-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ScramDisk News ============== Eek. Has it really been 17 months since I typed a "Newsletter"? I guess so.....Anyway, the purpose of this note is to keep you up to date with ScramDisk developments etc. Hopefully it will also get rid of some of the Frequently Asked Questions? Sad Loss ======== We are extremely saddened to hear that Emilio Oriente has passed away. Anyone who follows the "crypto-scene" will no doubt have heard of Emilio, he has converted the ScramDisk & PGP manuals from English to French and has been involved in the proliferation of strong crypto throughout France. Our respectful condolences go to Emilios family and friends. Windows NT / Windows 2000 Support ================================= Hint: You can't use the current Windows 95/98 version of ScramDisk under w2k - it just doesn't work! Don't try. A working driver is currently being developed. The code is already in place to mount / dismount etc and work is currently being done to produce a uniform user interface. No ETA is currently available, but development is certainly progressing at a good rate. The licensing for the NT/w2k version is likely to be different from the existing 95/98 version - we are investigating charging a "nominal" shareware fee for use (say, $15 USD per user). How do you guys feel about this? Please submit comments to scramdisk@hotmail.com Windows Millennium Edition Support ================================= I've tried ScramDisk v3 under Windows ME and found no problems, though some other early adopters have reported problems with the graphical user interface drawing incorrectly intermittently. If we locate a bug we'll fix it ASAP! Linux Support ============= Andy is lead programmer for this recently started effort and things are progressing _very_ smoothly. I'm typing up a web page on our efforts which will hopefully be on the site "soon". A ScramDisk user has shown an interest in producing a (KDE based...) front end for the ScramDisk for Linux tools. SD4Linux will probably support more encryption algorithms than Windows SD (e.g. Serpent, RC6, RIPEMD for hashing etc) thanks to the *excellent* Catacomb encryption library by Mark Wooding (http://www.excessus.demon.co.uk/misc-hacks/#catacomb). New Web Site ============ Ok, the current site is ugly and a new site is currently under development. We will likely be moving hosting from www.scramdisk.clara.net to www.scramdisk.com & www.scramdisk.eu.org for the pay and free version of ScramDisk respectively. Security of ScramDisk ===================== I've been doing very extensive empirical testing of ScramDisk containers (e.g. I've created >20 CD's full of test containers!) for randomness. I'm pleased to report that I could not detect any of these containers from a "random" block of data. The containers were tested with: Diehardc, ENT & our own production of the FIPS140-1 tests. Expect a new web page soon detailing the precise results of the testing, but ScramDisk looks very good! The original ScramDisk code is currently undergoing a very close review as AJ & I are converting the code to Linux. No bugs at all found yet in our review.... I'm also preparing another paper (which will probably end up being merged with the randomness testing paper above) on the known security "features" of previous versions of ScramDisk and how to avoid any security issues. Review by PCWorld ================= Erm, apparently ScramDisk was given "Editors' Pick: 06/16/1999" - did nobody notice? ;) http://www.pcworld.com/fileworld/category/0,1460,system+security,00.htm l R.I.P. to our rights ==================== The UK House of Commons has just approved the Regulation of Investigatory Powers Bill (R.I.P.), a horrible piece of legislation that could mean that UK subjects go to jail for 2 years for forgetting a passphrase :( And this piece of legislation who claimed that they were e-commerce friendly: http://www.scramdisk.clara.net/other/labour_crap.txt "Attempts to control the use of encryption technology are wrong in principle, unworkable in practice, and damaging to the long-term economic value of the information networks. There is no fundamental difference between an encrypted file and a locked safe. A safe may be effectively impregnable in that the effort taken to open it would destroy the contents. An encryption algorithm, similarly, may be effectively unbreakable." See http://www.fipr.org/rip/RIPcountermeasures.htm for a whole host of ways in which a concerned citizen could maximise his privacy in light of this law. Regards, Aman (scramdisk@hotmail.com), Sam (SecurStar GmbH@mia.co.uk) & Andy (andy@scramdisk.eu.org). http://www.scramdisk.clara.net/ -----BEGIN PGP SIGNATURE----- Version: 6.0.2ckt http://members.tripod.com/IRFaiad/ iQA/AwUBOYmTKe0ty8FDP9tPEQLiigCeOlYgVJGNQ3nNzmilOQI9DSKO3xgAnjFC XH+wV6X0JNXl/rnBfapk8SSk =nBbF -----END PGP SIGNATURE-----