Re: Document removal of ecryptfs-utils from Buster
On Mon 01 Jul 2019 at 15:56:14 (-0400), Gene Heskett wrote:
> On Monday 01 July 2019 09:33:35 David Wright wrote:
> > On Mon 01 Jul 2019 at 06:05:52 (-0400), Gene Heskett wrote:
> > > On Monday 01 July 2019 03:52:55 Jonathan Dowland wrote:
> > > > On Sun, Jun 30, 2019 at 12:45:57PM -0400, Gene Heskett wrote:
> > > > >At this point, I'd call it a buster delaying bug. That last is
> > > > > going to cost too many that can't ignore it and don't have
> > > > > unencrypted backups. Thats going to be a lot of very bad PR.
> > > >
> > > > It's the release teams call, generally speaking, and one of the
> > > > things they might factor in is the size of the user-base for the
> > > > troublesome package. I'm surprised to find that it's extremely
> > > > small according to popcon data: less than 1% of reporters:
> > > > https://qa.debian.org/popcon.php?package=ecryptfs-utils
> > > >
> > > > Compare just two alternatives:
> > > >
> > > > encfs: 1.14% https://qa.debian.org/popcon.php?package=encfs
> > > > cryptsetup: 15%
> > > > https://qa.debian.org/popcon.php?package=cryptsetup
> > >
> > > That does put a better light on it. From the comments so far, I was
> > > thinking I'm one of the few not using it. I've depended on dd-wrt
> > > between me and the internet for the last 16 years, and even before
> > > that I was on dialup and the dialup folks didn't have enough
> > > bandwidth to attract the black hats, so I've never been touched.
> > I was under the impression that these two forms of security, firewalls
> > and encryption, are completely orthogonal. Once you've unlocked, say,
> > an encrypted partition, you're now reliant on the firewall to keep
> > strangers out of your files. OTOH a perfect firewall is of no benefit
> > when your laptop is stolen.
> > > With all the publicity this thread has given the issue, I'll change
> > > my mind (as if it matters to the team :) and say adequate notice and
> > > mitigating paths seems to have been given. Those that are using it
> > > I'd call pretty advanced and are reading this list just for the
> > > notices given so they shouldn't be surprised. So I'll do an Andy
> > > Capp and shuddup.
> > The grey area is for me is the relative benefit of encrypting file by
> > file compared with the whole partition. Assuming that there's just one
> > passphrase involved in each scenario, is more protection given by the
> > former method? After all, once a partition is unlocked, all users on
> > the system are able to read all the files, subject to the normal unix
> > permissions, ACLs, etc.
> Whole filesystem encryption would be a total non-starter for me.
Fair enough. Could you reveal why, or are your reasons cryptic too?
> File by
> file with different passwd's according to whats in the file would make
> far more sense to me. Thats my $0.02.
I can't see how anyone would cope with a scheme like that. How would
you remember all those passwords?
OTOH I can see that each file must have an individual encryption key,
but the encryption scheme looks after generating those. Otherwise
you would have a large sample of encrypted but known-cleartext files
available for cracking attempts. (Remember that the filenames are not
encrypted, and many files on a system will have entirely predictable
contents, eg much of /usr, your Debian package cache, and so on.