http://maemo.org/community/brainstor...rage_joe_ready

There is no GnuPG GPG PGP environment, no dm-crypt, no blowfish-button in file-context-menus and no GU interfaces ready to use for Joe Average!

There was already the question of securing private data.


What is the best way to get email/file/addressbook de/encryption/signing to Joe and his friends.

Should it be part of all programs containing private data? Should there be a Privacy Manager Tool to manage keys keyrings, encrypted files, addressbooks and calendar entries?


Encrypting the whole filesystem is neither a solution for the private data nor for email. It slows down the system and drains the battery. On my Netbook its costs are about 1-2Watts, speed I dont realy recognize.

Andre Klapper was kind enough to further note down that there is a bugreport
and also posted a comment to the bugreport linking back to the brainstorm item. Thanks!

give me truecrypt on maemo and i'll be happy.


www.truecrypt.org

Please add it as a solution to the brainstorm ticket.

How about eCryptfs? (it's a kernel module nowadays)
Can you mount stuff via the busybox shell?

so you are not average joe, are you?

truecrypt doesnt help with "modest got no pgp/mime handling"
truecrypt does not manage your gpg keys.

truecrypt does crypt your filesystem and thats not a solution for average joe (I script that faster as joe installs truecrypt and gets it working, the problem with large crypts is that it drains battery)

to deliver to windows, as mass device you could decrypt a partition setup with truecrypt as it is available for windows (AFAIK) but you need to install it and configure it

summary:
truecrypt (in my eyes) is a standalone solution for encrypting partitions and it makes them also available while in massstorage mode within YOUR windows. (same goes for LUKS I know)


for eCryptfs quiet the same answer apart of I dont know another OS than unix based to work with it

I use truecrypt on my computers at work/home and would love to see it in Maemo.

You do not have to encrypt the whole partition. You can create an encrypted file (up to 4GB on FAT32), mount that and store important files in it. The file would be accessible to both window and linux when exported via usb. I believe that there is a "portable/thumb drive" version for windows that does not need to be installed to run.

Best of all, if you don't need to access the files, truecrypt does not need to be running (ie no battery drain).

This doesn't address all the issues, but may address enough for the average joe to use (with a gui front end) easily to protect important data.

good to know so truecrypt would be the env for files (includes partitions as we all know "everything is a file)I want to share within massstorage mode?!

you leave out addressbook and calendar if you think of unmounting. In any other case, most crypting softwares do need the juice while reading and writing files but none while idle... (at least the stuff I think of)

but joe doesnt know which data is important! joe doesnt know that all his emails send are scanned! joe doesnt know that all data he sends via ICQ is from then on owned by ICQ Inc. and so on. (at this point I recognize I missed a jabber client or xmpp at all.) the worse is that joe does not care. so we, as people who care, should give a startup for joe, showing what we do and was is recommended.

joe would crypt some passwords which are guessable anyway, and some files... (next thought: passwords need to be checked and rated for security)

Hmm there are a few other threads about this subject. It is also related to authentication about which we have also some threads.

One problem with cryptography (don't call it 'encryption') is that it only works if you trust it. In order to trust it, you have to understand it. While making it as less complex as possible is a good aim, many people won't understand how cryptography works. So a solution which handles this must keep that in mind. (See for example how Mozilla Firefox deals with SSL and the various implications of this.)

Some related threads:
http://talk.maemo.org/showthread.php...689#post381689
http://talk.maemo.org/showthread.php?t=32672
http://talk.maemo.org/showthread.php?t=33304

If you aren't aware, there was some work done putting a maemo front end on true-crypt, but it never got to a point I would call complete or elegant. It's called EasyCrypt:

http://talk.maemo.org/showthread.php?t=15984