Discussion:
Development FreeOTFE ?
(too old to reply)
Psilin
2011-09-01 11:12:08 UTC
Permalink
Raw Message
Hi there,

Does someone know if there still is some development going on for FreeOTFE ?
I tried to reached the author ( Sarah Dean ), but the listed email address
everywehere seems not longer exists.

Or does anybody has an alternative encryption solution that works:
- both 32 and 64 bit windows
- with admin rights container working as a drive, without admin rights an
explorer option

This to secure some data on USB sticks. Only to prevent when sticks are
lost/stolen and for the user ( myself ) as transparant as possible.

Thanks!
NyteOwl
2011-09-03 01:05:59 UTC
Permalink
Raw Message
Post by Psilin
Hi there,
Does someone know if there still is some development going on for
FreeOTFE ? I tried to reached the author ( Sarah Dean ), but the listed
email address everywehere seems not longer exists.
Have you tried contacting the e-mail for the domain registrant of both
freeotfe.org and sdean12.org?
Post by Psilin
This to secure some data on USB sticks. Only to prevent when sticks are
lost/stolen and for the user ( myself ) as transparant as possible.
I use an Ironkey (www.ironeky.com) for this. Works great, and it's in
hardware.
--
Obsolescence is just a lack of imagination.
thangus ornerythinkus
2011-09-03 23:46:36 UTC
Permalink
Raw Message
Post by Psilin
Hi there,
Does someone know if there still is some development going on for FreeOTFE ?
I tried to reached the author ( Sarah Dean ), but the listed email address
everywehere seems not longer exists.
- both 32 and 64 bit windows
- with admin rights container working as a drive, without admin rights an
explorer option
This to secure some data on USB sticks. Only to prevent when sticks are
lost/stolen and for the user ( myself ) as transparant as possible.
Thanks!
I wonder if Sarah is still working on FreeOTFE? IT seems to me that
Truecrypt in its present incarnation has rendered practically every
form of full disk encryption obsolete, and its free.

Of course, I'm still completely paranoid as to how two guys (mystery
devs) can develop TC in their own time, with their own resources and
produce such a superior product, in fact so superior there is
literally nothing on the market of equal effectiveness. My paranoia
is called backdoor-itis.

Nevertheless, I cannot think of one single thing which will advance TC
beyond its current version.

Use TC for your thumb drives and even more, use outer volumes with
trivial PWs so that the thieves break the external volume and then
break their hearts trying to crack the impenetrable inner volume (if
they even realize its there).
.

thang
nemo_outis
2011-09-04 01:23:45 UTC
Permalink
Raw Message
Post by thangus ornerythinkus
Nevertheless, I cannot think of one single thing which will
advance TC beyond its current version.
Then you haven't thought very hard. For example:

1) two-factor authentication (e.g., using a hardware key
such as Aladdin) - and, no, a separate keyfile doesn't cut it.

2) administrative interface/central management (to allow it
to be used in corporate environments, etc.) Complete with
bells & whistles like revocation, delegation, etc.

3) Fips 140-2 certification (yeah, it's expensive and it's
not a panacea, but it's a *requirement* for many
corporate/government environments)

4) resizing of partitions, containers, etc. (without full
decrypt & rebuild)

5) boot from stub on USB, token, etc. (and, no, Grub kludges
by users don't cut it)

6) "password" entry longer than 64 characters (for users who
prefer long sentence-style passphrases to passwords)

7) single sign-on

8) "shuffling/rotating" keys in memory to inhibit "cold boot"
attack (possibly even putting "keys in registers" a la
TRESOR).

and on and on...

Incidentally, many competing encryption products DO have such
features.

Regards,

PS So-called "open source," of the grossly inferior style
provided by ennead and syncon, is a very feeble reed to lean
on regarding the trustworthiness of Truecrypt.
Psilin
2011-09-04 18:45:57 UTC
Permalink
Raw Message
I really don't know if Sarah is still working on FreeOTFE.

Truecrypt would do the job for me IF there was a possibility to copy out the
files on machines were i do not have admin rights.

And yes, i know the security flaws in that case. My main goel is to encrypt
USB media so that the data is secure when i lose or forget a stick
somewhere. I have no need at all to mislead the FBI, CSI or whatever
organisation.

So now i know 2 pieces of software that together would be a perfect working
match for me. Hopefully we all will get along!
nemo_outis
2011-09-04 19:45:20 UTC
Permalink
Raw Message
Post by Psilin
I really don't know if Sarah is still working on FreeOTFE.
Until September 1 you didn't know if anyone was working on
Truecrypt either - there hadn't been a release in nearly a year.
And, of course, there was and is utter silence from Truecrypt's
developers. Moreover, there is no way to contact them.
Post by Psilin
Truecrypt would do the job for me IF there was a
possibility to copy out the files on machines were i do not
have admin rights.
FreeOTFE/Freeotfe Explorer does offer this no-admin-rights-
needed feature - so where's your problem? Encrypt your USB
sticks with Freeotfe.
Post by Psilin
And yes, i know the security flaws in that case. My main
goel is to encrypt USB media so that the data is secure
when i lose or forget a stick somewhere. I have no need at
all to mislead the FBI, CSI or whatever organisation.
So now i know 2 pieces of software that together would be a
perfect working match for me. Hopefully we all will get
along!
Given your stated goals, why mess with Truecrypt at all?
Freeotfe appears to everything you need.

Regards,
Psilin
2011-09-10 19:33:32 UTC
Permalink
Raw Message
Well, for now i am gambling that i can always have access to a pc with admin
rights.
Under windows 7 FreeOTFE can't be use without messing up with the drivers
signature. Drivers must be signed, and the 64 bits FreeOTFE drivers simply
are not signed. That is the main issue.

When you're working a you're own PC then it is very convenient to access the
encrypted file system from a drive letter. And for now, FreeOTFE can't
because of the driver signing issue.

You're comparison with Truecrypt is true to some limit. Sarah mentioned on
multiple sites/documents what here e-mail address is. And that address is
not reachable.

let's hope for the future. A hardware encryption stick right now seems a bit
overkill.
Post by Psilin
I really don't know if Sarah is still working on FreeOTFE.
Until September 1 you didn't know if anyone was working on
Truecrypt either - there hadn't been a release in nearly a year.
And, of course, there was and is utter silence from Truecrypt's
developers. Moreover, there is no way to contact them.
Post by Psilin
Truecrypt would do the job for me IF there was a
possibility to copy out the files on machines were i do not
have admin rights.
FreeOTFE/Freeotfe Explorer does offer this no-admin-rights-
needed feature - so where's your problem? Encrypt your USB
sticks with Freeotfe.
Post by Psilin
And yes, i know the security flaws in that case. My main
goel is to encrypt USB media so that the data is secure
when i lose or forget a stick somewhere. I have no need at
all to mislead the FBI, CSI or whatever organisation.
So now i know 2 pieces of software that together would be a
perfect working match for me. Hopefully we all will get
along!
Given your stated goals, why mess with Truecrypt at all?
Freeotfe appears to everything you need.

Regards,
nemo_outis
2011-09-11 00:38:57 UTC
Permalink
Raw Message
Post by Psilin
Well, for now i am gambling that i can always have access
to a pc with admin rights.
Under windows 7 FreeOTFE can't be use without messing up
with the drivers signature. Drivers must be signed, and the
64 bits FreeOTFE drivers simply are not signed. That is the
main issue.
You DO know that driver signing can be (permanently - until
reenabled) disabled by simply running
bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS
bcdedit.exe -set TESTSIGNING ON
as administrator at a command prompt and then rebooting?

There are also several other ways to do this including group
policy, F8 at bootup, etc. See, for instance:
http://msdn.microsoft.com/en-us/library/ff553484%28v=vs.85%
29.aspx
or
http://www.killertechtips.com/2009/05/05/disable-driver-signing-
windows-7/
or
http://www.killertechtips.com/2009/05/06/disable-driver-signing-
in-windows-7-using-group-policy-editor/

The group policy method is probably easiest.

Regards,

PS Disabling driver signing does have the Catch-22 problem that
it requires admin rights :-)
psilin
2011-09-11 19:39:38 UTC
Permalink
Raw Message
I know there are some ways to bypass the driver signing issue.
As you mentioned: it still needs admin rights.

And to be honest: disabling driver certification does not sound as the
smartest thing in the world to me. That route is a no go for me.
a***@hotmail.com
2016-03-05 02:13:28 UTC
Permalink
Raw Message
Post by Psilin
Hi there,
Does someone know if there still is some development going on for FreeOTFE ?
I tried to reached the author ( Sarah Dean ), but the listed email address
everywehere seems not longer exists.
- both 32 and 64 bit windows
- with admin rights container working as a drive, without admin rights an
explorer option
This to secure some data on USB sticks. Only to prevent when sticks are
lost/stolen and for the user ( myself ) as transparant as possible.
Thanks!
Perhaps the NSA "secured" her?? It's too strange there us no 100% safe or open source encryption tools out there or they vanish quickly...
Loading...