Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech]'s lack of plausible deniability (Was: TrueCrypt Alternatives?)

Greg greg at
Mon Oct 6 18:50:39 PDT 2014

On Oct 6, 2014, at 6:41 PM, Collin Anderson <collin at> wrote:

> On Mon, Oct 6, 2014 at 9:35 PM, Greg <greg at> wrote:
> Although this isn't a serious bug, it's still a security-related issue and you don't know how failing to responsibly disclose it could affect someone.
> It seems that you were called out on something fairly basic -- is this about bug reporting or public embarrassment on a matter that you would have wished to remain shuffled away in private correspondences?

Sorry, I don't understand your question, could you rephrase it?

I am embarrassed for Steve Weis. If I were employing him, I'd fire him for claiming to be a security professional while not knowing how responsibly disclose a bug.

Re "fairly basic": yes, modifying timestamps is fairly basic stuff (and it worked in all our tests just fine). I have no idea why it suddenly broke.

- Greg

Please do not email me anything that you are not comfortable also sharing with the NSA.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list