TrueCrypt (was: A few comments about Knoppix 5.1)
Martin Oehler wrote:
>>> But there are definitely some problems with the license:
>>>
>>> http://lists.debian.org/debian-legal/2006/06/msg00295.html
>> Sorry, I didn't realize that the license was funky. I like it because
>> it's cross-platform, whereas loop-aes is not.
>
> Since knoppix-image isn't using the multikey mode, this should be
> a portable solution (not tested):
>
> http://www.scherrer.cc/crypt/
>
> Does this work for you?
No.
When a fault in the data protection software (not only the few hundred
lines of crypto algorithms, but in any of the thousands of lines of
the application package!) can have extremely serious consequences, one
does not expect each individual user to read a couple of web-pages
and make a decision on what to use. TrueCrypt has been around
for a while, in continuous development by the same (apparently very
dedicated) team, it has a large installed base and an active user
community with a critical forum that is, as far as I've seen, unique
among the similar products. All those things contribute to the level
of confidence that makes the difference between a crypto package used
for "just foolin' around" and one that is used when "cryto matters".
It is my understanding that the dislike for TC license by the Debian
priests is based primarily on the fact that TC protects the "integrity
of the brand" by denying the right to produce derivatives which could
be mistaken to be "The real McCoy". (Use of TC source in projects that
are completely distinct from TC is not denied). May I suggest that, for
the reasons outlined above, this is entirely justified.
There are some specific reasons why TC on a Knoppix CD would be an
extremely beneficial combination, but this has been covered before.
I have implemented several "real-life" data-flow protocols in a
particular industry using TrueCrypt, but am in no way related to the
developers.
ic
Reply to: