I think this might be the perfect solution to our overactive Simian’s desire to start something with Iran: Armageddon USB Hub
Anyone wanna volunteer to sneak in his office and hook it up? Or could we get Illya Kuryakin or Barney Collier to come out of retirement?
Believe me, every man has his secret sorrows,
which the world knows not; and oftimes
we call a man cold, when he is only sad.
- Henry Wadsworth Longfellow
[Discovered in a delightful blog, The Sheila Variations]
Not bad. Not bad at all. Although in the age of the blog, when no sorrow could haunt, no song enchant, no snub offend, no sparrow fall, without an attempt to utter it definitively, the secret sorrow is on the endangered list.
It reminded me of a happy moment on the way to work with Kelly back when I was working on IR&D Project 944 (I could tell you, but then…). For some reason we got to talking back and forth in the rhythm of “Hiawatha”, and when I got in to my lab, I wrote my status report in the same rhythm. It began:
By the shores of Alabama’s
Tennessee, o mighty river…
And was followed by an actual report on weekly status, in the same BOOM – boom – boom – boom rhythm. I don’t remember much of it except for one snarky line (which I censored before submitting, but let the other folks in the program in on the secret):
We owe much to Little Hitler
It finished with something like:
Henry Wadsworth Longfellow, may
Your name rot in hell forever.
Endless trochees, not a single
Spondee to relieve the rhythm…Go now, my report is finished.
I hated status reports, the moreso when my boss’s expectations were raised by that one. I never achieved that standard again, though I came close when I characterized the posturing and snottiness we encountered on a road trip to Williams AFB as “macho bullshit” and recommend that the only work we pursue with them should involve the generous application of andirons to their testicles.
From USA Today: 95 percent of Americans had premarital sex. I’m among them, as I suspect are my adult children, but a natural revulsion for even considering that idea prevents my knowing for sure. They assure me they find the idea of our having sex similarly disgusting. This is inexplicable.
But we’ve strayed. It’s looking like the decades-long PR storm from highly influential religious conservatives about staying pure before marriage has turned out to be about as effective as “gay cures” and scientific creationism. A skateboard-sized religious dogma colliding with a locomotive-sized reality. Or an (arguably) good idea that folks who call themselves “Christians” support vociferously, but don’t actually do. Like tithing.
Naturally, the current conservative Republican administration is spending “millions of dollars” on abstinence-only education programs.
I think it’s about time to start saying that if only 5% of us actually practice premarital purity, that takes believers in this dogma out of the category of “vocal minority” (like the 30% or so who still support the President’s war in Iraq), knocks it down below “fringy” (like people who believe in alien abductions or who would vote for an atheist for President), and drops it straight into the bucket of “weird little cult” (like people who think Rhodes Scholars are members of a secret cabal, fans of Eric Rudolph and Timothy McVeigh, or wearers of magic underpants).
Dogs can understand quite a number of words. If you ever doubt it, just say the B-Word and watch your dog totally spazz out. Dogs have very little cool to begin with and seldom have any cool in reserve. The B-Word totally depletes whatever supply they had and turns them into gibbering, out of control idiots, possessed by the idea that they must have that braunschweiger.
We have a euphemism for the B-Word that we use when we need to deceive the dog: German paté.
If you’re a new dog owner, do not put braunschweiger on your finger and expect your dog to lick it off. You’ll discover that your ability to do that a second time has been reduced by 10%.
From this morning’s Washington Post (free registration may be required), an article on weapon use by chimpanzees. The authors found that male chimpanzees were sharpening sticks into spears to brutally attack bush babies sleeping in tree hollows before pulling out their battered bodies and eating them – consistent with the more aggressive and bloodthirsty tendencies of males.
No, wait. I got that backwards. Here’s what they actually said:
females — the main makers and users of spears among the Senegalese chimps — tend to be the innovators and creative problem solvers in primate culture.
I can never keep my stereotypes straight. Brutal attacks on bush babies carried out by armed female chimps is creative innovation.
I recently read a prepublication work on the evolutionary origins of moral intutions which has got me thinking. The idea was that our moral intuitions come in two flavors – agent neutral and agent relative intuitions, that these are built-in (courtesy of evolution), and that these lead to conflicting results. So when we face a moral quandary, what we are really facing is a conflict between our agent neutral and agent relative intuitions. An agent relative moral intuition would be the kind that makes us feel more of a moral urgency to provide financial assistance to our aging parents (say) than to an anonymous family in Darfur. Whether you think such a stand is correct or not, it’s hard to deny the impulse. An agent neutral moral intuition would be the kind that gives us approving feelings about something like equal application of the laws, or that gives us disapproving feelings about nepotism. I’m not sure this dichotomy really covers all the moral quandaries, but it certainly points out at least one distinction in our moral intuitions: the nepotist, for example, has the moral intuition that he should be helping out his nephew. The other applicant for the job has the moral intuition that he should be choosing the best candidate irrespective of blood ties.
I’m interested (for this forum) in the agent relative moral intuitions. I’m going to make a couple of abstractions here; one is that moral intuitions are intuitions about helping behaviors, and the other is that our intuitions about these helping behaviors evolved due to prisoner’s dilemma type interactions. (more…)
![[Kevin & Kell cartoon]](/images/kk20021108.gif)
You’ve got to understand something. Kelly wasn’t just a local Baltimore girl, she was the hottest woman on the entire Hopkins campus. Her visits weren’t just noticed, they were newsworthy.
Hopkins was a men’s school, a dinosaur from the 19th century’s attitudes about women and scholarship. And while a 21st century person might think male-only campuses encouraged Teh Gayz, in fact, those colleges were hotbeds of heterosexuality. Well, except Princeton. 
We simply went off campus to stalk our prey: Goucher College was an all female college with some academic reputation a convenient bus ride away. Then there was Hampton House downtown (the Hopkins school of nursing), Notre Dame a couple of miles North of campus, and just a couple of blocks East of campus Union Memorial Hospital School of Nursing. Some of us sought out female musicians from Peabody or students from Baltimore Junior College, Mount St. Agnes, or University of Maryland Baltimore County.
Despite all our cross-town raiding, a substantial amount of energy from our raging libidos was no doubt sublimated into study, and I wonder if today’s mixed male and female Hopkins students work as hard as we did. I think so. I can’t imagine an instructor forsaking the hallowed Hopkins tradition of total conviction that his or her course was the only one worth paying any attention to, and that the students would surely agree if they were just given enough hard work to do. So being able to retire back to a more monastic life on campus when the work demanded it probably contributed to a number of us graduating who otherwise wouldn’t have.
I didn’t deliberately seek out a men’s school, but I wasn’t put off by it, as perhaps guys with more successful high school dating experiences might have been. Not to put too fine a point on it, I was a total dweeb, desperately uncomfortable with the female of the species. I did discover women eventually, but that’s a story for another time. Just say that I’d have felt almost any girl was out of my league. Kelly? Unthinkable.
I first met Kelly when I was program director of WJHU, and one afternoon (which might give you some idea of how seriously I took that job) I saw the signs advertising the new radio show: “KELLY!”, screamed the signs. An actual female on our air. I showed up and saw a sultry young woman with long auburn hair, partially draped (she and the hair) around Bob Miller, the station manager — so that’s how she got on the schedule.
And I heard a deep, equally sultry voice, a voice that simply didn’t belong on the radio. A voice with almost no high frequency harmonics. It helped her sing in a gorgeous, creamy low alto/high tenor voice, but over a microphone and pumped via carrier current to AM radios, it was simply incomprehensible.
But then WJHU wasn’t that picky. We had Al Bothe, who had the thickest Boston accent in captivity, Hamilton Easter with an equally thick South African accent, Doug Yriart and his on-the-air partner whose name has fled my memory who talked in phony Eurotrash accents, and Greg Novick who talked like a black guy. So, although Kelly claimed I married her to keep her off the air, in fact she didn’t stand out all that much from the mumbling misfits who made WJHU what it was.
And she certainly was a sight for sore eyes. She and her engineer (first Bob, then Eddie Howard, who had a first class license and weekended on WBAL, then me) did the show from the engineer’s room, and the studio where the announcer usually sat was full of spectators, noses pressed against the glass, tongues hanging out.
If you don’t understand that, you don’t understand Kelly and why she was the most remarkable thing to happen to me. Or rather, you wouldn’t understand the first part of it. I’ll be writing more about Kelly soon. I certainly need to. Today would have been our fortieth wedding anniversary, and I miss her with my whole body and soul and heart.
There are two kinds of humor. One kind that makes us chuckle about our foibles and our shared humanity — like what Garrison Keillor does. The other kind holds people up to public contempt and ridicule — that’s what I do. Satire is traditionally the weapon of the powerless against the powerful. I only aim at the powerful. When satire is aimed at the powerless, it is not only cruel — it’s vulgar. – Molly Ivins
And yeah, Tim, I could probably find some left-wingers who use mocking the powerless like that, but turning it into the canvas on which their political text is painted… that was the unique achievement of American conservatism. To which they added: mocking the powerless on behalf of the powerful.
It shows a fundamental hollowness in the politics of the Right: a hole in the place were the rest of us have values.
The only thing that allows me to maintain my slender grip on reality is the relationship I have with my collection of singing potatoes. – Chris Davis
Via the AWNUTS list, home of the 0-2-0 locomotive.
The gang on one of our favorite shows, even though we can’t get it here (Top Gear) painted some colorful slogans on their cars and drove across Alabama. Hilarity ensued.
![[Joanie Sommers]](/images/joanie-sommers.jpg)
A few days ago an article I wrote turned out to be a real “plop”. It was a “name that singer” contest, and the answer was Joanie Sommers. I grumbled a little to myself. After all, David did the same kind of thing — he’s the one I stole the idea from — and he got a couple of responses. What am I, chopped liver? But then I figured it out: I’m so old I’m the only one reading this blog who knows who Joanie Sommers is!
Some folks may know her vaguely from the hit song “SWF Seeks SWM for Abusive Relationship“. And if you never wanted to get down on your knees and thank God there are some progressives in this world who are willing to stand behind their belief that all people are worth something, just get a load of these lyrics:
Every girl wants someone who
She can always look up to
You know I love you, of course
Let me know that you’re the bossOh Johnny get angry, Johnny get mad
Give me the biggest lecture that I ever had
I want a brave man, I want a cave man
Johnny show me that you care, really care for me
Joanie had aspirations far above bubblegum, and when I was a youth, she appeared on a bunch of variety shows showing her legitimate chops. She was peppy, she was perky — she was, in fact, the apotheosis of perk, which is why “Round Midnight” was such a desperately bad choice of songs for her. She was a Deborah Gibson before her time.
And one more thing: to this writer, through whose veins were raging the hormones of puberty, she was hot.
That’s why I remember Joanie Sommers.
Circulating around the intarnets, Confessions of a (Former) Smooth-Jazz DJ – alas, anonymous. All the citations mention that it appeared in JazzTimes Magazine, but it’s not on their site.
Which is a pity, because there’s a fascinating point of view there that deserves some dialogue. Please forgive a hefty quote:
[T]he false illusions about smooth jazz come mainly from the fans. As opposed to many of the players, the fans actually think that the funk-lite-instrumental-pop music they enjoy really is some manner of jazz.
I remember one morning, after I played some smooth-jazz saxophone instrumental, the computer-generated playlist directed me to play Stevie Wonder’s “Superstition,” a song I’ve always liked. About halfway through the song, the telephone rang. I answered it and a very stern gentleman said, “I just wanted you to know that I’ve turned off my radio. I’m a smooth-jazz aficionado and this pop crap that you throw in there isn’t jazz.” It took every ounce of restraint I could muster not to say, “But, sir, you don’t seem to understand. None of the music played on this station is jazz. None of it!”
And, of course, that’s exactly what drives mainstream-jazz lovers, nuts: It’s not jazz! Smooth jazz has taken a beating for years only because the word jazz somehow found its way into the marketing of the genre. If it was simply called “smooth music” only the people who liked it would be paying any attention to it at all. And if that was the case, all those anti-smooth-jazz screeds and flame wars would disappear from the Internet and there would be much more room in cyberspace for other equally futile and unimportant arguments.
But that won’t happen. It’ll continue to be smooth jazz until it has run its course and fades away. Until then, smooth-jazz players and their fans will go right on having a good time with each other no matter what you or I say. And more power to them. There’s not enough happiness in this world as it is.
Smooth jazz isn’t jazz. What a concept! In fact, I’ve evidently been playing an old-fogier version of smooth jazz for many years. And it explains a puzzling experience I had back in Tulsa.
I’d sat in with a rehearsal band run by a friend of my wife’s husband and had a ball with them. They were a big band, a jazz band, with good players and good charts. And they didn’t seem to hate my playing (I actually got some “Yeah!”s). After one session Ted, the leader, told me the facts of life: the person who held down the piano chair couldn’t carry my music stand, but she’d been in the band for years and that counted for something. Since I once told a bass player who wanted to play with me the same thing (and later found out that, in return, he’d blackballed me in Sig Ep), I could certainly understand, and I told him I’d be happy to sub anytime he needed a player.
Not long afterward Ted was kind enough to recommend me to sub in a very good dance band — 4 or 5 horns plus piano, bass and drums. They had a book and everything. But when it was time for piano solos, the leader kept telling me “just play the melody.” I thought he was kidding. He wasn’t, and for that and a good number of other reasons (not one soul in that band had been listening to Live Aid which was on that day, which might tell you something), it wasn’t a happy night.
I didn’t get it then, but I do now: I was breaking the genre by soloing out of a jazz tradition. It was a very tame jazz tradition, inspired by Dave Brubeck and Bill Evans and legions of bread and butter piano players, and without a hint of Cecil Taylor or Paul Bley: while I admired those guys, I wasn’t prepared to play like them even if it had been appropriate. And the tradition I played in served me well in the pickup bands I’d put together in school and the band at the monthly senior citizens’ dances at the YWCA, where I’d not only enjoyed playing but had been appreciated by the folks on and off the stand.
But even the sparing amount of vanilla jazz I was used to playing disrupted what was, at bottom, a dance band, a sweet band. I didn’t get it, and at the end of the evening I grabbed the money (it was compensation for missing the end of Live Aid) and was happy to split. The leader probably gave poor Ted an earful about that hippie jazz freak he’d recommended.
Says this bird: smooth jazz-kind cannot bear very much real jazz. And smoother jazz-kind can’t bear any at all.
Which is why Ramsey Lewis is taking a hell of a chance. But I’ll talk about him another time. Discuss this among yourselves.
Every now and then on the alt.binaries.sounds.* newsgroups, some folks dig into their collections and post as many different versions of a song as they can find. For instance, thanks to some posters last year, I’m up to my ears in “My Funny Valentine”s.
And now on alt.binaries.sounds.mp3.1950s, someone must have asked one of the regulars to “Play it, Sam.”
The fundamental things do indeed apply.
Later: the “Chordettes” on the version by the Buffalo Bills & the Chordettes aren’t the Chordettes you’re thinking of (“Lolipop Lolipop”) but a female barbershop quartet who, as far as I can determine, don’t actually sing on this cut. Tiny Tim sounds touchingly sincere. Burl Ives was badly advised. And Billy Eckstine is unbelievably smarmy.
And now on the same newsgroup, the same poster is doing the same thing with a mega-hit from my childhood: the Tennessee Waltz.
Did you ever read something like this, bewailing the sad state of jazz?
During the past decade, the vast majority of jazz stations across the U.S. have either dumped the style entirely or switched to the so-called smooth-jazz sound — a watered-down approach dominated by pop-oriented instrumentals and creamy R&B.
As “Arturo” pointed out in a recent posting to a list for jazz programmers, there’s only one thing wrong with that statement: it never happened.
[Reporters] are just lazy and assume that current smooth stations were formely mainstream jazz outlets. Has there been any non-com FM jazz stations that have switched to smooth? I don’t know of any, to classical, news or talk-yes but not to smooth. I also know of a few stations that mix both formats or are split formated. In fact to the best of my knowledge not even the commercial jazz stations switched to smooth way back when.
The closest thing anybody on the list could come up with was this:
KJZZ was mainstream jazz and went to smooth or what we called “contemporary jazz” in the 80s under music director Bill Shedd, who many of you old timers know. The response from the jazz community was quite intense and angry and there are still some relationships that have not been mended. In 1995 because a smooth jazz station with music director Nick Francis came into the market and greatly affected our numbers we went back to NPR news during the day and real jazz at night and have been doing that for 12 years now. – Blaise Lantana, Music Director, KJZZ Phoenix
Go listen to some real jazz today. You don’t have to worry: they aren’t going to switch over to smooth jazz on you.
To help you out, here’s the Official Ex Cathedra Jazz Radio Station Easy Listening Kit [13.4kB Zip archive]. A cornucopia of bookmarks for WinAmp and Media Monkey, mostly jazz, but some classical, freeform, and indie stations in there too.
This is part 4 of an article on using TrueCrypt, a free, open source, on the fly encryption utility for Windows and Linux. Here’s the other parts:
Last time I talked about using TrueCrypt on a file-based volume, and I reported that, unless you were running some heavy background tasks, you almost certainly won’t be inconvenienced by the extra time the encryption and decryption take, and you may not even notice any time difference between reading and writing an encrypted volume and reading and writing an unencrypted volume.
I also reported on using a hidden volume, which worked exactly as advertised: enter one passphrase and TrueCrypt will mount the regular volume; enter another passphrase and it mounts the hidden volume.
I decided to take it up a step, from a 700MB file to an 80GB USB drive I had lying around. You know how it is with disc drives: unless the drive is broken, it’ll never be empty. So while I wanted to test a device volume by formatting the whole disc, I didn’t have enough convenient places to stuff the files that were already on it, so I ended up making a 50GB partition.
They warn you that seek time will be hideous if the file is seriously fragmented, so I defragged the disc on the USB drive. Since I only had USB 1.1 on the ancient laptop I was using, that took a whole day. And then when I had TrueCrypt format the volume, that took another day. I just about gave up on the idea of putting a hidden volume in there, but I figured, in for a penny, in for a pound, and to my delight I discovered that it only took a few seconds to format the hidden volume.
Then I experimented with adding files to each volume. That’s not quite as straightforward as it sounds. There is no way for TrueCrypt to know, even after it’s mounted the outer volume, that there is a hidden volume. If it could tell, so could an adversary. But when you’re writing to the outer volume, it’s kind of important to keep from writing on sectors that have been set aside for the hidden volume. Hmmmm. Fortunately, there’s a way around this. When you mount the outer volume, and before you write anything to it, select the “Mount Options” button on the Mount dialog box and you’ll see another dialog box like this pop up:
![[Dialog box that lets you protect an outer volume]](/images/protect.png)
Click the checkbox to protect the hidden volume and enter the passphrase for the hidden volume in this window. Enter the passphrase for the outer volume in the other Mount dialog box (that’s where you usually type it). If you typed both passphrases correctly, you’ll get a verbose little dialog that tells you that you were successful. Now you can write to the outer volume without having to worry about messing up the hidden volume.
Notice that, if you’re writing to the hidden volume, you don’t have to do anything special. When you had TrueCrypt format the volume, it already allocated all the sectors it intends to use, and the hidden volume knows where all its sectors are.
No sooner had I finished setting up my 50GB volume (with a 25GB hidden volume inside) and transferred some files to the two volumes to test it out, my computer died.
I considered that an opportunity! I copied the 700MB file to my new laptop, slipped the CD where I’d burned another volume into the CD drive, plugged the USB drive into my laptop, and they all worked fine. I know, these encrypted volumes shouldn’t have required any information from the computer that had created them — that information could probably serve as a back door to clever cryptographers. But it’s nice to see it with your own eyes. If you’ve got the file and you’ve got the password and you have TrueCrypt installed on any machine, you’re in.
Sometimes when I mounted a volume, it came up like a removable drive: no Recycled folder, no System Volume Information folder, and when you delete a file it’s gone. Other times it came up as an internal drive: those folders were present, and when you deleted a file on that volume, it went to the recycle bin, where it could be retrieved. And I think that indeterminate way of mounting a volume got me into trouble. Somewhere along the line, I ended up with a folder on my outer volume whose files and subfolders had nonprintable names. And unless you were very, very careful (e.g., don’t write to the volume root), you could get an error message and the files wouldn’t save.
Note to self: when you’re writing to a removable drive and it uses buffered I/O, use Copy, not Move. Fortunately, none of the files I’d put on there before were hosed, and it wasn’t very hard to replace the files that I only thought I’d copied. And too, the inner volume kept working fine. But I was suspicious, so I decided I’d better get the files off that disc as quick as I could.
After burning a few of the larger files to CD, listening to others and deciding I didn’t like them anyway, and stuffing files here and there, I ended up with an empty 80GB drive. I formatted it like before (except that with the new PC and a USB 2 interface, it only took 2 hours.
![[The TrueCrypt options I normally run with]](/images/tc-prefs.png)
I found an Options dialog, and sure enough, you can tell TrueCrypt to always mount volumes as removable. I can live with the pain of having files go away forever when I delete them (that’s what backups are for) so long as I can be sure that the only time the computer writes to that volume is when I tell it to.
After I started mounting volumes as removable by default, I haven’t seen the glitch return.
By the way, I’m in love with device volumes. Unless you really do have a need for layers of security, the device volume presents such a blank, featureless face to an attacker that I can’t see why you’d use hidden volumes on a device volume.
There’s another couple of options I have checked in that last figure that I’d like to mention. By default I mount volumes as read-write, not read-only (when I need to, I can do that using the Mount Options dialog). If you enable the “background task”, whenever there’s a volume mounted, when you exit from TrueCrypt it’ll stick around in the tray. When you’ve dismounted the last volume, exiting from TrueCrypt makes it exit for real. Very slick.
And I’ve also got it set up so that if I wander away with a volume mounted and the thief doesn’t grab it right away but waits long enough for the screen saver to come on, TrueCrypt will dismount the volume automatically. I don’t understand enough about power saving mode to know whether it’s a good idea or a bad idea to check that box, so I left it unchecked.
TrueCrypt puts headers on your volume (they’re encrypted, of course). Your passphrase decrypts the headers and then the headers let you go find the sectors where your files are. Obviously losing those headers is a very bad thing. So, just in case, TrueCrypt lets you save the headers from all your volumes in a set of files you’d hopefully back up 6 ways from Sunday. The headers never change, unless you change your password, so you can save them early. Since some volumes have hidden volumes inside them and others don’t, TrueCrypt saves not only the outer volume header, but the sectors where the hidden volume header would be if there is one.
One fairly substantial limitation is that you have to figure out the size for your volumes before you create them. You can’t make them bigger or smaller. Well, actually there’s a way using sparse NTFS files to make a partition that can grow, but (a) it doesn’t support hidden volumes, and (b) I didn’t understand it and didn’t want to try it. Help yourself if you want.
Also (this is on their to-do list) you have to use printable ASCII characters for your passphrase. This isn’t a huge annoyance compared with systems that restrict password length to something ridiculous or rule out spaces and punctuation.
This is a limitation on this review, not on TrueCrypt: There’s a “traveler mode” that I haven’t played with enough to say if it’s useful or not.
TrueCrypt allows you to specify one or more keyfiles that are to be used in conjunction with your passphrase. If an adversary has installed a keylogger on your computer, he still won’t be able to access your private data without knowing the name of the keyfile (which you hopefully have always selected with a dialog box rather than typing in the filename). I don’t like that much: it seems to me if you’ve got one volume and a passphrase to keep track of, you might just succeed. If you’ve got a volume, a passphrase, and a bunch of files to keep track of — all of which you need to get at your data — you’re fixin’ to have a bad experience.
Finally, TrueCrypt has a bunch of options that let you do things like make a list of favorite archives, remember the archives you’ve opened, and cache passwords. Every one of those things sounds like an awful idea. I ain’t doin’ it.
As soon as you dismount a volume with TrueCrypt, the data in it is unreadable until you mount it again. But what about other ways of exiting? I’ve discovered a couple of things so far.
First, if you unplug the USB cable from a device volume, the volume automatically dismounts. If there was data in the buffer on the way to the USB drive, it may get lost, so I don’t recommend it. Nevertheless, it works. Ditto for rebooting the computer and powering it off. And I’ve got TrueCrypt set up to dismount volumes whenever the screen saver kicks in. So all kinds of actions, including doing nothing, will dismount a volume and leave you in a secure state.
Ejecting a CD that has a file volume on it from the CD drive is a bad idea, since Windows pops up a huge stack of annoying dialog boxes. But if you do it and then stick the CD back in, TrueCrypt does not dismount the volume. So be warned!
But remember, the alternative is a three-step process: (a) decrypt the files, (b) work with the files, and (c) encrypt the files. With on-the-fly encryption programs, the process becomes (a) mount the volume, (b) work with the files, (c) dismount the volume. While that doesn’t look like much of an improvement, in fact mounting and dismounting the volume take seconds, while encrypting the files can take so long that sometimes you won’t do it.
And too, with TrueCrypt your files are never put on disc in an unencrypted state. I’m not going to dwell too heavily on that point, because Windows and the *ixes I’ve used have no compunction about maintaining scratch files and paging files on the disc. And applications often make scratch files of their own. Still, the artifacts left behind by applications and the OS may turn out to be so difficult to retrieve and reconstruct that you’ve effectively denied the information to an adversary, particularly casual snoopers like laptop thieves and dumpster diving neighbor kids.
So all told, I think TrueCrypt is a keeper. More than that, it’s a “user”: I’ve already inventoried my private data and put it in an encrypted volume, so I’ll be keeping my private data private from now on, and I’ll be using TrueCrypt to do it.
In the middle of upgrading from WordPress 2.0.x to 2.1. Unfortunately, the visual editor stopped working when I did it the first time, so I had to do a clean install. It may take a little while to copy all the styles, plugins, pictures, media files, etc. from my previous installations.
In the meantime, if you want to write an article, I’d recommend hitting shift-reload when the editor comes up, to get rid of anything in cache.
While you’re waiting, courtesy of Good Morning Silicon Valley, Wikipedia’s list of unusual articles.
Later: OK, should all be back as it was. Let me know if you find anything broken or missing.
Never having seen a good idea I couldn’t make my own by the simple expedient of grabbing it and stuffing it in my pocket when nobody’s looking, here’s a mystery warbler [4MB MP3]. And this time, you don’t have to name the tune or the composer, which you already know, just the singer. I’ll spill the beans Monday or so. And criticism is welcome. You might want to ponder on the curious fact that this was recorded during the heyday of the “A&R man”.
TrueCrypt is a free, open source, on the fly encryption utility for Windows and Linux.
Leo LaPorte and Steve Gibson gave TrueCrypt glowing reviews on GRC Security Now, but I’d also read some nice things about Microsoft Private Folder, and when I tested it myself, I found it absurdly under-featured, buggy, and prone to some user interface horrors that were sure to keep Microsoft’s support lines ringing.
I’ve already written about why you might need some encryption tools, after which I discovered — thanks to Justin’s comment — perhaps the best reason of all to have some files whose contents are protected from view: computers (especially laptops) get stolen. Then I reviewed some of the reasons you might want a tool that has more capability and is easier to use than PGP. Now it’s (finally!) time to talk about TrueCrypt (v4.2a) and how it works.
Installation was straightforward, with no surprises. At the suggestion of the website, I opened up the User’s Guide, a lavishly illustrated 105-page PDF document that gets installed along with the program, and followed the Beginner’s Tutorial on page 6.
The first thing I tried was to create a file-based volume. Using the wizard, I had TrueCrypt create a file called Test under My Documents. I set the size to 700MB, formatted the volume (which filled the file with random data and took about a minute on this 1.6GHz laptop). Then I gave it a passphrase. The wizard calls it a password, but unlike Microsoft Private Folder, which got the flibbertigibbets if you had the effrontery to try to put a space in the password, TrueCrypt accepts any printable ASCII character, including spaces.
I exited the Create Volume wizard and went back to the main TrueCrypt window. I selected a drive letter (M:), pointed to the file, and selected Mount. I was prompted for my passphrase and after a few seconds the path to the file appeared beside the M: drive in the mounted volumes window.
I brought up Windows Explorer and observed that I now had an M: drive (if you already have Windows Explorer open, you may not see the drive letter or volume name in the left-hand folder view pane of Explorer — go back up to My Computer and look in the right-hand pane or exit out of Explorer and start it again — I believe this is a bug in Windows Explorer).
I copied some files into the new M: drive: pictures, text files, MP3 files, and videos. Then, in the TrueCrypt main window, I selected the M: drive and clicked the Dismount button. Poof, the M: drive disappears. Note that if you leave the Windows Explorer window open to the M: drive, TrueCrypt will caution you that the drive is being used and asks whether you want to force the dismount. After running into this at least 20 times, I can report I never got into any trouble when I forced a dismount. Your mileage may vary, of course.
I went back to TrueCrypt and remounted that file-based volume. Then I went back and had a good play with the files. I didn’t notice any difference with any of my apps between the file on the encrypted volume (my M: drive) and the same file on a non-encrypted volume (e.g., my C: drive). Evidently this laptop’s 5400RPM SATA drive is slow enough and its 1.6GHz Celeron CPU is fast enough that the decryption (using the default algorithm, AES) takes place below your attention threshhold. It goes so fast, you have to check that it’s working and you aren’t copying from one non-encrypted volume to another. The extra CPU load does show up in background applications, which run considerably slower when the system is encrypting or decrypting files (e.g., while you’re copying a large number of files to or from a TrueCrypt volume).
I tried pretty much everything: copying files to a folder in my encrypted volume; saving the files from an application to an encrypted volume; downloading files to the encrypted volume with Xnews; executing a file on the encrypted volume. In every case, the encrypted volume acted just like an unencrypted volume. It might as well be a hard drive. Is TrueCrypt fast enough on an average computer that it won’t annoy most users? Definitely.
Next I burned the file on a CD (that’s why I chose to make the file 700MB in size) and mounted the file from its location on the CD. Once again, no appreciable difference, except that you can’t write to the volume. Note that you can’t mount the CD as a device, you have to mount the file on the CD.
So let’s summarize: when you create and mount a file-based volume, it acts precisely like any other volume, and if you aren’t running other CPU-intensive applications at the same time, you may not even notice the difference.
But! If you dismount the volume, not only do the contents of the files in that volume disappear, so do the names of the files and the names of any subdirectories you might have made. If you do a hex dump, the file looks like it’s filled with random data. All you’re left with is a file (in my case a file called Test under My Documents) and the existence of that file is the only clue that there’s anything hidden. What files and directories might be inside that file? You can’t tell unless you open it with the passphrase.
The documentation suggests you do not use the default extension (.tc) for TrueCrypt files. And in fact my file, Test, had no extension at all. If you do give it the .tc extension, it will automatically open up TrueCrypt when you double-click on the icon in Windows Explorer. The documentation suggests you give the file a plausible file extension, based on the size of the file (a 700MB .ico file might look a little suspicious). But if you hired me to search a computer for suspicious files, it wouldn’t be long before I tried viewing every image, watching every movie, listening to every MP3 file, and so on. And a laptop thief or casual snooper isn’t likely to spend very much time attacking the encryption on your private data even if he knows where it is.
So that kind of amateur steganography (a) won’t deter highly motivated adversaries for very long, and (b) if you name your file to, in effect, say “Here’s where the private data is,” you won’t be giving less capable adversaries anything of value.
Still, wouldn’t it be nice if you didn’t have to reveal even the existence of your private data? That’s where hidden volumes come in.
I had some room to spare inside my Test volume, so I brought up the Create Volume wizard again and told it to create a hidden volume inside my Test volume. You need to take a little care reading the windows of the wizard, since TrueCrypt will let you create a new regular volume and a hidden volume inside it, or create a hidden volume inside an existing volume. I chose the latter. TrueCrypt told me how much space I had available for that volume, I chose something a little smaller, I supplied a passphrase, and I was done.
Here’s the cool part: if I select Test and give it my original passphrase, it opens the original volume. If I give it the new passphrase, it opens the new volume. As far as an adversary knows, there’s only one volume there. The very existence of the second volume is invisible. As the manual suggests, you can create a volume where you’ll hide some data you don’t want people to see, and then inside it create another hidden volume where you can hide data you really don’t want people to see or even know you have.
I tried for some time to think of data like that. My collection of Bulgarian dwarf porn? No, that’s on my website www.bulgariandwarfporn.com, and I’m earning a nice little income from it. Classified data I’m transporting? No, I have no desire to spend the next 20 years in a small room with a guy named Bubba who thinks I’ve got pretty eyes. But thanks for asking. Passwords and keyrings? While they require extra care, I don’t see how you benefit from hiding their existence. Finally I found a suitable subject: a video shot from a Fairmont Speeder on a club outing. If an adversary even suspected you had such a video, he’d almost certainly ruin your keyboard with drool.
Actually, I did figure something out: if the RIAA aren’t going to sue you over your jazz MP3s, but they would sue you if they suspected you had pop MP3s, you could create a container called “Jazz” and inside it have a hidden volume of pop MP3s. And that led us to pump up the size a little, and also led to our first glitch with TrueCrypt.
And that looks like a good place to stop. Next time: USB drives, the glitch, avoiding the glitch, and device volumes.
Happy
Happy
Happy
Happy
Happy
Happy
Happy
Happy
Happy
Happy
Birthday to Philip Glass. 70 yesterday.
(May I recommend “Akhnaten” to the curious….)
You are currently browsing the Old Ex Cathedra weblog archives for February, 2007.
