Slashdot Mirror
Tomb, a Successor To TrueCrypt For Linux Geeks
jaromil writes: Last day we released Tomb version 2.1 with improvements to stability, documentation and translations. Tomb is just a ZSh script wrapping around cryptsetup, gpg and other tools to facilitate the creation and management of LUKS encrypted volumes with features like key separation, steganography, off-line search, QRcode paper backups etc. In designing Tomb we struggle for minimalism and readability, convinced that the increasing complexity of personal technology is the root of many vulnerabilities the world is witnessing today — and this approach turns out to be very successful, judging from the wide adoption, appreciation and contributions our project has received especially after the demise of TrueCrypt.
As maintainer of the software I wonder what Slashdot readers think about what we are doing, how we are doing it and more in general about the need for simplicity in secure systems, a debate I perceive as transversal to many other GNU/Linux/BSD projects and their evolution. Given the increasing responsibility in maintaining such a software, considering the human-interface side of things is an easy to reach surface of attack, I can certainly use some advice and criticism.
As maintainer of the software I wonder what Slashdot readers think about what we are doing, how we are doing it and more in general about the need for simplicity in secure systems, a debate I perceive as transversal to many other GNU/Linux/BSD projects and their evolution. Given the increasing responsibility in maintaining such a software, considering the human-interface side of things is an easy to reach surface of attack, I can certainly use some advice and criticism.
Replace the word "republicans" with "ruling class" and you'll be closer to the truth. Why do you think the Demoplicans are any different than the Republicrats?
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Curious about your manipulation of to the Devuan project passing via a personal attack against me.
Read again. I said you were involved with extremists. Not that you were one of them. They damage the credibility of anyone with genuine problems with systemd.
BTW are you Kevin McCurley of Digicrime, based in San Jose?
Isn't this game boring?
[Yawn] Yes to the second question.
Yet I have to reply because your claims about Devuan are false:
1- we don't demand no-one else should be able to use systemd.
Never said you did. Nor that you speak for everyone that was involved in that project. Read again - the words have not changed. I said you were "eccentric" and that you are behind dynobolic - and further, that you should be judged by your code. Twisting my words and implying that you "know who I am" does nothing to improve your image.
our fund-raise is accountable the financial responsibility is taken up by a non-profit organization registered since more than 10 years, our financial report is public and reasonably detailed
That posting of the "financial reports" is the first time you' ve published any information about business registration. Where is the posted information about dyne.org? Where are all those certified accounts available? Why doesn't Archive.org have them?
And no, that's not transparent accounting. I have no reason to believe you are engaging in fraud - or even paying yourself to design logos.
Transparent "accounting" is when expenditures are detailed (show where the money went - not on what) and are certified by a registered accountant as being true and complete, and made public. You've only done the last part.
SFI is a registered non-profit. Debian is a registered non-profit funded by SFI, and other organisations. All display that information as required by law and produce annual returns certified by registered accountants. Just as gnu.org does.
I'd already checked your non-profit status, but your "financial reports" only appeared recently and it's only in them that your business registration is mentioned.
The devuan domain is not registered in the name of the business operator (you).
As a fork of Debian Devuan was doomed to failure from the start. Good intentions on your part not-withstanding.
Repackaging would have been a more viable ambition, and less divisive. I still think there is a need for such a project. It is more likely to succeed if it operates in a responsible manner. Any project that forks from Debian because it doesn't trust systemd (which is not a necessity if you use Debian), while composed of anonymous "veteran Unix administrators" will be treated with the suspicion it deserves. Feel free to play all the "I know who you are and where you live" games you like. As long as your games are just in your head they're games without consequences.
Dyne is a laudable project in it's own right - and if you re-read what I said you'll find I didn't damn Tomb.
As for some to the people that associated with the Devuan project - and some of your conduct on various forums... my opinions haven't changed. Before you get on your moral platform with your knickers in a twist because you believe I've impugned your reputation - get a time machine and go back and undo all the allegations, slurs, and FUD that you've left behind you in the past. Most of it's still there preserved for posterity.