[ciphershed] Re: TrueCrypt Author Claims That Forking Is Impossible http://it.slashdot.org/story/14/06/19/145219/truecrypt-author-claims-that-forking-is-impossible

  • From: "Alain Forget" <aforget@xxxxxxx>
  • To: <ciphershed@xxxxxxxxxxxxx>
  • Date: Thu, 19 Jun 2014 14:13:42 -0400

> Short term goal is getting a rebranded version out. Then the issues fixed 
> that the Audit pointed out.
> Long term goal is replacing the code parts that have license-issues and 
> release it under a new license (gpl, mit, bsd -- not sure yet).

I agree with Niklas' plan. I think those are the most pressing things, since we 
could get legally blocked until that long-term plan is complete (which we all 
hope won't be too "long", but I suspect it will, since TrueCrypt is no simple 
beast). Only after those are done should we start considering which items on 
our wish list to implement/tackle.

Alain

-----Original Message-----
From: ciphershed-bounce@xxxxxxxxxxxxx [mailto:ciphershed-bounce@xxxxxxxxxxxxx] 
On Behalf Of Niklas Lemcke - ???
Sent: Thursday, June 19, 2014 13:50
To: ciphershed@xxxxxxxxxxxxx
Subject: [ciphershed] Re: TrueCrypt Author Claims That Forking Is Impossible 
http://it.slashdot.org/story/14/06/19/145219/truecrypt-author-claims-that-forking-is-impossible

On Thu, 19 Jun 2014 13:05:54 -0400
"Jason Pyeron" <jpyeron@xxxxxxxx> wrote:

> > -----Original Message-----
> > From: Alain Forget
> > Sent: Thursday, June 19, 2014 12:53
> > To: ciphershed@xxxxxxxxxxxxx
> > 
> > Thanks Stephen and Jason, this answers my question perfectly.
> > 
> > However, as Stephen asked and Jason asserted, I'd like to 
> > confirm this with the rest of the community to make sure 
> > we're all on the same page: Are we using TC only as a 
> > reference, but will be essentially re-writing the whole 
> > thing? Or are we essentially going to continue using, 
> > supporting, and improving TC's 7.1a code?
> 
> Until the greater goal is accomplished, use & support.
> 
> > 
> > Given that we're re-branding TC 7.1a as CipherShed, it seemed 
> > to me like we're doing the latter, but perhaps I'm missing 
> > part of the grander plan?
> 
> I am here because I understood, that with patience (>1 year), it was the 
> former
> with the latter as the short term (<1 year)
> 
> My personal goals are as follows
> (//www.freelists.org/post/ciphershed/Introduction-Jason-Pyeron):
> 
> 0. deterministic / automated build of TC 7.1a
> 1. Get it under a good license (BSD, Apache, etc) - CS 8.0
> 2. UEFI boot support
> 3. limited Soft reboot support
> 4. enterprise policy / credential server (network password server) support
> 5. then on to mobile...
> 
> Is this in line with the group? Is it close enough?

Short term goal is getting a rebranded version out. Then the issues
fixed that the Audit pointed out.

Long term goal is replacing the code parts that have license-issues and
release it under a new license (gpl, mit, bsd -- not sure yet).

About the mentioned features, some of them are in discussion, some are
most likely going to be implemented, others don't have a consensus yet
(I believe)

Niklas

> 
> > 
> > Alain
> > 
> > -----Original Message-----
> > From: ciphershed-bounce@xxxxxxxxxxxxx 
> > [mailto:ciphershed-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Pyeron
> > Sent: Thursday, June 19, 2014 12:42
> > To: ciphershed@xxxxxxxxxxxxx
> > Subject: [ciphershed] Re: TrueCrypt Author Claims That 
> > Forking Is Impossible 
> > http://it.slashdot.org/story/14/06/19/145219/truecrypt-author-
> > claims-that-forking-is-impossible
> > 
> > > -----Original Message-----
> > > From: Alain Forget
> > > Sent: Thursday, June 19, 2014 12:33
> > > 
> > > Could anyone please enlighten me as to what possible reason 
> > > this original TrueCrypt developer feels a fork would be impossible?
> > 
> > His definition of fork is to "re-use" the code and not 
> > "re-write" the code.
> > 
> > Best analyis so far, in my opinion:
> > http://it.slashdot.org/comments.pl?sid=5300647&cid=47272777
> > 
> > Occam's Razor by bhoar (1226184) writes: on Thursday June 19, 
> > 2014 @11:34AM
> > (#47272777) 
> > 
> > 1. Evidence seems to point that the main developer is in 
> > Europe. So, an NSA NSL
> > doesn't seem (to me) to be a likely factor. 
> > 
> > 2. Evidence points to the history of the code perhaps being 
> > legally murky. But
> > from what I recall of the forum discussion nearly a decade 
> > ago, most of the murk
> > wasn't due to the code origins, which appeared to be on the 
> > up and up, but due
> > to the legal threats/actions of a company that thought it 
> > could prevent a fork
> > from *before* buying code/hiring the developer. That's IIRC, 
> > of course, I've
> > seen reporting all over the map on this issue. Also, 
> > supposition: there may have
> > also been verbal promises between the dev(s) and outside 
> > entities about what
> > might trigger more legal issues. 
> > 
> > 3. Evidence points to English being the main developer's 
> > second language, so the
> > conspiracy theories base on awkward sentence construction are 
> > probably just
> > that, theories. 
> > 
> > 4. Evidence (now gone, due to the tc forums being removed) 
> > also seems to point
> > to the main developer having strong feelings about control 
> > over the main code
> > line and trademarks for a long time. Some of this seemed 
> > rational (wanting to
> > block a plethora of backdoored versions being deployed) but 
> > some of this seemed
> > personal. Most devs have been there, some have matured and 
> > learned to let it go.
> > Conclusion: the simplest explanation, to me, is that the main 
> > dev wants to the
> > code dead and buried so that he is entirely free of any 
> > future legal, ethical or
> > emotional consequences of it continuing.
> > 
> > 
> > > 
> > > Please correct me if I'm wrong, but I'm pretty sure VeraCrypt 
> > > is a fork, 
> > 
> > With bad legal licensing issues at first glance.
> > 
> > > and we are working on a fork, so...either I'm 
> > 
> > And we plan on a re-write to allow for a license change, as 
> > such we are using
> > the original code as a "reference"
> > 
> > > missing some crucial point, am taking crazy pills, or that 
> > > original TrueCrypt developer has a very questionable 
> > > definition of "impossible".
> > 
> > I certainlly agree the word impossible is not supported by 
> > the content of the
> > message exchange, but there are likely other details (personal, legal,
> > linguistic, etc) that will have bearing on the definition of 
> > the word impossible
> > in that context.
> > 
> > > 
> > > Alain
> > > 
> > > -----Original Message-----
> > > From: ciphershed-bounce@xxxxxxxxxxxxx 
> > > [mailto:ciphershed-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Pyeron
> > > Sent: Thursday, June 19, 2014 12:23
> > > To: ciphershed@xxxxxxxxxxxxx
> > > Subject: [ciphershed] TrueCrypt Author Claims That Forking Is 
> > > Impossible 
> > > http://it.slashdot.org/story/14/06/19/145219/truecrypt-author-
> > > claims-that-forking-is-impossible
> > > 
> > > From slashdot:
> > > 
> > > http://it.slashdot.org/story/14/06/19/145219/truecrypt-author-
> > > claims-that-forkin
> > > g-is-impossible
> > > 
> > > http://pastebin.com/RS0f8gwn
> > > 
> > > On a request from Matthew Green to fork the TrueCrypt code, 
> > > the author answers
> > > that this is impossible. He says that this might be no good 
> > > idea, because the
> > > code needs a rewrite, but he allows to use the existing code 
> > > as a reference. "I
> > > am sorry, but I think what you're asking for here is 
> > > impossible. I don't feel
> > > that forking TrueCrypt would be a good idea, a complete 
> > > rewrite was something we
> > > wanted to do for a while. I believe that starting from 
> > > scratch wouldn't require
> > > much more work than actually learning and understanding all 
> > > of truecrypts
> > > current codebase. I have no problem with the source code 
> > being used as
> > > reference."
> 
> --
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> -                                                               -
> - Jason Pyeron                      PD Inc. http://www.pdinc.us -
> - Principal Consultant              10 West 24th Street #100    -
> - +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
> -                                                               -
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> This message is copyright PD Inc, subject to license 20080407P00.
> 
> 



-- 
Niklas

At the time of writing, no warrants have ever been served to me, Niklas
Lemcke, nor am I under any personal legal compulsion concerning the
CipherShed project. I do not know of any searches or seizures of my
assets.


Other related posts: