Delist DiskCryptor #1491

Merged
dngray merged 2 commits from pr-remove_diskcryptor into master 2019-11-16 03:50:52 +00:00
dngray commented 2019-11-14 15:26:10 +00:00 (Migrated from github.com)

Windows only encryption software which has not been updated since version 1.1.846.118 was released on 2014-07-09.

Website certificate has been expired since on 2019-06-22 which is 4 months, 23 days ago, this is unacceptable for encryption software.

An attack could occur whereby someone could be subject to a MiTM and accept a fraudulent certificate. gpg signatures could be also replaced with this kind of attack so that makes gpg signing the binary pointless. Many people don't check these anyway.

On a side note there appears to be no administrative moderation on their forums. Allowing posts like this one in your release thread which declare "UEFI" a security risk because of some ancient CVEs (that were fixed), should not be allowed.

UEFI in turn brings Secure Boot which provide extra protection against a person booting unsigned binaries on your device should they gain physical access. It can be completely controlled on most good motherboards, and in fact I do this. In addition the use of TPM requires UEFI which is something that can provide further security.

Windows only encryption software which has not been updated since version 1.1.846.118 was released on 2014-07-09. Website certificate has been expired **since on 2019-06-22** which is 4 months, 23 days ago, this is **unacceptable** for encryption software. An attack could occur whereby someone could be subject to a [MiTM](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) and accept a fraudulent certificate. gpg signatures could be also replaced with this kind of attack so that makes gpg signing the binary pointless. Many people don't check these anyway. On a side note there appears to be **no** administrative moderation on their forums. Allowing [posts like this one](https://diskcryptor.net/forum/index.php?topic=5424.msg12276#msg12276) in your release thread which declare "UEFI" a security risk because of some ancient CVEs (that were fixed), should not be allowed. UEFI in turn brings [Secure Boot](https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#Secure_boot) which provide extra protection against a person booting unsigned binaries on your device should they gain physical access. It can be [completely controlled](http://www.rodsbooks.com/efi-bootloaders/controlling-sb.html) on most good motherboards, and in fact [I do this](https://wiki.archlinux.org/index.php/Secure_Boot#Using_your_own_keys). In addition the use of [TPM](https://en.wikipedia.org/wiki/Trusted_Platform_Module) requires UEFI which is something that can provide [further security](https://wiki.archlinux.org/index.php/Trusted_Platform_Module).
netlify[bot] commented 2019-11-14 15:26:52 +00:00 (Migrated from github.com)

Deploy preview for privacytools-io ready!

Built with commit 10d1f0fc23

https://deploy-preview-1491--privacytools-io.netlify.com

Deploy preview for *privacytools-io* ready! Built with commit 10d1f0fc23eafa3fee5e50e9bba766d29191a0b2 https://deploy-preview-1491--privacytools-io.netlify.com
nitrohorse (Migrated from github.com) reviewed 2019-11-14 16:14:27 +00:00
nitrohorse (Migrated from github.com) left a comment

LGTM

LGTM
Mikaela (Migrated from github.com) approved these changes 2019-11-14 20:21:47 +00:00
Mikaela (Migrated from github.com) left a comment

I hope you don't mind me resolving the merge conflict.

I hope you don't mind me resolving the merge conflict.
nitrohorse (Migrated from github.com) approved these changes 2019-11-16 03:49:13 +00:00
nitrohorse (Migrated from github.com) left a comment

Thanks for resolving that @Mikaela

Thanks for resolving that @Mikaela
This repo is archived. You cannot comment on pull requests.
No Milestone
No Assignees
1 Participants
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: privacyguides/privacytools.io#1491
No description provided.