Hi Daniel, hi list, Daniel Kahn Gillmor wrote (28 Apr 2014 16:29:14 GMT) : > Truecrypt seems to be a popular encryption layer. I'm not a huge fan of > truecrypt because of their history of cagey licensing and source > obscurantism (they only publish the latest version of their source > code). but it can still be useful to read and write to truecrypt volumes.
Fully agreed. TrueCrypt seems to be a must for anyone who needs to inter-operate with the major non-free operating systems, but we dislike it to for the very reasons you are mentioning. We have on our roadmap to Tails 2.0 to replace TrueCrypt (that can currently be installed, in an opt-in way, at Tails boot) with something that suit our taste better: https://tails.boum.org/blueprint/replace_truecrypt/ https://labs.riseup.net/code/issues/5373 We try to (mostly) include tools in Tails that are usable by the general public, that is integrated with the desktop environment, or at least providing a GUI. This is why I think that our best long-term plan is to (have someone) add support in udisks, Nautilus and friends for cryptsetup 1.6+'s TrueCrypt support: https://bugs.freedesktop.org/show_bug.cgi?id=70164 If you know people who might be either interested in creating the needed patches, or able to pull strings so that this task moves higher on upstream's priorities, don't hesitate suggesting them :) I'll discuss the shorter-term below. > I recently discovered tcplay (in main in jessie and sid right now) ... and wheezy-backports, FWIW. > and it seems to work for me when testing with a trivial truecrypt > volume. [...] it seems like this might be something useful to have > available in Tails. Now that cryptsetup 1.6+ supports the TrueCrypt on-disk format, it's unclear to me what are tc-play's advantages, apart of being in wheezy-backports already, while cryptsetup 1.6+ is not. Note that Tails is still based on Squeeze, so I'm afraid none of these solutions are usable in Tails right now. Once Tails based on Wheezy is out (June 10), users can choose to install tc-play themselves from wheezy-backports if they wish, so the usecase you're talking of is basically covered. Now, I'm unsure if it would be worth installing tc-play by default, as 1. it cannot fully replace the "real" TrueCrypt yet; 2. most users who have the skills to use a command-line tool are also able to install tc-play themselves; and 2. I hope we can replace it with a udisks-integrated solution later. Thoughts? Thanks a lot for your input, cheers! -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.