TrueCrypt Gets a New Life, New Name

storagedude writes: Amid ongoing security concerns, the popular open source encryption program TrueCrypt may have found new life under a new name. Under the terms of the TrueCrypt license — which was a homemade open source license written by the authors themselves rather than a standard one — a forking of the code is allowed if references to TrueCrypt are removed from the code and the resulting application is not called TrueCrypt. Thus, CipherShed will be released under a standard open source license, with long-term ambitions to become a completely new product.

"CipherShed"

[supertall]

Suddenly I think of banjos.

Re:"CipherShed"

[pushing-robot]

They're obviously using my HorribleNameGenerator library. I'm proud to have contributed to so many FOSS projects.

Re:"CipherShed"

They're obviously using my HorribleNameGenerator library. I'm proud to have contributed to so many FOSS projects.

Say thank you to the governments of the world for copyrights, and trademarks, because of them it is almost impossible to create a uniquely identifying name
without finding out that is has already been trademarked and/or copyrighted.

A quick example. IBM's RiscSystem/6000... ever wonder why you never saw it abbreviated as RS/6000 ... the answer, Pontiac had a trademark in place for "RallySport/6000" as well as RS/6000 and they wouldn't release it to IBM.

Re: "CipherShed"

And what if you could just use any name you liked? What if YOU put out a product and someone else put out another product and used your product's name? Me thinks you wouldn't appreciate it much

Re:"CipherShed"

[Kjella]

They're obviously using my HorribleNameGenerator library. I'm proud to have contributed to so many FOSS projects.

Clearly you didn't use it for your own project, I suppose you had to write it first or it would have suggested HorribleUniqueNameGenerator. Because like the developers of the GNU Image Manipulator Program knows, a catchy acronym never hurt anyone.

Re:"CipherShed"

Boy, you got a purty public key...

Re: "CipherShed"

[aix+tom]

It worked pretty OK for centuries. You could buy a "Plow from John Smith over in Blurn Hollows", or you could buy a "Plow from George Smith over in Redneck Fields", and nobody would be confused that they were called the same.

These days, if you buy a "FuxMatic3000XP from XentTeck" one day, you have to make sure if you want to buy one a year later that neither the FuxMatic3000XP nor the XentTeck Trademark have been sold in the meantime and are completely different things and/or products, or if the company itself did a product switcheroo in the meantime.

Re:"CipherShed"

[Spy+Handler]

Nah, it wouldn't be cool to go against the wishes of the original authors. They put a lot of work into it. If you're gonna leech off their code then naming your project something other than Truecrypt is the least you can do.

I suggest RealCrypt.

Re:"CipherShed"

Respecting licenses is not done to respect the authors. It's done so you gain the credibility to have your own license enforced.

If the authors said "fuck'em", the next guy would come along and do the same and they wouldn't really be able to complain.

Re:"CipherShed"

Well it`s better than the NSA fork - DeCrypt. ;-)

Re:"CipherShed"

[ericloewe]

To make things worse, GIMP is an acronym that includes a backronym.

The ATA guys really like their silly nested acronyms like nobody else, though. Seriously, whose brilliant idea was "eSATAp".
eSATA powered
external SATA powered
external Serial ATA powered
external Serial AT Attachment powered
external Serial AT-sounds-like-a-cool-name Attachment powered

Re:"CipherShed"

Or... Mr. Reagan from the Matrix + BikeShedding.

Double Cringe.

Re:"CipherShed"

And the business intelligence invasion continues...

Re:"CipherShed"

AT was Advanced Technology
so it's
external Serial Advanced Technology Attachment powered
personally I'd rather go for Serial Attached Small Computer System Interface over Small Form Factor 8470...

Re:"CipherShed"

[WaywardGeek]

So, I'm invovled in the CipherShed project. In fact, I bought the domain originally when Niklas suggested it. I also bought FalseCrypt :-)

This thread is actually very helpful. I've been very concerned that we need to pick a better name. The unfortunate truth is that we geeks totally suck at picking name!

RealCrypt is excellent, IMO. That's why the RealCrypt fork of TrueCrypt exists :-) It's a Fedora-packaged fork that drops all the Windows stuff. There's also a VeraCrypt fork. OpenCrypt.net was offered to us by the owner, which is very generous, but there is an OpenCrypt already, which oddly enough has to do with encryption rather than vampires.

Please keep picking on the name, and suggesting alternatives! If someone here provides one, I'll try to have it adopted. We *barely* still have time to make a name change.

Re:"CipherShed"

[Snotnose]

I suggest TrooKrypt.

Re:"CipherShed"

[supertall]

I suggest IronCrypt or something of the sort that projects strength and security.

Re:"CipherShed"

[kaatochacha]

I'd have to agree, "CipherShed" is just awful.
TrueCrypt was an excellent name, and working off the -crypt portion is logical.
Perhaps you can vary off the True prefix? or maybe "TrueCrypt II. It seems to work for movies.

Re:"CipherShed"

[WaywardGeek]

IronCrypt is a good suggestion. It is fucking squated. God I hate squatters. Worse than lice or ticks.

Re:"CipherShed"

[WaywardGeek]

No, we can't use TrueCrypt in the name. The license terms are clear about that. We're trying not to use True, and we have been told that it would be best not to use Crypt, though I think that's going a bit far.

Re: "CipherShed"

[bill_mcgonigle]

but in this case the authors were anonymous - they are NOT going to de-cloak to enforce a trademark.

It's probably better for the security of the community at large to carry on calling it TrueCrypt (3.0, clear who the new team is, etc.). Trademarks exist to prevent confusion - in this case, using the same name is the minimally confusing option. The license is unenforceable and securing people's communications is more important to society than the wishes of the retired authors.

Imaginary property ain't real but the risks of electronic adversaries certainly are.

Re:"CipherShed"

[TheEyes]

At least choose a suffix other than "shed" Maybe "vault" for "CypherVault" or "StoreVault"

The Latin word for "padlock" is "sera" "CypherSera"? "SeraCypher"? Bet nobody's squatting that.

"Cipher" comes from the medieval Latin "cifra" Maybe "BitCifra"? "CifraStore"?

Re:"CipherShed"

[Inigo+Montoya]

So here's my contributions to the naming

TruerCrypt :-)

CryptBlock CryptAll CryptMore MoreCrypt CryptoCase CryptMyRide CoolCrypt CryptoMagnolia MagnusCryptum Cryptonomy CryptoFilo

And here are some names that do not have Crypt in them (note: I have not checked copywrites or squatter rights on any of these)

AssetTag Lockdown FileBlocker TickTockLock SquirrelCage AcornVault

I can't think of any more :-)

Re:"CipherShed"

Instant Mobile Rehashing Enigmatic Totally Arisen Remade Domination

That is probably too long to be memorable. So something hash or hash something; the hash potato.

Re: "CipherShed"

[currently_awake]

That's why there is an entire occupation devoted to handling legal stuff. I'd tell you the name, but every time I think of it the phrase "first up against the wall" jumps into my mind.

Re:"CipherShed"

Following your suggestions, BitCypher sounds pretty awesome, and uses neither crypt nor true.

captcha: labels

Re:"CipherShed"

[plazman30]

DataSafe CryptoSafe IronWall DataLocker DataLock

Re:"CipherShed"

[AmiMoJo]

LibreCrypt
NewCrypt
TC-X
MidoriCrypt (I just like that word)
FreeCrypt
SafeCrypt
SnowdenCrypt (with permission of course)
ImmortalCrypt (the NSA can't kill it)
SafeHouse (domains probably taken...)
CryptoBox
CryptoSafe
CryptoFreedom

Maybe a Slashdot poll?

Re:"CipherShed"

I think that AT comes from IBM PC/AT (http://en.wikipedia.org/wiki/IBM_Personal_Computer/AT) and stands for "Advanced Technology". So "eSATAp" means:

"external Serial Advanced Technology Attachment powered"

HTH,
AC

Re: "CipherShed"

[flyingfsck]

Careful dude, you may get a ton of pre-orders for your new FuxMatic3000XP by advertizing on Sloshdat.

Re: "CipherShed"

TwoCrypt

Re:"CipherShed"

I would use Lockdown

Re:"CipherShed"

HashStash

Re:"CipherShed"

[RandomFactor]

EuCrypt

Re:"CipherShed"

how about get rid of crypt all together

datasafe
stashbox
data armor
myshiz
dataNPE (no prying eyes)
eyesonly (military term for close hold info)
bytelocker (heh..)
databox
bitstore
bitsafe
safeshiz

Re:"CipherShed"

How about PrivateBytes or PrivacyTank?

Maybe naming CipherShed after what the product does (protect/hide data, enable privacy) is better than naming it based on how it does it (encryption).

Getting techies to use it won't be an issue, regardless of the name. But getting casual user adoption might be helped by promoting the product's benefit in the name. Socializing new name options with non-techies to get feedback could help.

Re:"CipherShed"

Cryptception

RubberHose

SeizeThis!

TurtleDown

Re: "CipherShed"

You didn't get the point at all.

This has nothing to do with the original authors. Read again.

Re:"CipherShed"

[AC-x]

personally I'd rather go for Serial Attached Small Computer System Interface over Small Form Factor 8470

To be fair they do just go for "SAS" rather than "SASCSI"

Re:"CipherShed"

[amxcoder]

How about "Data Crypt" or "DataCryptor"?

or "Crypt Locker"?

or "The Crypt-inator"

"TC-Fork"

"the program formally known as 'TrueCrypt'" (and then have some unpronounceable symbol)

there is always "Data Information Crypt Keeper"

Re: "CipherShed"

I'd use a FuxMatic, especially one that comes with 3000 XP. Would that put me at a high enough level to get any of the multiple penises, prehensile 6-foot penis, or 16-gallon cum abilities?

Re:"CipherShed"

Why not TwoCrypt? Play on the original name, second generation, blah blah blah.

Re:"CipherShed"

[crolix]

CryTruept

Re: "CipherShed"

Cipherous
LOLcryptz
Pan-Galactic Data Secret Decoder Ring (pangdasder)
Cryptalot
Cryptolicious
FreeCipher
XOR

Re:"CipherShed"

Don't worry about the squatter, domain names are becoming more and more worthless. Just register ironcrypt.SOMETHING and you'll be fine. A poor-man's alternative is to throw a hyphen in the domain name: iron-crypt.com, or, make up a useless acronym based on something related. Maybe iron-crypt-encryption-software could become ices.com, ha ha, that's most likely taken, but you get the drift. When starting a business, or new project, anally agonising over the domain name is simply no longer worth it, not compared to the oodles of other shit you have to do to get the project going.

Re:"CipherShed"

name suggestions: Ciphermula, En-crypto-gine, Cryptease, Encryptinator, Crypture.

Re:"CipherShed"

[badkarmadayaccount]

Magnetite HDD Security Suite?

Re:"CipherShed"

[badkarmadayaccount]

Magnetite HDD Security Suite Has a geek pun, but sounds normal what do you think?

Re:"CipherShed"

[silentcoder]

>A quick example. IBM's RiscSystem/6000... ever wonder why you never saw it abbreviated as RS/6000 ... the answer, Pontiac had a trademark in place for "RallySport/6000" as well as RS/6000 and they wouldn't release it to IBM.

I'm assuming your story is true but if it is - then IBM was overly cautious and just didn't want to risk an expensive lawsuit over an abbreviation even though they would be guaranteed to win.
Trademarks apply *only* within the same field of industry - they don't apply to products from very different industries where there is no chance of confusion. There is no way that IBM could be confused with a car company and their RS-6000 with the Pontiac RS-6000.

People tend to forget (and the false logic of the "intellectual property" brigade re-enforces this) that trademarks do NOT exist to protect producers - they are a CONSUMER protection law. The idea being that if you buy something with company X's label for product Y on it you can be reasonably certain that you actually GET product Y from company X and not some cheap knock-off.

That is why they are so restricted - you can't trademark a common word or phrase, and if a trademark *becomes* a generic phrase for the type of product you lose the trademark. You also lose it if you don't aggressively defend it - which would explain why Pontiac would be loathe to agree even though their trademark clearly couldn't apply to IBM - for fear that somebody else could later claim they were not defending it and using that agreement as evidence.

In practise though, IBM should just have gone ahead - if Pontiac actually went ahead and filed suit they would have been laughed out of court.

Re:"CipherShed"

I like CryptWarden, but you might not be able to use it. Its a D&D Monster from Book of Exaulted Deeds.

Re:"CipherShed"

How about FileCrypt, CryptDisk, LockDisk, LockFile, SafeDisk ...

Re:"CipherShed"

[caution+live+frogs]

Skip made up names and look to mythology. Greek guardians (Kerberos obviously already taken), Norse guardians (Fafnir?), etc. The best made-up names will be taken, but the mythological names might still be open for use. Especially if you get away from Western mythology.

Re:"CipherShed"

[WaywardGeek]

I just want you and the other Slashdotters to know we're taking your suggestions very seriously. Cryptonomy seems to be a leading condender. Thank you for the suggestion!

Re:"CipherShed"

It's too late. CypherShed is just what it's going to have to be.

For the record, I like CypherShed but I'm just an AC.

Re:"CipherShed"

[RavenLoon]

OmniCrypt, to highlight the cross-platform feature? Probably taken...

Re: "CipherShed"

[uberdilligaff]

OneCrypt... TwoCrypt... RedCrypt... BlueCrypt

Re:"CipherShed"

"SureCrypt"? The domain's available, at least when I checked just now.

Maybe it'll actually be trustworthy this time

Here's hoping the audit is a success.

Re:Maybe it'll actually be trustworthy this time

For anyone that doesn't have time to read the article, here's the audit part:

Organizations are loathe to walk away from TrueCrypt because it is free, it is cross platform and, perhaps most importantly, the code is available for inspection. Critically, the code is not just available, but a security audit of the code is underway. The eyeballs on the code are not just theoretical, but are also there in practice -- and they are professional eyeballs at that.

The first part of the code audit was completed in April - a source code assisted security assessment of the TrueCrypt bootloader and Windows kernel driver. No serious problems were found, although many issues were highlighted, including a lack of comments, use of insecure or deprecated functions and inconsistent variable types. The product is also nearly impossible to compile from the source code, which means the majority of users download pre-compiled binaries, with all the attendant security risks.

The next part of the audit, a formal cryptanalysis, is underway.

I would keep my eye on the project that the remaining parts of the audit actually get completed properly.

Re:Maybe it'll actually be trustworthy this time

And... My confidence is not inspired by going to a CipherShed site, that tossed up warnings about an untrusted certificate.

Does the TrueCrypt License

[I'm+New+Around+Here]

allow a fork to be released under a standard open source license?

Because I can take software with a standard open source license and put TrueCrypt's name back into it.

Not that I intend to do so, but it just seems off, somehow.

Re:Does the TrueCrypt License

Yeah, it seems like this would violate the terms under which it was licensed to them.

Re:Does the TrueCrypt License

Having RTFA (I know, I know), I can answer your question.
The first CipherShed version will be under the TrueCrypt license. They hope to rewrite and replace code until they have something new they can release under a standard OSI-approved license.

Re:Does the TrueCrypt License

Still sounds like a derivative work, thus subject to licensing. What they need is a ground-up implementation. A better use of time for someone capable of handling crypto code with care would be auditing tc-play.

Re:Does the TrueCrypt License

[Marginal+Coward]

I think you're onto something. Perhaps *that's* why the secret formula for Coke has never been open-sourced, but remains locked in a vault in Atlanta to this very day. Likewise for the secret Krabby-patty formuler. Just think what havoc Pepsi and Plankton could wreak with the TrueCrypt code...

Re:Does the TrueCrypt License

Section III.1.4 of the license (https://tldrlegal.com/license/truecrypt-license-version-3.0#fulltext) says that any code that you provide that is not part of the original TrueCrypt can be licensed under completely different terms, as long as the terms satisfy certain conditions listed in that section.

Re: Does the TrueCrypt License

Probably not much of a secret

http://www.reuters.com/article/2014/09/19/us-scotland-independence-idUSKBN0HB0O920140919

Re:Does the TrueCrypt License

Progressively rewriting a project does, eventually, remove the derivative status of the project. See also; BSD.

Re:Does the TrueCrypt License

[sexconker]

KFC's secret recipe leaked a while ago, and they're still around.
Chicken, grease, salt.

Re:Does the TrueCrypt License

So I can alter Microsofts code a bit, and put my own name one it? GREAT!

Re:Does the TrueCrypt License

[ihtoit]

pepper and monosodium glutamate.

Makes even town pigeons taste like chicken!

Re:Does the TrueCrypt License

[apraetor]

I think that's what the parent was implying. Until CipherShed is totally re-written it will still have portions encumbered by TrueCrypt licensing; a progressive refactoring would have the rapid time to market of a fork but without the predecessor's license (eventually).

Re:Does the TrueCrypt License

[viperidaenz]

I thought it was up, up, down, down, left, right, left, right, B, A, start

Re:Does the TrueCrypt License

select! by the gods, select!

Re:Does the TrueCrypt License

[Khashishi]

Isn't it like half-life though? You can always remove half more of the original code, but when can you be confident you got it all?

Re:Does the TrueCrypt License

git blame.

Re:Does the TrueCrypt License

Makes even town pigeons taste like chicken!

Avoid the Wood Pigeons. They give you splinters.

Shed??

you mean like the place where cliche pedos rape kids in the movies? nothing good has ever happened in a shed.

Re:Shed??

I got a blowjob in a shed.
Well, it was good for me, at least.

Re:Shed??

[GameboyRMH]

Lots of great things have been invented in a shed.

Re:Shed??

[CaptSlaq]

Like TVR.

FOSS names

[asmkm22]

Just curious. Is there some kind of unwritten rule that FOSS project names have to as crappy as possible? Is it just a translation thing, where maybe the name makes more sense or sounds better in the dev's native tongue? Has anyone been part of a FOSS project and was involved in the naming of it?

Re:FOSS names

The issue is finding a name NOT already in use by a commercial product. Even if the commercial product isn't even in the same product space, FOSS projects are wise to stay away from them, to minimise the chance of a C&D letter and other issues!

Re:FOSS names

[gigaherz]

The sillier the name the lower the chances someone will abuse that name for commercial reasons. Saves a lot of money on trademarks.

Re:FOSS names

I see this sort of comment a lot on /., and other than the unfortunate GIMP, I can't say I agree.
Could you maybe list some project names you find to be really good, to contrast with the "crappy" ones?

Re:FOSS names

[Marginal+Coward]

Not all FOSS project names are as crappy as possible. But one is. Have you heard about the new "Crappy" project: "Crappy's really a praiseworthy project, yutz".

Re:FOSS names

I suggest that they are highly technical people who just lack the aesthetic capability to come up with cool names. They talk about name ideas and throw something clunky like "CipherShed" on the table. Then they wank around that name so much that it starts to sound good in their heads.

Re:FOSS names

Just curious. Is there some kind of unwritten rule that FOSS project names have to as crappy as possible? Is it just a translation thing, where maybe the name makes more sense or sounds better in the dev's native tongue? Has anyone been part of a FOSS project and was involved in the naming of it?

Someone took a 1 with a hundred zeros and called it a company (Google).

Someone else grabbed a few consultants to eat a Latin dictionary for brunch one year. (Verizon)

And yet another one was just really excited to have a dot-com business (Yahoo).

Let's not pretend there are not bad names everywhere, because when you step back and look at these, these are spectacularly crappy.

Re:FOSS names

[jones_supa]

Good ones: Inkscape, Thunderbird, Blender, VirtualBox, Linux...

Crappy ones: GIMP, Tahoe-LAFS, Ubuntu, Kdenlive, XFCE...

I personally think that you hit the sweet spot when you have a name which sounds cool and professional, is easy to remember, and at least tries to vaguely describe the function of the program.

Re:FOSS names

[CaptSlaq]

You forgot that Google is also misspelled, so it's almost worse. The worst name I can think of off of the top of my head was the thankfully short lived "Flooz", despite Wikipedia stating that it has a reasonable base.

Re:FOSS names

I vote for EncryptItAll, or FullyEncrypted.

Re:FOSS names

Could you maybe list some project names you find to be really good, to contrast with the "crappy" ones?

A suite of open sourced office targeted utilities named Open Office.
Most of the Linux desktop environments have reasonable names (all the ones I've used, but I'm sure there are more I haven't heard of).
The big Linux distributions are all quite reasonable.
Most of the successful game console emulators have names that are informative and distinct.
For that matter, Wine only sounds odd until you realize the name comes from compressing 'Windows emulator' in a predictable manner.

What do those have in common? They're not trying to be some lame in-joke that would probably result in sexual harassment accusations if anyone outside the Slashdot/4chan/reddit communities ever heard the name.

Re:FOSS names

[sexconker]

The sillier the name the lower the chances someone will abuse that name for commercial reasons. Saves a lot of money on trademarks.

I'm happy to announce my new FOSS project: CUNTT. It's a universal network tracing tool.
It stands for "CUNTT isn't a Universal Network Tracing Tool".

Re:FOSS names

[sexconker]

LAME
WINE
MAME
etc.

LAME and WINE are especially terrible since their names are lies - LAME IS an MP3 encoder, and WINE IS an emulator (the word "emulation" is not restricted to emulating hardware or an instruction set).

Re:FOSS names

[Dragonslicer]

Good ones: Inkscape, Thunderbird, Blender, VirtualBox, Linux...

Crappy ones: GIMP, Tahoe-LAFS, Ubuntu, Kdenlive, XFCE...

I personally think that you hit the sweet spot when you have a name which sounds cool and professional, is easy to remember, and at least tries to vaguely describe the function of the program.

A lot of software fails your last requirement (Thunderbird, Blender, Linux for a lot of people), but that isn't limited to open source software. While Microsoft has the reasonably-named Windows and Word, they also have Outlook, Excel, and PowerPoint.

Re:FOSS names

No, WINE is not an emulator.

It is a library and runtime.

Re:FOSS names

Ha ha ha ha ha.
You remind me of the Synchronet External X-Modem, Y-Modem, and Z-Modem package (abbreviated SEXYZ).
Or the Synchronet EXternal Plain Old Telephone System (SEXPOTS).

Except, um, those are real.

Or the Unix one-liner:
date; cd ~; unzip; touch; strip; finger; mount; gasp; fsck; more; yes; fsck; fsck; fsck; more; umount; sleep; uptime; who

And that's it! There are no other sick/disgusting jokes/references on the Internet. Those are the only ones.

Re:FOSS names

That is brilliant. Never thought of it this way.

Re:FOSS names

Exactly! and LAME is not mp3 encoding. It's a patent-free encoding that is compatible with the vast majority of mp3 DEcoders. It is in fact considerably superior to mp3, and last I heard, is still under development (unlike mp3).

Re:FOSS names

[ihtoit]

WINE is a recursive acronym, it stands for "WINE Is Not an Emulator"...

Bit of a clue, there.

Re:FOSS names

[monkey999]

As well as the obvious GIMP theres BitchX, gnome-toaster, squid, the Security Administrator's Tool for Analyzing Networks (SATAN), Back Orifice (arguably cool as well) , touch, finger and fsck

Re:FOSS names

[sexconker]

WINE emulates bits of Windows, it is an emulator. it does not emulate hardware, an instruction set, or even all of Windows, but it is an emulator nonetheless.
In fact, WINE originally stood for "Windows Emulator", before clowns decided to change it to that recursive backronym lie.

Check your facts.

Re:FOSS names

[sexconker]

I don't know if you're joking or not.
LAME is in fact an encoder, and it infringes on tons of the MP3 patents held by Fraunhofer.
Originally, LAME was just a set of changes to existing encoders, and you were expected to provider your own copy of the encoder. That scheme went out the window really fucking quickly, though. LAME quickly became a full-fledged encoder in itself, infringing on many patents. I don't give a shit about the patents, but I do give a shit when people claim it isn't an encoder when it is.
Shitty fucking name.

Re:FOSS names

[sexconker]

WINE is a recursive acronym, it stands for "WINE Is Not an Emulator"...

Bit of a clue, there.

WINE originally stood for Windows Emulator.
WINE is in fact emulating bits of Windows - it is an emulator.
The backronym comes later.

It's a shitty name and propagate a shitty belief that it is not an emulator, that an emulator has some strict definition relating to hardware or instruction sets, etc.

I included it on my list for precisely these reasons, and your ignorant post validates those reasons nicely.

Re:FOSS names

[BronsCon]

and it infringes on tons of the MP3 patents held by Fraunhofer

I think you mean "infringed", as those patents have long expired.

Re:FOSS names

[ihtoit]

citations needed. My information comes from the WINE project, not your arse. WINE is a compatibility layer. A compatibility layer is not an emulator.

Re:FOSS names

[sexconker]

and it infringes on tons of the MP3 patents held by Fraunhofer

I think you mean "infringed", as those patents have long expired.

Have they? Do I care?
The point is that the LAME developers made the claim that LAME wasn't an encoder in order to skirt the patent infringement issue.
First they claimed they were only releasing changes, which was true. Then they were releasing a full encoder and claimed they were only releasing source code as as an educational effort and were not actually distributing an encoder so they weren't infringing on the patents (which is obviously bullshit). I don't think they were ever really pursued by the Fraunhofer people but I don't really care either way/ The fact is LAME is in fact an MP3 encoder, despite the name.

Re:FOSS names

[BronsCon]

When it was named that, it was ,in fact, *not* an MP3 encoder. In fact, that it now ships with an encoder at its core does not change the fact that the LAME project (the part built around that encoder), in and of itself, is not an MP3 encoder. It's called nuance, those little details that matter oh so much.

Did the eventually-included encoder violate patents? Yeah, probably. Does it now? No, they've expired. Is LAME the encoder? No, it just includes it.

Re:FOSS names

[sexconker]

"Citation needed" is the internet equivalent of "Nuh-uh! PROVE IT!" and "LALALALA I CAN'T HEAR YOU!".
Go look at the Wikipedia page, the kind of drivel morons like you slurp up.

The name Wine initially was an acronym for Windows emulator.[5] Its meaning later shifted to the recursive backronym, Wine is not an emulator in order to differentiate the software from CPU emulators.[6] While the name sometimes appears in the forms WINE and wine, the project developers have agreed to standardize on the form Wine.[7]

You lose.

The phrase "wine is not an emulator" is a reference to the fact that no processor code execution emulation occurs when running a Windows application under Wine. "Emulation" usually refers to the execution of compiled code intended for one processor (such as x86) by interpreting/recompiling software running on a different processor (such as PowerPC). Such emulation is almost always much slower than execution of the same code by the processor for which the code was compiled. In Wine, the Windows application's compiled x86 code runs at full native speed on the computer's x86 processor, just as it does when running under Windows. Windows system services are also supplied by Wine, in the form of wineserver.

Emulate (verb)
1 - To match or surpass (a person or achievement), typically by imitation.
2 - To imitate.

WINE is an emulator. It is not emulating hardware or an instruction set, it is emulating pieces of Windows. They initially claimed it was an emulator because it was. They later claimed it wasn't an emulator because they didn't want idiots (like yourself) to think that meant they were emulating hardware or an instruction set, and thus incurring a severe performance penalty. Emulation is absolutely not restricted to hardware or instruction sets, using recompilers, interpreters, or anything else.

Re:FOSS names

[fnj]

I'm not impressed by what it is named. It *IS* an amulator; fact; get over it.

Emulate: reproduce the function or action of (a different computer, software system, etc.).

So it's not an instruction-set emulator like qemu (was originally). Big deal. There are other things than instruction sets you can emulate.

Re:FOSS names

"WinExec: accept Unix commands, use Wine emulator."

Versions 0.0.2 and 0.0.1:

A handful of basic Windows functions are now emulated.

You're a fucking idiot. Try reading the logs before you spout off, grasshoppa.

Re:FOSS names

[fnj]

So you think fsck is something besides a descriptive abbreviation for File System Check? What about ls (List), rm (Remove), cp (Copy), or touch (literally, Touch File). Oh, I see. It's a pre-teen double entendre.

Re:FOSS names

Also, from the README of 0.4.0:

Grab a copy of Windows sol.exe (Solitaire) and run it with the command:

        wine sol.exe

Have a nice game of solitaire, but be careful. Emulation isn't perfect.
So, occassionally it will crash.

Re:FOSS names

Logs: best used for pwning people 21 years later in a flamewar.

captcha: centrist

Re:FOSS names

How do you think a compatibility layer achieves its goal? One method might be to run a target program remotely on a real Windows machine. The approach taken by WINE is to emulate Windows' API and loader.

Re:FOSS names

[monkey999]

So you think fsck is something besides a descriptive abbreviation for File System Check?

Dennis Ritchie thought so too:

Dennis Ritchie: “So fsck was originally called something else”
Question: “What was it called?”
Dennis Ritchie: "Well, the second letter was different"
~ Q&A at Usenix

I don't know if he was a pre-teen when he wrote it, but it's a bad name anyway because it doesn't suggest anything to do with the purpose of the tool.

Re:FOSS names

[WaywardGeek]

I find EncryptAll not bad. The bar here is not that high... just has to be an improvement. The guys on the CipherShed team would kill me for suggesting Pure-Crypt, but I think that's available and also aligns us well with Pure-Privacy, the new foundation promoting online privacy.

Re:FOSS names

[kaatochacha]

ugh.

Re:FOSS names

FreeCrypt - as in freedom or as in beer. Technologically-naive folks will find it easily when searching for free (as in beer) encryption stuff.
BrewCrypt - just kidding, but free-as-in-beer joke is obligatory and it at least rhymes with that other product.
Secrypt - Secure encryption for your companys secrets
DiskCrypt - probaly already in use by someone
TransCrypt - Cross-platform support for secure transfer of Windows/Mac/Linux encypted volumes.

General theme is two or three syllables at max. Riffing off EncryptAll, how about Cryptall - with a crystal logo? (Happy: Sounds like "Crypto", Sad: also sounds a little like "cripple"). Cryptvol? CryptMass (Ho ho ho, just kidding again :)

Or the cute animals route. Cryptmunk / Cryptmonk (chipmunk or scribe!), cheeks stuffed full of data... Squirrelcrypt, PelicanBrief (OK, just kidding, but pelicans are pretty neat), Armadillo (not to be confused with Aerospace), maybe pick something out of pop culture, like riffing off the Hunger Games with a variant of Mockingjay... Lots of options out there. Good luck!

Re: FOSS names

You check your facts.

WINE is an independently implemented API that happens to be compatible with Windows' API.

That is NOT emulsion. Unless you call Linux a "Unix Emulator".

Re:FOSS names

Outlook - obviously a program for designing custom cedar windows

Excel - clearly a program for managing competetive athletes

PowerPoint - electrical codes compliance management

Re:FOSS names

Microsoft may take offense treading against their own Critical Updates Notification Tool.

Re:FOSS names

I think it would be to similar to the (now renamed) Critical Update Notification Tool.

Re:FOSS names

[Xenna]

Cryptal is nice, with one L.
Chryptal is probable taking it a bit too far.

Re:FOSS names

[hackertourist]

I think there's one more criterium: the name has to avoid collisions. If you do an internet search for your program name and you need extra qualifiers to avoid unrelated stuff from ranking higher than the page you need, the name is bad.

Re:FOSS names

There's nothing wrong with Ubuntu if you pronounce it "oo-bun-too" instead of the official "oo-boon-too" that sounds like you're deaf and/or retarded.

Imho, xfce should buy a vowel and rename itself xface and change its icon from a mouse to X^D.

Re:FOSS names

[fisted]

Doesn't matter, as long as it's SomeThingCamelCased. /me pukes

Re:FOSS names

Reminded me of F.U.K.D and B.O.M.B.D

Re: FOSS names

That is NOT emulsion.

You are correct, sir, although the final product may indeed be indistinguishable from mayonnaise.

Re:FOSS names

[silentcoder]

It's a bunch of libraries with an interface compatible with a different library, recreated as a clean-room implementation.

If that's an "emulator" then Android is using a JAVA emulator !

Hell it means every library ever released that's backwards compatible is "emulating" the previous version !

Re:FOSS names

[DarthVain]

Not sure if it is FOSS, but I always thought DosBox was a good one.

How about CryptCipher or CipherCrypt? Heck CipherBox or CryptBox would be better than Shed.

When I think about how hard it is to break into my garden shed, the answer is "not hard". Not exactly the image you want for your cryptographic software.

CryptoCipher... or following the names you hate just call it CC.

Straw

CipherShed, because the roof is made of straw and the foundation made of sand (gotcha!)

Re:Straw

Just like Windows. Idiot.

Fine as long as

They don't use a terrible unfree (as in the actual definition) license like GPL.

Re:Fine as long as

[fnj]

Really? But by implication you'd be totally fine with closed source (as in Microsoft)? Just asking.

Re:Fine as long as

For the sake of keeping these tools out of the greedy hands of corporations [...] Locking this technology up behind a paywall won't do anyone any good.

Another idiot buys into the GNU/propaganda that close sourcing software magically makes all previous version of it disappear from the face of the earth. All types of software can benefit from encryption. If say Windows 10 integrated it into their OS, then that wouldn't magically make it illegal for *BSD, MINIX, or whatever to do the same nor hurt stand alone packages in anyway and the world would be a less spy friendly place because of it.

Re:Fine as long as

Good luck with that years old "free" BSD licensed crap, that no one is updating, because those who could won't bother and are buying it from some corporation that does, but not under BSD license. Yeah, who stupid now,.

Expect a FISA or PRISM notice in...

[Bomarc]

How long before they get a FISA or PRISM notice?
Wonder if they will have a "Warrant Canary" posting.

Re:Expect a FISA or PRISM notice in...

Or they just outright post the damn security letter and tell the NSA to fuck off.

Re:Expect a FISA or PRISM notice in...

I think once they know where to send the letter, posting it might not be such a bright idea.

Re:Expect a FISA or PRISM notice in...

[apraetor]

The problem with multi-person assurance games is that they require everyone to cooperate to maximize the payoff. Think of it like the Prisoner's Dilemma, where "civil disobedience" is the "cooperation" case, and "keeping quiet" is the "defection" case. From Wikipedia: The dilemma then is that mutual cooperation yields a better outcome than mutual defection but it is not the rational outcome because the choice to cooperate, at the individual level, is not rational from a self-interested point of view.

Re:Expect a FISA or PRISM notice in...

[WaywardGeek]

Some people post warrat canaries, but I stopped. Our current defense strategy is having developers around the world. Also, we have weekly voice meetings that are hard to fake, and enable us to know we're dealing with the same person each week.

Personally, I've boning up on skills for finding weaknesses in crypto code. I just did a 2-week marathon of being a huge a-hole over at the Password Hashing Competition. Telling people why you think their algorithms are not secure does not make you popular, but I have to admit it was fun. Applying the same sort of analysis to TrueCrypt makes me want to set my hair on fire.

TrueCrypt's saving grace is that it is not an on-line app. Even in the first "rebranding" release, we're removing it's tendency to ping the Internet whenever you click on a help button. If an attacker could hack the volume data, for example, he'd totally pwn TrueCrypt. But... in that case, he already owns you most likely.

Re:Expect a FISA or PRISM notice in...

[Cafe+Alpha]

Since it's an open sourced project, the only ways they could maintain a back door would be:
1) find a pre-existing flaw, and either hope it isn't fixed or threaten each developer to keep them from fixing or mentioning that flaw.. Perhaps they could monitor the developers and catch them as soon as they talk about a flaw privately
2) threaten a developer and REQUIRE him to add a flaw and not reveal that he's doing it.

1) is a harder case, but it can partially be prevented by making all communication through a public forum. 2) could be prevented by treating every change to the code as a possible attack and reviewing it publicly by multiple people... But even then it could be let through by the government getting to everyone involved first. Danger could be detected by people dropping out of the project or changes not being reviewed publicly anymore.

Re:Expect a FISA or PRISM notice in...

In line with the other talk about project naming in this thread, we can add that "FISA" is the exact Swedish word meaning "to fart". (Also, "fart" in Swedish means "speed". Abundant hilarity.)

Why does this always happen?

[westlake]

They're obviously using my HorribleNameGenerator library. I'm proud to have contributed to so many FOSS projects.

Nothing inspires more confidence in a complex cryptographic system than a name like "CipherShed.'

Is the geek born with this impulse to shoot himself in the foot?

Re:Why does this always happen?

[GameboyRMH]

It's not a commercial product so who cares if some PHB who thinks the name of an application is important doesn't like it?

And if they wanted to make it a commercial product, they could market it under a different name like SecureVault, or more likely Zitzzers since all the real words are no longer available.

Re:Why does this always happen?

[MightyMartian]

It's better than EncryptoBarn or KeyHaul.

Re:Why does this always happen?

Cut them some slack. At least they're not going the crowdfunding route of bad spelling.

CyfaShed(TM)

Re:Why does this always happen?

[UnknownSoldier]

Hey, it could be worse -- they could of picked a retarded name like the GIMP team ...

/me ducks

Re:Why does this always happen?

LibreCrypt wasn't available?lol

Re:Why does this always happen?

[Agent0013]

It's not a commercial product so who cares if some PHB who thinks the name of an application is important doesn't like it?

This makes me think of all the horrible names that Microsoft has chosen for their products. :-)

Re:Why does this always happen?

[s.petry]

Their first choice was TrueCrypt, but that would not have worked so well...

Re:Why does this always happen?

How about "ScrewCrypt"

Re:Why does this always happen?

Don't see your point. What exactly is wroing with Gnu IMage Processor?

Re:Why does this always happen?

[idontgno]

SecretShack?

Re:Why does this always happen?

The acronym.

Re:Why does this always happen?

[ihtoit]

Dammit, I was going to go with "Popplers" or "Tastecicles".

Re:Why does this always happen?

[viperidaenz]

What about PetProjectOfSomeGuyThatWillGetAbandonedToo?

Re:Why does this always happen?

[Noah+Haders]

It's better than EncryptoBarn or KeyHaul.

Lol I would totally store my shizz in an encryptobarn.

Re:Why does this always happen?

The word "gimp" is considered an rude and offensive word to describe "a physically handicapped or lame person".

Re:Why does this always happen?

[westlake]

It's not a commercial product so who cares if some PHB who thinks the name of an application is important doesn't like it?

If the geek wants encryption to become universal, he has to remove any and all barriers to adoption, both technical and psychological. That implies reaching out to the PHB, the home and SOHO user, and so on.

Re:Why does this always happen?

[CreatureComfort]

Howbout...MaybeCrypt? Wouldn't want to use FalseCrypt...

I've got it! SchrödingersCrypt!

Re:Why does this always happen?

[s.petry]

Hahaha!!

Re:Why does this always happen?

[ncc74656]

Dammit, I was going to go with "Popplers"

Already taken.

Re:Why does this always happen?

The word "gimp" is considered an rude and offensive word to describe "a physically handicapped or lame person".

No it isn't.

Re:Why does this always happen?

Haha just watched that last night :-D

Re: Why does this always happen?

Correct the real issue is does it work as well or better than True crypt

Re:Why does this always happen?

[The+Snowman]

Nothing inspires more confidence in a complex cryptographic system than a name like "CipherShed.'

At least they did not call it The Gimp.

Re:Why does this always happen?

[qpqp]

The 90s called, they want their anti-OSS rhetoric back.

Re:Why does this always happen?

[flyingfsck]

Aww come-on, what is wrong with squirting songs with your Zune??? ;)

Re:Why does this always happen?

[flyingfsck]

There is nothing wrong with the word gimp in most of the civilized world. It is only a slightly derogatory teenager slang word in some US high schools.

Re:Why does this always happen?

[viperidaenz]

I'm all for open source software.
There's some good projects out there and I've contributed to a few of them. Most are shit though.

Re: Why does this always happen?

How about PimpCrypt?

Re: Why does this always happen?

[Threni]

Yes but that's an even stupider name.

Re: Why does this always happen?

[Threni]

If people don't want to use it then nobody else can force them. Or care, come to that. I'll continue to use it no matter how specious the arguments for not using it become.

Re:Why does this always happen?

Stick a Zune up there on vibrate and you'll get plenty of squirts, and the accompanying vocals could be mistaken for some song...

Re:Why does this always happen?

[alci63]

humm... I'm not a native english speaker, so to me it sound like all those globish trademarks and buzz words, that is... foreign and globish. So, it does mean somethings or has some connotation for native english speakers ?

Re: Why does this always happen?

[shonangreg]

"Shed" sounds like a cheap, DIY building in the country or on your litter-strewn backyard. "Shack" has similar connotations. I don't think there is actually anything that wrong with the name. If the CipherShed product is high quality, then the "shed" part well be imagined as a clean, well-constructed small building in a well-maintained lawn. Some people have to bitch, though.

Re: Why does this always happen?

Yes it is...

http://www.urbandictionary.com/define.php?term=gimp

Re:Why does this always happen?

[davydagger]

oh nothing:

https://www.youtube.com/watch?v=yZ4w41ZYY9A

BRING OUT THE GIMP.

something about being stored in a closet being only taken out for dirty nasty degrading homosex

Name needs improvment

The name needs an improvement so I suggest C!pherShedz

They've already screwed the pooch.

[tlambert]

They've already screwed the pooch.

They've published the source archive under the original TrueCrypt license. As a result, unless there's a legal entity (person or company) to which all contributors make an assignment of rights, or they keep the commit rights down to a "select group" that has agreed already to relicense the code, they will not be able to later release the code under an alternate license, since all contributions will be derivative works and subject to the TrueCrypt license (as the TrueCrypt license still in the source tree makes clear).

The way you do these things is: sanitize, relicense, THEN announce. Anyone who wants to contribute as a result of the announcement can't, without addressing the relicensing issue without having already picked a new license.

Re:They've already screwed the pooch.

no they were screwed the moment an american was included in their organization considering the global reach the feds love to exercise. the project is already suspect and should be considered tainted.

Re:They've already screwed the pooch.

[Kjella]

First of all, there's very little in a rebranding effort that will be of any significance if they're looking to relicense. The tricky part is that they must replicate the functionality from scratch, without getting derivative - typing it up again or changing the function or variable names won't be enough. That's a job they have to do in parallel, in the background until they're ready to ditch CipherShed 1.x (based on TrueCrypt) and release CipherShed 2.0 based entirely on non-TrueCrypt source code under the new license.

Yes, you might argue that they should do it in bits and pieces to the current source tree with dual licensed code, but that will make it harder to make non-derivative code. If you keep making things that fit into the current project, the internal structure will be very similar which is a bad thing from a legal point of view. I guess if you're interested in making new code for the new version they'll tell you what license they plan to use. Or you could dual license it TrueCrypt/BSD yourself, since that'll work no matter what they pick.

Re:They've already screwed the pooch.

Dude, you're typing on a machine using the 8086 instruction set designed by an AMERICAN! (dun DUN DUUNNNN) Everything you type is now irrevocably tainted. It is now your patriotic duty to self-terminate.

Re:They've already screwed the pooch.

So do tell which nationality it should it have been that would not carry the exact same implications? Russian? French? UK? China? We can all smell the foul odor coming from your bigoted taint.

Re:They've already screwed the pooch.

The U.S. Patent and Trademark office don't honor the law any more. Just look at what they did with the "Red Skins".

Re:They've already screwed the pooch.

[viperidaenz]

or an ARM instruction set, designed by poms.

Re:They've already screwed the pooch.

I typed it from my iPad, you faggot.

Re:They've already screwed the pooch.

[WaywardGeek]

This is not correct. Each individual file in TrueCrypt has a clear copyright notice at the top. Every file with any E4M license will be replaced from scratch. After that, we'll do the files that have TrueCrypt license, though mainly so we can migrate to a better FOSS license.

Re:They've already screwed the pooch.

I think you - and them - missed the part where this is a derivative of the TrueCrypt source, which is where the 'screwing the pooch' must have occurred.

You can't just take a project's code and re-license it, but they've stated that as their intention.

You can't create a clean-room implementation out of the original source, you can't "derive it away".

Unless the original TrueCrypt license allows you to freely relicense it, this entire idea is broken from the start.

Re:They've already screwed the pooch.

[complete+loony]

Apparently any new code they write can co-exist with a different license. So they intend to slowly replace it all.

Name it "Librecrypt"

Like libreoffice and the other libre crap.

Veracrypt

Veracrypt seems to be similar inconcept but has made several releases so far and added some fixes from the code audit. This one OTOH has yet to release a version. It'd be good to have someone emerge the "generally recognized best" successor.

Re:Veracrypt

[Kjella]

Veracrypt seems to be similar inconcept but has made several releases so far and added some fixes from the code audit. This one OTOH has yet to release a version. It'd be good to have someone emerge the "generally recognized best" successor.

Veracrypt is also a one-man copyright fraud. No, not just infringement but as in actually taking the Truecrypt code and slapping another license on it. That project stinks to high heaven.

Re:Veracrypt

[xeio87]

It's interesting though, if the authors of TrueCrypt really do want to stay anonymous... how will they ever exercise their copyright? Or for that matter prove that they ever owned the project in the first place?

Re:Veracrypt

IANAL but I suspect you are not either. The Truecrypt heritage of Veracrypt is disclosed fully, which is what I gathered the authors wanted. Also it does not appear to have anyone making money over it, and it seems to have the "truecrypt" name removed, which was what the original license asked.

The original license was not GPL, Mozilla nor other familiar ones, but far as I could tell restricted copies only if the copies used the original name. With a new name that is I think ok. More importantly it appears actual development is going on with that one to fix a few bugs (so far) and add a bit of capability.

Are the legal comments in here coming from FBI/NSA/CIA/DoJ et alia groups to make this program go away?

Re:Veracrypt

[Luckyo]

How is it a violation of TrueCrypt's license when TrueCrypt's license specifically ALLOWS for this?

For the idiots who can't even read the story: TrueCrypt's license allows for taking all the code and reusing it, with only requirement being using a different name.

Was the name.

. VeraCipher taken?

Hipsters... hipsters everywhere

Stupid name, first screenshot on OSX.
Meh.

YEEAAHHHH!!!!!

This news seriously made my day (an no I don't care about the name). I have TrueCrypt running on all my machines and couldn't live without it. It gives me great piece of mind should a computer be stolen or lost. TrueCrypt was a breathe to install and use and, while I have not looked into the code, is vastly superior to having no encryption at all or using a commercial product which is almost certainly back-doored. I hope this project gets off the ground.

But who?

[koan]

Is really writing the code?

Re:But who?

Doesn't matter as long as you can see the code.

Re:But who?

[jpyeron]

See https://ciphershed.org/about

and

https://lists.ciphershed.org/p...

Re:But who?

[koan]

Does to me.

Like LAME

[tepples]

They hope to rewrite and replace code until they have something new they can release under a standard OSI-approved license.

LAME was developed in the same way, by replacing pieces of the ISO's reference MP3 encoder until it was finished in May 2000. Is there a better name for this "ship of Theseus" method?

Re:Like LAME

[Orestesx]

"Clean Room Design"
"Chinese Wall Implementation"
"Brewer and Nash Model"

The key isn't replacing the code...it's replacing the code in such a way that it does not infringe on the copyright of the original code. Usually this means new code created by someone with no knowledge of the original code, therefore it cannot be a derivative work, therefore it does not infringe on the original copyright.

Re:Like LAME

[Bill_the_Engineer]

Since they are working with the original source code and simply implementing new code with a different license, I don't think those three terms you gave apply. When I think of "Clean Room Design", I think of programmers who program a different implementation knowing only the API and the expected results of the subroutine, method, or entire Application.

This is probably more of a "wink... wink.. Clean Room Design... cough... cough."

Re:Like LAME

Exactly!

And to be truely original, they might as well start from scratch now. Otherwise, anything they come up with would just be an infringement.

Re:Like LAME

[WaywardGeek]

Infringement has a lot to do with who you're pissing off. I this case, I am not so worried about the original TrueCrypt team. These guys did a ton of work for years, almost for free, because they thought the world needed it. Well, the world still needs it, and we have some new volunteers (but need more!). The E4M owner has some gripes about use of E4M licensed code in the tool. I think we need to focus on the E4M code and get it out of there ASAP. We can then take some more time to redo the whole GUI and everything else.

Re:Like LAME

[myowntrueself]

Is there a better name for this "ship of Theseus" method?

How about Neurath's boat?

Popular?

Is this actually popular or is this a Slashdot obsession?

GIMP, Ubuntu, Xfce

[tepples]

Crappy ones: GIMP, Tahoe-LAFS, Ubuntu, Kdenlive, XFCE...

As a user of Xubuntu who brings out the GIMP at least twice a week, I'm interested in how you'd name them better.

• What better name would you suggest for the GNU Image Manipulation Program? It "at least tries to vaguely describe the function of the program".
• How is Blender (English for "food processor", referring to a 3D modeling app) any better than Ubuntu (Zulu for "humankind", referring to a Linux distribution)? Is it just that English is historically more prestigious than Zulu as a naming language?
• Xfce (XForms Common Environment) used to be descriptive back when it used XForms, but it became an artifact title once Xfce switched to GTK+. The X part can be reinterpreted to refer to the X Window System, but then the F needs a meaning, a problem that it shares with FVWM (Something Virtual Window Manager).

Re:GIMP, Ubuntu, Xfce

What better name would you suggest for the GNU Image Manipulation Program? It "at least tries to vaguely describe the function of the program".

Off the top of my head, Photozizer would be better.

And I say this as someone who, years ago, installed the GIMP on a disabled co-worker's machine. He was not enamored of the name, but still went ahead and used it. It's a hurdle for some people which shouldn't be there.

Re:GIMP, Ubuntu, Xfce

[mrchaotica]

What better name would you suggest for the GNU Image Manipulation Program?

GNUImage?

Or, what's the Zulu word for "Photoshop?" ; )

How is Blender (English for "food processor", referring to a 3D modeling app) any better than Ubuntu (Zulu for "humankind", referring to a Linux distribution)?

1. Artists blend colors and shapes. 2. Blenders and food processors are not the same appliance -- the former liquifies; the latter dices. 3. I agree that Ubuntu isn't a bad name.

Xfce (XForms Common Environment) used to be descriptive

Any new user: "WTF does 'common environment' mean, and why would I want one made out of 'Xforms' (whatever those are)?!"

Aside from that, you could do a lot worse than a random unpronounceable but short acronym when trying to come up with a name for something these days...

Re:GIMP, Ubuntu, Xfce

brings out the GIMP at least twice a week

The fact that that phrase made me snicker suggests to me that finding a better name would be worthwhile.

Re:GIMP, Ubuntu, Xfce

> The X part can be reinterpreted to refer to the X Window System,
> but then the F needs a meaning,

F uck you GNOME?

Re:GIMP, Ubuntu, Xfce

[WaywardGeek]

I totally agree with your list, which means you are better than most of us geeks at picking, or at least evaluating names. I would love an alternative to CipherShed. I bet you could help here. Can you think of better names.

I like the name password-hashing entry in the PHC called OmegaCrypt. I was considering contacting the author, Brandon, to see if he'd let us use it. Some people on the CipherShed project don't want either True or Crypt in the name, partly for fear of trade-mark dispute, and partly to show that we're doing an honest clean fork, with an intent to rewrite it all under a popular FOSS license (the latest BSD license is currently the leading condender).

Re:GIMP, Ubuntu, Xfce

[dactylus]

I definitely have avoided promoting GIMP to friends and colleagues because of the stupid name. You could make it "GNU Image", "GNU Image Editor", "GNUPic", or dozens of other titles that don't bring to mind enfeebling disabilities or that disturbing scene from Pulp Fiction.

Re:GIMP, Ubuntu, Xfce

Any new user: "WTF does 'common environment' mean, and why would I want one made out of 'Xforms' (whatever those are)?!"

That is what the parent was getting at with the "artifact title" thing. XFCE stood for something, but it no longer made sense to call it that at one point. So they changed the name to Xfce, and now it means nothing.

There are many examples in the world today that are along the same lines. Company names that were once acronyms that once stood for something but no longer do include: AAA, KFC, AT&T, and WWE. Some words that are common today that were once acronyms as well, however, the only one I can think of off the top of my head in the moment is laser.

Re:GIMP, Ubuntu, Xfce

[jones_supa]

How about "Confidisk"?

Re:GIMP, Ubuntu, Xfce

I like it. Good name.

Fine as long as

[jordanjay29]

For the sake of keeping these tools out of the greedy hands of corporations, I'd almost be okay with using GPL for this project. It's not a cool license for developers, but I'd almost consider the value for end-users more important in this case. Locking this technology up behind a paywall won't do anyone any good.

I guess FalseCrypt was taken

[gatkinso]

CipherShed indeed.

Re:I guess FalseCrypt was taken

[NReitzel]

Strange that you should mention this. In point of fact, they released the source code.

Let's read that again:

      They Released The Source Code

Dude, that genie is -out- of the bottle. The source builds easily on several platforms, and produces a nice functional FakeCrypt wherever you might want it. Now, let us examine the implications of litigation against people who have brought up their own version.

First, ostensibly honest people who just want some security will be the targets. And what will happen to fundamental terrorist groups? Why, nothing of course. They will have strong crypto and being sued for copyright infringement is the very least of their worries, since they intend on doing rather nastily illegal acts in any case. Law abiding people get harassed, the bad guys don't give a crap.

Are you listening, NSA? What you've done, so you can intercept Aunt Mabel's sex texts, is force the use of this strong package underground. Your only recourse is going to be making any use of crypto illegal, which may in fact have been where you were going in the first place.

You guys are -supposed- to defend the Constitution of the United States. I've actually listened to the oath. The idea is not, and never has been, that the people are entitled to Life, Liberty, and the Pursuit of Happiness as long as it is under strict government supervision.

Re:I guess FalseCrypt was taken

I would have gone with PostCrypt.

Or PoesCrypt.

nevermore

nevermore

CipherShed

Where has he shed?

Gartner

Gartner says we should keep using it even though the makers said it was compromised and we should walk away from it.

It's reasons like that that I do not trust, nor recommend the Gartner Group for anything.

I prefer doxbox

[monkey999]

I like the doxbox project - it works with linux crypto containers as well. Its a fork of freeotfe that was always better than truecrypt because its easier to use and has a license that encourages people to contribute.

Re:I prefer doxbox

[ron_ivi]

Thank You!!! I've occasionally looked for something exactly like this.

Secure? Wordpress?

[X10]

Their site says "proudly powered by wordpress". Err, "security", "wordpress", isn't that mutually exclusive?

Re:Secure? Wordpress?

[thatkid_2002]

You beat me to it. You can't write security software and have a Wordpress based website. It's just insane. My trust level went from 70% to 0% as soon as I noticed Wordpress in the footer.
Go use Nikola (or similar). You can easily maintain the website publicly within a Git repo!

Re:Secure? Wordpress?

And here is why so many open-source projects fail.
"Let's make an encryption engine"
"Right, but first we need a website. Let's use Wordpress because that's easy"
"But Wordpress isn't safe according to my arbitrarilly narrow definition"
"You're right, let's first develop a secure alternative to Wordpress. When that's done, we can start working on our original intended software!"

Then when they're about to start with the secure alternative to Wordpress, they realize that Apache isn't secure by some guy's arbitrary definition. Rinse, repeat.

best news all day

[CosaNostra+Pizza+Inc]

This is great news and honestly, its the best news I've had today.

What's in a name?

Although I suppose even Slartibartfast is better than DiskScramblr.

Re:What's in a name?

[thatkid_2002]

I think CiperhShed is one of the slickest names I've seen...
Yes, there is some poorly named Open Source software but the majority is really on-par with proprietary shit.

Re:What's in a name?

I think CiperhShed is one of the slickest names I've seen...

Agreed, CipherShed is fine name. Those thinking it's too modest or downplays capabilities should remember in Bletchley Park grand work was done in huts.

Might as well call it...

Microcrypt or Prismcrypt or NSAcrypt. Once truecrypt went bellyup who knows whats hidden deep in the code.

Boolean

FalseCrypt!

librecrypt

Surely this should be LibreCrypt?

Licensing?

Who's going to enforce the license the code is under? The project was abandoned by its anonymous authors so why is it not a free for all?

GIMP

[dutchwhizzman]

It's not as if their excellent communication skills or competitiveness with professional programs has anything to do with it. They even got a reference in a Tarantino movie which I am sure was to honor their excellent contact with the graphics design professionals.

Used to be Cipher-Two-Sheds...

[qw(name)]

But then he sold one.

Re:Used to be Cipher-Two-Sheds...

Did they develop the code...in the shed?

What about CryptKeeper

[OutOnARock]

CryptKeeper, owned by HBO?

Re:"CipherShed"- What about BlueCrypt?

Blue because we are sad truecrypt is gone/?

BeerCrypt

[hodet]

Well we only had one Beer story today, so I nominate BeerCrypt. Because we all love beer and crypto. It's a no brainer and the quicker you bring Cipher-Shed behind the wood shed the better. Let Mcafee have Endpoint and Microsoft have BitLocker. Nice catchy names to make the most hard assed CEO blush and gush. BeerCrypt. You know you want it.

Fuck TrueCrypt

You're a goddamn fool to believe any of your encryption actually works.

I'm posting AC because these wimpy ass mods don't want to hear the truth.

don't care squat

[monkey999]

Why worry about squatters, if ironcrypt.org is taken just use ironcrypt.foo. My favorite open-source transparent crypto product uses doxbox.eu; doxbox.org is something else - who cares?

how about "InvisiFile"?

[cellocgw]

That's easy to pronounce, and since part of the intent of the encryption software is to present a disk with no evidence of there being an encrypted file, the 'invisibility' part may make sense to the nontechies.

I was going to suggest Data-B-Gone but that's probably trademarked by QVC :-)

Re:how about "InvisiFile"?

You mean NonDesCrypt?

Cryptless

Because less is more

do you mean DosBox?

[kevlar_rat]

Thanks for posting this. I am the maintainer of DoxBox. If you have any questions or want to flame me about the name, go ahead.

Won't take off

There are two reasons for this fork to not getting any success:

1. TERRIBLE name.
2. There are 5 dudes and two of them are already "directors". One of them being "director of marketing", and marketing means sales. Dudes simply want to cash in on someone else's product.

I guess they dream about the success story of PGP Corp, but since I have no idea who they are and whether their product will be as secure as TrueCrypt, I am going to use the TrueCrypt 7.1a till it works, and then see for alternatives, with that CounterStrike not being one of them. Sorry, Cipe... Cipher Shed. Whatever.

Re:"CipherShed" --> OneCrypt

[Ted+Stoner]

OneCrypt. One = true zero = false.

~crypt

[irishatheist]

How about TildeCrypt, a pun on until decrypt-ed, for those who have had to wait hours to decrypt hp notebook hard disks before installing a bios and utility partition update before re-encrypting.

Mod me troll, I know you want to.

Apparently any new code they write can co-exist with a different license. So they intend to slowly replace it all.

With what, code under a license that doesn't allow that? Yes, because then it's more free, isn't it? ...especially if you redefine "free" to mean whatever you want.

AFAICT, the only reason everyone believes TrueCrypt's license is so unacceptable is because it isn't GPL compatible. Meanwhile, it appears to be compatible with any other open source license, as the GPL is the only open source license that requires that the entire program be under a single license. This is why everyone says it's a viral license. You can't contribute BSD-licensed code to a GPL project, and you can't contribute GPL-licensed code to a BSD project, because in both cases the GPL requires that the entire project be GPL-licensed. The BSD license, on the other hand, would be just fine with dual licensing.

I can only guess that their plan here is to use a BSD license as a stepping stone until they remove all of the original TrueCrypt code, then they'll relicense it under the GPL. Which would be just fitting, as it seems a lot of GPL code comes from BSD code that is merely relicensed.

How ridiculous. You got the code, it's under an open source license, use your time to improve it rather than to rewrite it just to further promote that damn viral license. Just make your changes BSD licensed or anything other than GPL if you don't like TrueCrypt's license.

VeriKrypt

[stigweard]

VeriKrypt would be a translation into mixed Latin & Greek.

CypherShed name BAD

I know it's not super original, but how about DarkVault?

FortKnox

[DarthVain]

Another catchy one that is easy to remember that most people could identify with would be "FortKnox"... a very secure environment for your valuables... Then again, maybe it is taken or trademarked or something.

NotablySafeArchival?

[DarthVain]

or perhaps CipherIndexedArray?

I can't think of one for FBI. :)

rose by any other

Wayward, thanks for working on CipherShed.

I don't much care what you call it (as long as it's not NSFW), and I expect a lot of other folks don't care, either.

I actually like "shed," as it is a nice visual metaphor for the container-based encryption model of TrueCrypt. It's easy to imagine the phrase "container" dropping away from casual usage. "Yeah, I had all my files in a ciphershed, so whoever stole my laptop won't get anything."

The word "shed" is also amusingly modest, much like "pretty good privacy," so more credit for that. By contrast, "vault" sounds stuffy & self-important, which might be good for corporate adoption.

Canada is much easier...

[DarthVain]

CipherSecureInformationSystem

and

CryptSecureEasyCipher

Re:"CipherShed" alternate names.

Stream of consciousness naming.
CryptTrue->
CryptTwo->
CryptToo->
CryptYou

Basically, nothing with sheds(or other outhouse-like names), something with Crypt in it.

Who is driving?

Is that the NSA I smell?