Truecrypt

[ghost]

Some months ago the following alert has been published on the official TrueCrypt website:

WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

Currently the TrueCrypt binary is embedded on the freepto repository

https://github.com/AvANa-BBS/freepto-lb/blob/master/config/includes.chroot/usr/bin/truecrypt

We should remove the binary file and the following related files:

https://github.com/AvANa-BBS/freepto-lb/blob/master/config/includes.chroot/usr/bin/truecrypt-uninstall.sh
https://github.com/AvANa-BBS/freepto-lb/tree/master/config/includes.chroot/usr/share/truecrypt
https://github.com/AvANa-BBS/freepto-lb/blob/master/config/includes.chroot/usr/share/pixmaps/truecrypt.xpm

NB: Since this action is with very low impacts, I have added it to the milestone v1.0

[boyska]

Truecrypt support in freepto has always been half-broken. I agree that we should remove it. The commit looks good to me.

[ghost]

Since there is nothing to test, I think we should moving forward. @boyska could you merge this commit?

[boyska]

I think we should need consensus about this, but @paskao is often AFK in this period. If you are convinced that it is fine to just merge, I'll do

[ghost]

could be reasonable define a time limit for the consensus? maybe we should discuss about this on our mailing list.

[boyska]

I think that in the next few days we could have an answer about this

[boyska]

Me and @paskao are considering that until we have tcplay, it should remain. But we should really hurry to have cryptsetup 1.6. For reference, this is what tails-dev decided: https://mailman.boum.org/pipermail/tails-dev/2014-August/006608.html I think this is a reasonable plan: show deprecation for now, introduce tcplay in some months.

BTW, their installer is much nicer than ours: http://git.tails.boum.org/tails/tree/config/chroot_local-includes/lib/live/config/2030-install-truecrypt

[boyska]

Me and @paskao propose to do a wrapper similar to the one in tails that clarifies that

1. truecrypt will soon be removed from freepto
2. users should stop using truecrypt
3. if the goal is sharing encrypted files with proprietary operating systems, this is probably a bad idea
4. we are only keeping it for retrocompatibility

[ghost]

issue handled in this repo: https://github.com/vinc3nt/truecrypt-anche-no

included as submodules in this branch: https://github.com/vinc3nt/freepto-lb/tree/truecrypt_anche_no

[boyska]

@vinc3nt: is there an img we could test?

[ghost]

no testing-needed labeled added yet because no there are no images available for testing.

something with submodules build went wrong, anyway in order to troubleshoot this issue we need to have our freepto building process fixed (broken due to tor gpg key expiration).

[boyska]

Just remove config/archives/*tor-repo* (for this build only, of course!)

[boyska]

@vinc3nt you are using a version of auto/build that doesn't have any support for building packages in submodules. That support is currently in boyska/pkgs which you are not using.

As I said previously (see https://lists.autistici.org/thread/20140829.225000.16e3dd97.en.html ) is important, for this exact reason, that the pkgs branch gets merged into avana/master or this kind of situation will happen.

[boyska]

I tested in boyska/integration ( http://dev.freepto.mx/dev/boyska+integration/140901_12.05_v1.0alpha1-48-g94d9a43-it/ ) that it works fine. Also, the italian localization works. Launching it with LANG= truecrypt-anche-no shows the english version, which is correct.

I noticed that running

truecrypt-anche-no --help

does NOT show the help window. This is different from truecrypt --help.

I suggest that exec /usr/bin/truecrypt is replaced with

exec /usr/bin/truecrypt $*

[ghost]

The package should be modified in order to use "alternatives". In the meantime it should be good enough to close this issue.

The build g69a1017 include the new package: qemu/kvm virtualbox

[boyska]

Ok, closing this. avana-bbs/truecrypt-anche-no#2 refers to the "alternatives" thing.