![]() When a process is forked, the new process, called the child, is a clone of the parent: it has the same code and data in memory, so it inherits access to all resources that the parent had. What that meant is that the open source practice of a fork was impossible.įorking a software product gets its name from the Unix system call fork(), by which new processes are created. That’s a bit of a risk with any software product, especially one with the primary purpose of turning your precious data into shredded cabbage with the promise that you will be able to unshred it later.įair enough, of course: the coders provided it for free, and if you really wanted, you could use their source code to help you write your own replacement, but it wouldn’t be TrueCrypt and you couldn’t use the name to suggest it were. So, despite (or, perhaps, because of) the apparent anti-commercialism of the software, there were certain commercial challenges in using it, not least that you couldn’t tell who you were dealing with, or what might happen to it next. You could even get the source code for TrueCrypt, as a sort of implicit guarantee that there were no shabby secrets or backdoors hidden in there.īut it wasn’t truly open source, since you couldn’t then do what you liked with that source code.įurthermore, the developers were anonymous and the development process closed: you couldn’t go to conferences, for example, and openly meet the coders and ask them what was coming next in the product, and when. Secondly, if someone is determined to extract your data under duress, they’ll just ignore the first password you give them and keep squeezing you until you cough up the second. Firstly, it’s harder than it sounds to maintain your fake data so that it actually looks plausible when you decrypt it. This sort of feature can be a double-edged sword. One password decrypts the content you really want to keep secret, while the other cunningly decrypts a bunch of innocent data to fool anyone who forces you, by fair means or foul, to reveal your password. Plausible deniability works by letting you create an encrypted file with two passwords. It also had a feature called plausible deniability that gave it cachet amongst cypherpunks and privacy activists, even if they weren’t planning to use this feature themselves. Over the years, it became popular for many reasons, notably that it was free, cross-platform and apparently untainted by association with governments or commercialism. TrueCrypt is, or was, a long-running software project that claimed to provide strong encryption software that you could use for free on Windows, Linux and OS X. Installpkg /boot/custom/truecrypt/ntfs-3g-2013.1.13-x86_64-1.Naked Security readers will be well aware of the great TrueCrypt mystery. # Install NTFS-3G and Copy Truecrypt binary ![]() Put the following lines in your go script I think you'll also get this package automatically if you install the popular SNAP plugin. Store the resulting "truecrypt" binary in /boot/custom/truecrypt.Īssuming you will want to use NTFS (optional), download the NTFS-3G package from and store that in /boot/custom/truecrypt as well (or your preferred location). Unpack the.gz file, and then run the binary on unraid to unpack the install files. Your first step should be to read up on the status of the truecrypt project at Īssuming you are still OK with using truecrypt, download the 64-bit binary "truecrypt-7.1a-linux-console-圆4.tar.gz" for unraid 6 or get the 32-bit version "" if you are on unraid 5 from the grc.com site. If you are using it for offsite backup, consider that in the scenario where you need this data, you may no longer have a working unraid server, and being able to access from windows may be a good thing. I like using the ntfs filesystem, because it can be mounted in windows, but if you don't care about that feel free to use another filesystem. I have used this for my offsite backup disks for a while and wanted to make a comprehensive guide for others to follow, including creating new encrypted volumes or drives in unraid. There is only one optional library package to install, namely NTFS-3G (if you want to use the ntfs filesystem), so it is very suitable for running directly on unraid. Prior to that, lots of clever people were discussing how to compile truecrypt from source, but as doron noted, with the binary it "just works" and is actually very easy. Thanks to the user doron for first describing how to use the console only binaries and the nokernelcrypto mount option in this thread: Guide to to using Truecrypt in Unraid 5 and 6
0 Comments
Leave a Reply. |