feat+docu(EncFS): Deprecation warning in the GUI and details in whitepaper

[buhtz]

Related to meta issue #1734

Details and wording need to be discussed and developed.

• Create a "document" for users explaining easy the issue, the roadmap and how they can contribute and join the discussion.
• Where to put the document? Markdown in the repo as an entry point (landing page)?
• Warnings in the GUI (short and polite; linking to the whitepaper)
  • MessageBox: When an "SSH encrypted" or "local encrypted" profile is loaded in the GUI.
  • QLabel (red letters) in the Manage profiles dialog for existing "SSH encrypted" or "local encrypted".
  • MessageBox when creating a new "SSH encrypted" or "local encrypted" profile.
• Modify man page section "A NOTE ON SECURITY" according to the new situation.

[buhtz]

Here is a first draft as plain text and as screenshots:

MessageBox if GUI starts and one of the profiles is encrypted

The support for encrypted snapshot profiles is undergoing significant changes, and EncFS will be removed in the foreseeable future.

The following profile(s) use encryption with EncFS:

• Main profile (1)
• Foobar (8)
• ...

A decision on a replacement for continued support of encrypted backups is still pending, depending on project resources and contributor availability. Users are invited to join this discussion. Updated details on the next steps and alternatives are available in this [whitepaper]. This message will not be shown again. This dialog is available at any time via the help menu. Your Back In Time Team

QLabel in General TAB of Manage Profiles dialog

Support for EncFS will be discontinued in the foreseeable future. A decision on a replacement for continued support of encrypted backups is still pending, depending on project resources and contributor availability. More details are available in this [whitepaper].

MessageBox when new encrypted profile is created or the mode of an existing one is changed to encryption

Support for EncFS will be discontinued in the foreseeable future. It is not recommended use that mode for a profile. A decision on a replacement for continued support of encrypted backups is still pending, depending on project resources and contributor availability. More details are available in this [whitepaper].

[aryoda]

All of the three warnings are adequate IMHO.

I just propose some small wording changes due to "typos":

A decision on a replacement ~for~ or continued support of encrypted backups is still pending

Perhaps also the mode names could be improved to make it clear enough when EncFS is used:

• Local encrypted --> Local (EncFS encrypted)
• SSH encrypted --> SSH (EncFS encrypted)

Esp. "SSH encrypted" is misleading IMHO because SSH is (transport) encrypted but what we mean here is "at rest" encryption.

[buhtz]

Thanks for the feedback.

I just propose some small wording changes due to "typos":

A decision on a replacement ~for~ or continued support of encrypted backups is still pending

Not sure about this. I would keep it as it is because the "support of encrypted backups" is a consequence of a "EncFS replacement". Or don't I get it? :smile:

Perhaps also the mode names could be improved to make it clear enough when EncFS is used:

* Local encrypted --> Local (EncFS encrypted)

* SSH encrypted --> SSH (EncFS encrypted)

I support that idea. But I would work on that in a separate PR after the upcoming release. The code around that is quit awkward and I am not sure if there might be side effects with modifying that labels currently living in a dictionary (common/config.py::Config.SNAPSHOT_MODELS).