Porting TrueCrypt

Question

18

Porting TrueCrypt

asked 2014-02-07 23:27:37 +0200

Rolfa

2053 ●28 ●43 ●37

updated 2014-02-08 09:03:05 +0200

foss4ever
13056 ●97 ●134 ●141

I'd love to have TrueCrypt on my Jolla! (It works on my N900 like a charm)

edit retag flag offensive close delete

Comments

16

as we cannot have support for several different implementations, i'd rather vote against truecrypt, but very much for luks/dm-crypt. why? truecrypt is not free software; it needs fuse to run on linux (which is jollas base) so adds more complexity to the system and it never went through cryptoanalysis, so it remains unclear, if it really does, what it says it does. i'd prefer luks/dm-crypt, as none of these problems exist here. but jolla will make the decisions... after all a dupe: https://together.jolla.com/question/2158/optional-encryption-of-the-device/

manes ( 2014-02-08 00:28:37 +0200 )edit

1

Not a dupe - there is no mention of TrueCrypt at the other question.

The security level of TrueCrypt seems ok for me (for private use) even if it did not go through cryptoanalysis. Big plus for me is that TrueCrypt containers can be interchanged with Windows.

Rolfa ( 2014-02-08 11:58:11 +0200 )edit

1

But the same topic is discussed there, and this would have been nice Answer in that encryption-thread, where there is a much wider audience already..

foss4ever ( 2014-02-08 12:22:25 +0200 )edit

There is VeraCrypt which is actively developed, do not use TrueCrypt as for each day that goes it has potentially more vulnerabilities.

Trizt ( 2015-08-06 07:46:19 +0200 )edit

as we cannot have support for several different implementations, i'd rather vote against truecrypt, but very much for luks/dm-crypt. why? truecrypt is not free software; it needs fuse to run on linux (which is jollas base) so adds more complexity to the system and it never went through cryptoanalysis, so it remains unclear, if it really does, what it says it does. i'd prefer luks/dm-crypt, as none of these problems exist here. but jolla will make the decisions... after all a dupe: https://together.jolla.com/question/2158/optional-encryption-of-the-device/
manes ( 2014-02-08 00:28:37 +0200 )edit
Not a dupe - there is no mention of TrueCrypt at the other question.
The security level of TrueCrypt seems ok for me (for private use) even if it did not go through cryptoanalysis. Big plus for me is that TrueCrypt containers can be interchanged with Windows.
Rolfa ( 2014-02-08 11:58:11 +0200 )edit
But the same topic is discussed there, and this would have been nice Answer in that encryption-thread, where there is a much wider audience already..
foss4ever ( 2014-02-08 12:22:25 +0200 )edit
There is VeraCrypt which is actively developed, do not use TrueCrypt as for each day that goes it has potentially more vulnerabilities.
Trizt ( 2015-08-06 07:46:19 +0200 )edit

Answer 1

14

answered 2014-05-20 12:59:25 +0200

Nieldk

4562 ●40 ●70 ●76

https://openrepos.net/content/nieldk/truecrypt

edit flag offensive delete publish link

Comments

Thanks a lot, it works fine!

Rolfa ( 2014-05-23 17:26:23 +0200 )edit

2

"WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues" see: http://www.truecrypt.org/

utkiek ( 2014-05-29 18:19:14 +0200 )edit

3

Regarding that "warning" - yes, everything is potentially insecure. I suggest you read this. I consider Truecrypt still amongst a prefferable solution. https://www.grc.com/misc/truecrypt/truecrypt.htm

Nieldk ( 2014-05-30 10:04:50 +0200 )edit

@Nieldk has truecrypt development team quit? I didn't get the whole point of the announcement. Thanks.

magullo ( 2014-05-30 14:48:27 +0200 )edit

2

@Nieldk: The announcement is alarming for several reasons, not the least that they very clearly recommend to use Bitlocker, which is about as unsecure as you can get. There is no way they would ever normally recommend it. Also: "TrueCrypt is Not Secure As" -> TrueCrypt is NSA (tin foil hat, but who knows, there's no reason it would be so awkwardly worded otherwise).

nthn ( 2014-05-30 16:10:31 +0200 )edit

Answer 2

3

answered 2014-05-31 16:25:44 +0200

clau

4876 ●39 ●51 ●52

TrueCrypt is dead. See the project page.

edit flag offensive delete publish link

Answer 3

1

answered 2014-05-13 14:50:35 +0200

Rolfa

2053 ●28 ●43 ●37

As long as truecrypt is not available for the Jolla, I am using this script to display a password list from an encrypted zip file.

This works without having to decompress the zip to a file first. Of course, to edit the password list, I have to decompress the zip, edit the file, and compress/encrypt it again with zip -e. That's why truecrypt would still be preferable.

#!/bin/bash

# Displays contents of encrypted zip file without extracting it first to a file.
# Note: The password is visible in the process list, so don't use this on multiuser systems.

# Docs/References:
# http://phpunixman.sourceforge.net/index.php/info/pinentry
# http://www.44342.com/linux-f1121-t30154-p1.htm
# https://together.jolla.com/question/1661/gnupg2-unusable-without-pinentry-package-unavailable/

zipfile=pwlist.zip # should only contain textfiles as all are piped through less

if [ ! -r "$zipfile" ]
then
    echo "Error: $zipfile not found or not readable."
    exit 1
fi

PINENTRY_BIN=/usr/local/bin/pinentry

PinEntryDesc="$zipfile"
PinEntryPrompt="Enter Password: "
PinEntryTTY=`tty`
# The following gets the passphrase by sending the SETDESC, SETPROMPT, and GETPIN
# commands to pinentry, and parsing the output.
p=`echo "SETDESC $PinEntryDesc
SETPROMPT $PinEntryPrompt
GETPIN" | $PINENTRY_BIN --lc-ctype="UTF-8" --ttyname="$PinEntryTTY" | sed '/^D/s/^D \(.*\)$/\1/g;/^OK/d' `

if [ "$p" == "" ]
then
    echo "Error: empty password."
    exit 1
fi

case "$p" in
    *"ERR 111"*)
        echo "cancelled"
        exit 1
        ;;
esac

/usr/bin/unzip -P "$p" -p "$zipfile" | /usr/bin/less -M

edit flag offensive delete publish link

Comments

1

As a side note; a simpler solution could be:

install vim
vim -x

This creates an encrypted file. And it also works with vim for windows.

Rolfa ( 2014-05-16 00:12:56 +0200 )edit

Answer 4

0

answered 2014-05-30 14:31:28 +0200

Rolfa

2053 ●28 ●43 ●37

updated 2015-08-04 11:51:59 +0200

What I needed was an encrypted password list on my phone. Meanwhile, I have a better alternative to TrueCrypt: It's a small python script which uses gpg to encrypt/decrypt the file.

create a new encrypted file: gpgedit.py -c mylist
edit the file: gpgedit.py -e mylist.gpg
display the decrypted file: gpgedit.py mylist.gpg. Then type h for help.
get help about arguments: gpgedit.py -h

gpgedit.py

This has been working now for months without problems.

edit flag offensive delete publish link

Comments

2

have you tried to use ownKeepass? you can find it in the jolla shop

piwostar ( 2014-09-08 16:05:30 +0200 )edit

I prefer having a single encrypted textfile. gpgedit.py works fine here.

Rolfa ( 2014-09-09 09:16:13 +0200 )edit

I use Password Store, which is an Android application for pass stores (eg just a load of gpg encrypted files). I works well and will synchronise with a pass git repository. It would be nice though to have an SFOS version.

skanky ( 2015-08-04 16:47:30 +0200 )edit

Porting TrueCrypt

Comments

4 Answers

Comments

Comments

Comments

Question tools

Stats

Related questions

Porting TrueCrypt

Comments

4 Answers

Comments

Comments

Comments

Question tools

Public thread

Stats

Related questions