hope to put out a fire by using fire; or save a drowning man by pouring water on him.

The VERY NEED for 'private encryption' belies the fact that the enemy OWNS the entire network; and can shut it OFF at a whim.

Can you understand the point here, laddie?

I suspect they're either ill-informed, trolls, or work for the gov't to convince people to give up and do nothing to secure their info.

Um, NO, I'm not (but thanks for playing).



seek's picture

Wrong. Very very very wrong.

Privacy of documents has absolutely nothing to do with a functioning internet, nor is network access necessary for encryption to function. At all. Indeed, if the information is that sensitive, it shouldn't ever even be on a networked computer, encrypted or not. Thanks for enlightening me that my secure PC with no network access can't encrypt anything without the internet. /sarc

In my circumstances, the main purpose of encryption is to secure information on hard drives that might be physically seized. The internet is completely irrelevant to this purpose.

Renegade Thought Crimes's picture

All good points that you've made.


Throw a Faraday room into the mix for the uber paranoid. 

logicalman's picture

My dad worked on Enigma, so I found myself interested in such matters quite a while before the internet was around.

All top secret untill mid '80s (some of it still is)

Spent a few fascinating hours discussing the aforementioned pads with a collegue of his who's job during WW2 was training agents how to use them properly.



Tegrat's picture

I have been using lvm and luks dmccrypt since before truecrypt was a gleam in NSA's eye. I have several large img files encrypted using this open encryption method.


# Author
#    tegrat
# $Id: lukcreate 338 2013-06-04 18:53:40Z tegrat $
. ~knoppix/scripts/functions $@
set -x
[ "X$1" = "X-f" ] && force=1 && shift
[ $# -eq 2 ] && [ -z "$dev" ] && exec echo "dp env var not defined - specify thi
s as the first arg"
[ $# -eq 3 ] && dev=$1 && shift
[ $# -ne 2 ] && exec echo -e "Usage:\n\t$0 [basedev] relimg sizeGB\n\teg: $0 sdb
1 Data/Tor 13 # create 13GB enc /dev/mapper/Tor from /media/sdb1/Data/Tor.img"
pn=$(echo $img | sed s/\.img//)
bas=$(basename $img .img)
# To be safe shut down luk devices
do sudo fgrep "$mod" /etc/modules || sudo echo $mod >> /etc/modules
#for mod in dm-crypt dm-mod sha256 aes
#do sudo modprobe "$mod"
[ -f "$img" -a "$force" -lt 1 ] && exec echo "$img already exists"
sudo dd if=/dev/zero of=$img seek=$((1000 * $GBs))M bs=1 count=1
sudo losetup -a | perl -ne 'print "$1\n" if m@(^[^:]+):.*'$img'\b@' |
while read loop; do sudo losetup -d $loop; done
loop=$(sudo losetup -f) && sudo losetup $loop $img
losetup -a
[ -d "$mnt" ] || sudo mkdir -p "$mnt"
sudo cryptsetup -c aes-cbc-essiv:sha256 -s 256 -y luksFormat $loop ||
    exec echo "Cant format encrypted data $img"
#sudo cryptsetup --debug -c aes-xts-plain -s 256 -y luksFormat $loop ||
#sudo cryptsetup luksClose $loop
sudo cryptsetup luksOpen $loop $bas
sudo mkfs -t ext4 "$enc"
sudo mount $enc $mnt || exec echo "Cant mount unencrypted volume"
sudo chown knoppix $mnt/*

---cut here---

# Author
#    tegrat
# $Id: lukdn 313 2013-03-30 02:05:32Z tegrat $
. functions $@

# Drop enc mnts
echo "Unmount decrypted mounts"
for mnt in $(mount | perl -ne 'print "$1\n" if m@/dev/mapper/(\S+)@;')
do sudo umount /media/$mnt
# Close encryption
echo "Closing luks devices"
for enc in $(ls -1 /dev/mapper/*)
do [ -b $enc ] && sudo cryptsetup luksClose $enc
# Drop loop devices
echo "Dropping loop mappings to luks images"
for loop in $(sudo losetup -a | awk -F: '{print $1}')
do sudo losetup -d "$loop"
--- cut here ----

# Author
#    tegrat
# $Id: lukup 341 2013-06-28 19:19:33Z tegrat $
. ~/scripts/functions $@
trap "set +x" EXIT HUP INT ABRT TERM
export dev nam img bas mnt dec
function cont() {
  echo $@
export nam=$2
export ext=""
set -x
for par in ${1:-"$dp"} sdb1 sdc1
do echo "Trying $par"
   [ "$par" = "$dp" ] || ext=".$par"
   [ -b "$dev" ] && ismnt $dev || sudo mount "$dev" || cont "unable to mount $de
   basnam=$(basename $fn)
   [ -d "$mnt" ] || sudo mkdir -p "$mnt" || abort unable to create  mount point $mnt for $dec
   # cryptsetup handles loop device logic so commenting that out
   hasloop $img && unloop $img
   loop=$(sudo losetup -a  | perl -ne '$par=$1 if m@(^[^:]+).*/'$par'/.*/?'$basdir'.img@; END { print "$par" || `sudo losetup -f` }')
   hasloop $img || hasloop $loop || sudo losetup $loop $img || abort "Cant associate $loop with $img"
   [ -b "$dec" ] || sudo cryptsetup luksOpen $loop $basnam  || abort "Cant open encrypted data $img"
   ismnt "$mnt" && echo "lukup: $mnt is already mounted" && exit 0
   sudo mount $dec $mnt && exit 0
   echo "Cant mount decrypted volume $par from $img on $par, enter a different device base, (eg, sdb1), [n]ext to try the next device or <Return> to exit"; read ans
   expr "$ans" : "[Nn]" || exit 1


alfred b.'s picture


     heh, ....i used to have a Comodore too!


shouldvekilledthem's picture

Bitlocker? Who the fuck would still trust Microsoft after Snowden?

logicalman's picture

Who'd have trusted Microsoft before Snowden?


Uncle Remus's picture

PE, I followed this when it first took place and it smells fishy to me. Interestingly enough, I think I have the last version from the old site. but not installed.

Once ofthe tech sites, I don;t recall which one, used a years old "inferred" recommendation from Bruce Scheiner  (bu virtue of that being what he used) for a commerciaol product now owned by Symantec I beleive. Right.

No, I think they got taken down mostly as a warning to the OS community - don't make/distribute encrytption we can't break or doesn't have a backdoor into. That and cast doubt on the existing product.

ugmug's picture

Obama is Shepherding the whole world to our money while riding a golf cart...Golf Cart One.

knukles's picture

Ain't he back in DC now? 
He brought the cart and bag so it's a ro-ro (roll on roll off)?
Expeditionary golf...

NeoLuddite's picture

Obama is a wolf in shepherd's clothing - much more dangerous than a wolf in sheep's clothing.

Urban Roman's picture

More like a dweeb in shepherd's clothing. To distract you while the real weasels raid the chicken house. Just to mix animal metaphors.

messymerry's picture

Yup, $125,000,000 for Golf Cart One.  They call it the wee beast.  Leaves giant ruts in the grass...

Urban Redneck's picture

Who knows? But I have cross platform, cross site and physical portability needs, so I don't really have any other options for the foreseeable future, but I've got v7.1 for linux (full/console/64/32), pc, mac, and maemo/arm if you need a copy.

I used to use PGP before they were absorbed by Symantec and promptly turned into an ever bigger pile of shit. Given the NSA's tendencies, you would have to pay me (substantially) to use PGP or whatever they're they're calling it now.

knukles's picture

@Pure Evil

Many thanks for once again adding to the litany of "unsecured secure" Ethernet tools.
So once in a while something comes to the fore wherein a tool is proven not to be secure.
Just imagine how many tools are not secure with the user base secure in the knowledge of the security of the security product which is anything but secure.

To wit: TOR (amongst others openly know to be about as secure as my mom's old rusty colander)

Roll Tide's picture

I know many of you are wondering how our vacation is going.  Well, we are having a wonderful time here at the Vineyard.  Barack seems so relaxed and has spent a lot of quality time with us riding bikes and eating lobster.  Wish you were here.  Signed, Michelle O.

Raymond K Hessel's picture

and smoking a shit load of cigarettes a habit we don't recommend people adopting, of course.

You know the drill, do as we tell you, not as we do since we can do.


The Fuck.




Hugs and kisses,

Barry H.O.B.L. 

TeamDepends's picture

We used to dick around with TOR years ago but then said why bother? Come on people, NSA/PRISM knows exactly where you are, the last time you crapped yourself, whether or not you are a nail biter, and the exact moment in time you lost your virginity.

logicalman's picture

I lost my virginity a long time ago, a long way from any tech available at the time.

I think that may be the one thing the NSA doesn't know about me.

Nice to (hopefully) have one thing the fuckers don't know!


McCormick No. 9's picture

Very cryptic indeed. But I have bigger concerns. I just broke down in the middle of haying. I need a decent 12' cutter head for a New Holland 1100 self propelled swather. Damn!

besnook's picture

predicated by the shrub proclamation that a dictatorship was a much easier form of .gov for .gov.

Pure Evil's picture

Actually, it was predicated by his father who announced a new world order back in........what was it?


But, why is it the NWO only brings more of what they claim they want to end.

logicalman's picture

If they were honest, even Joe Asleep Public would fight back.

Hence MSM.

TheReplacement's picture

Is that not what vampires do?

what&#039;s that smell's picture

president and wall street shill barrak obama explains western corporate capitalism....

"mine, mine, mine."

my version is ten thousand and one times funnier than the cartoon's friedmanical randroidian austrian idiocracy.


Seize Mars's picture


austrian idiocracy

Uh...fuck you?

Pure Evil's picture

Yep, nothing like New National Socialism.

knukles's picture

But we all get a fair share.
Depending upon the meaning of fair's fair and getting all sortsa shit we don't want thrown in as the majority of stuff in the unintended consequence bonus round.

Raymond K Hessel's picture




What's That Smell,

Your mother's twat.


Fixed it.

TheReplacement's picture

You have to properly reward the people who gather everyone else's wealth for redistribution.

You have to properly reward the people who store everyone else's wealth before redistribution.

You have to properly reward the people who redistribute everyone else's wealth.

You have to properly reward the people read teleprompters and make useless prolomations about wealth redistribution.

There is a lot of work going into making sure you don't make too much or too little.  Those people have to be taken care of or the whole system breaks down and we all end up getting what we deserve, not accounting for pure luck.

Motorhead's picture

Fuckin' A, man, no shit!

highly debtful's picture

Well, everybody is always whining about too much red tape and government overhead. Maybe this guy is on to something: after all, in the end he'll be the only one on the government payroll.

Him, the president, and a police force armed to the teeth to back him up.


Pure Evil's picture

Well, just remember. Mercenaries have to be paid.

When the dollar dies, they'll want to be paid in gold, or they'll be giving out lead to their paymasters.