DSL Ideas and Suggestions :: Truecrypt as standard of encription.



Truecrypt is tool for "on the fly encryption" (OTFE) for windows and linux.
http://truecrypt.org

IMHO - best (free) program for encryption.
But it is good on trusted machines because containers of this program are normal disks for OS and any program can do with files any operations.
Second trouble is what user must have administrators rights for launching TC (or for install driver of TC to further use in non-admins accounts), and in usual "internet cafe" user will not have possibility to use his encrypted disk.

All problem can be solved by launching virtual environment and OS into it and than - TC. We will have full OTFE inside of "virtual machine" and acces to encrypted information without administrators rights, as far as QEMU dont need such rights for  its work.


I suggest to inject TC(and its driver) in DSL, for use it as standalone(on CD) for access to TC-containers and as boot-OS into QEMU(virtual machine).


QEMU can be runned on windows and linux machines and we can use our encrypted files(extract them for further work and more further wipe  ) without rebooting of mine OS.

Third problem which will solved - what truecrypt will be unique
application for encryption as we will use it and as OTFE-tool and in
non-trust-places and places where we havnt any trust as
container-based encryption-tool (as winrar for example - only for extract files which we can|wish|must extract).

Truecrypt forum:
http://forums.truecrypt.org/viewtopic.php?p=20224#20224

It's unlikely that Truecrypt will be running on DSL in the near future because it uses the device mapper stuff, which AFAIK has to be compiled into the kernel.  I can't speak for them or second guess but my impression (?) is the DSL developers like to stick with the 2.4.26 knoppix kernel as-is for the time being.  Never say never ...

Device mapper does however come with a number of 2.6.xx kernels in other distros ready to use (eg Fedora), though you may still have to download the userspace programs.

However, I have something *better* than truecrypt = loop-aes v3.x
It's already in dsl-n.  Loop-aes imho has always been ahead of truecrypt and dm-crypt in terms of spotting and fixing vulberabilities.  I've compiled modules for dsl and have been testing.  These will be posted in the repo soonish.

Hi PopovN!

I have made remasters including bcrypt (448-bit encryption) of DSL. I had to compile it directly into the remaster but it works perfect. So that's my option for an encryption program.

Have fun,
meo


original here.