Re: [Tails-dev] VeraCrypt/TrueCrypt support in GNOME Disks

Delete this message

Reply to this message
Author: Bastien Nocera
Date:  
To: segfault, devkit-devel
CC: tails-dev
Subject: Re: [Tails-dev] VeraCrypt/TrueCrypt support in GNOME Disks
Hey,

On Mon, 2017-11-13 at 17:19 +0100, segfault wrote:
> Hi,
>
> we at Tails (tails.boum.org) currently work on integrating support
> for
> unlocking VeraCrypt (and probably also TrueCrypt) volumes in Tails
> via
> udisks2 and GNOME Disks (and maybe also GNOME Files and the GVfs
> monitor). We internally track the status of this work in [1] and [2].
> Currently we are gathering data on the requirements of our users via
> a
> survey [3], in order to make decisions about which features we want
> to
> implement (support for legacy TrueCrypt volumes, file containers,
> hidden
> volumes, keyfiles).
>
> We would like to know whether you want to have VeraCrypt/TrueCrypt
> support in upstream too. I assume that this is wanted in udisks2,
> because there is already an open ticket for this [4]. What about
> GNOME
> Disks?


What UI differences would be needed to handle those different types of
encryption? I'm guessing none for handling encrypted disks, because the
UI should be pretty much the same as for the existing LVM based
encryption support.

How to deal with creating encrypted volumes, and even more so when
talking about other types of encryption would need to be designed after
you've figured out whether it makes any difference to the user, and how
it would get integrated in UDisks.

I'd start with adding a transparent way to mount encrypted disks and
volumes in UDisks, and see whether anything else is needed on top of
that for your users, including explaining why particular types of
encryption are better than others and under which circumstances.

I'm also not sure what "file containers" and "keyfiles" are, but it
sounds like filesystem level encryption which would likely live in GIO
and UIs on top of it, not in Disks or UDisks.

Cheers