Tomb, a Successor To TrueCrypt For Linux Geeks 114
jaromil writes: Last day we released Tomb version 2.1 with improvements to stability, documentation and translations. Tomb is just a ZSh script wrapping around cryptsetup, gpg and other tools to facilitate the creation and management of LUKS encrypted volumes with features like key separation, steganography, off-line search, QRcode paper backups etc. In designing Tomb we struggle for minimalism and readability, convinced that the increasing complexity of personal technology is the root of many vulnerabilities the world is witnessing today — and this approach turns out to be very successful, judging from the wide adoption, appreciation and contributions our project has received especially after the demise of TrueCrypt.
As maintainer of the software I wonder what Slashdot readers think about what we are doing, how we are doing it and more in general about the need for simplicity in secure systems, a debate I perceive as transversal to many other GNU/Linux/BSD projects and their evolution. Given the increasing responsibility in maintaining such a software, considering the human-interface side of things is an easy to reach surface of attack, I can certainly use some advice and criticism.
As maintainer of the software I wonder what Slashdot readers think about what we are doing, how we are doing it and more in general about the need for simplicity in secure systems, a debate I perceive as transversal to many other GNU/Linux/BSD projects and their evolution. Given the increasing responsibility in maintaining such a software, considering the human-interface side of things is an easy to reach surface of attack, I can certainly use some advice and criticism.
Re:NSA? (Score:4, Interesting)
Need I say more?
Can't rule that out about anything. In this case you're talking about the guy (Denis Roio) with dyne:bolic under his belt - and the "non-profit" behind it and his "campaign" to fork Debian. A self-described "researcher in philosophy of technology and software artisan". He's done at least one TED talk (I can't be bothered looking for the link).
The Tomb project is interesting and I've been following it for a while - the main thing that differentiates it from other LUKS-made-simple tools is the addition of steganography capabilities.
Despite his numerous, um, eccentricities and involvement in the rabid and vitriolic campaign against systemd, it's the code that counts. In this case it's just wrappers around dm-crypt, dm-setup and LUKS designed to make LUKS easier for people who find it difficult - and to add a few other features. Like anything else that is meant to be trusted to the same degree it should be independently audited.
Note: there are plenty of reasonable objections to systemd. Those that hold them don't demand no-one else should be able to use systemd, raise money unaccountably so a handful(?) of anonymous self-described "Unix gurus" can "fork Debian" (yeah - and I'm going to build a moon mission in my basement). Or use threats/trolling/FUD.That would be more like an NSA style campaign to divide the Linux community and keep their existing init flaw backdoors in place on hard-to-get-to systems.
Cue the usual sock-puppet forum flooding and disinformation [sigh]
"Tomb"? (Score:1)
Re: (Score:2)
The name "Tomb" is self-defeating. The name implies that the software is already dead.
Agreed. If marketing is important.
Vault is already used by many projects. I'd suggest ForNix - but then I do have a black sense of humour (it's latin for vault, also brothel). AbSis? another latin word with double meanings and a likelihood that it'd become the butt of jokes . CryptoPorticus? Cautus is good, but there's a possibility that if it ever failed he'd never shake the "CaughtUs" meme that would result - besides, it's a business name.
Why do technology companies choose foolish names? (Score:2)
An acquaintance of mine works at The Last Pickle. [thelastpickle.com] Yes, really. Apache Cassandra support.
OT on Devuan (was Re:NSA?) (Score:2)
Curious about your manipulation of to the Devuan project passing via a personal attack against me.
BTW are you Kevin McCurley of Digicrime, based in San Jose?
Isn't this game boring? Yet I have to reply because your claims about Devuan are false:
1- we don't demand no-one else should be able to use systemd. We clearly demand our own rights in choosing to not use systemd and have engaged in an honest quest developing a base system that is alternative to Debian and does not depends from the web of dependencies
Re: (Score:2, Offtopic)
Curious about your manipulation of to the Devuan project passing via a personal attack against me.
Read again. I said you were involved with extremists. Not that you were one of them. They damage the credibility of anyone with genuine problems with systemd.
BTW are you Kevin McCurley of Digicrime, based in San Jose?
Isn't this game boring?
[Yawn] Yes to the second question.
Yet I have to reply because your claims about Devuan are false:
1- we don't demand no-one else should be able to use systemd.
Never said you did. Nor that you speak for everyone that was involved in that project. Read again - the words have not changed. I said you were "eccentric" and that you are behind dynobolic - and further, that you should be judged by your code. Twisting my words and implying that you "know who I am" does nothing to imp
Re: (Score:3)
Read again. I said you were involved with extremists. Not that you were one of them. They damage the credibility of anyone with genuine problems with systemd.
ACK and agree. I'm sure you understand that to transform a years old flame into a decent discussion is quite a hell of a process.
Apologies for overreacting, I recognize you do have legitimate observations, but really I've been through the systemd-grinder enough to quickly put up defenses.
That posting of the "financial reports" is the first time you' ve published any information about business registration. Where is the posted information about dyne.org? Where are all those certified accounts available? Why doesn't Archive.org have them?
Man, we are paying taxes to the Netherlands, not to Archive.org. I think you have a different idea of transparency... we are producing all the documentation needed for the institutions and organizations that require them,
Re: (Score:2)
Read again. I said you were involved with extremists. Not that you were one of them. They damage the credibility of anyone with genuine problems with systemd.
ACK and agree. I'm sure you understand that to transform a years old flame into a decent discussion is quite a hell of a process.
For what it's worth - though some clients use systemd with good reasons, I don't (though I find many features interesting and have been testing some for the last year and a bit). I can relate to your feeling: I've watched the "debate" damage the Debian community (and I'm aware that much of the blame lies parties whose only interests is destruction); I was in a similar position when udev replaced sysfs. I can also see how hard it makes things for the developers of systemd, and why some of us have developed s
Does encryption really matter to the NSA? (Score:3)
At this point they can watch every phone call we make, watch where we walk every minute of the day, watch what websites we go to, read our email.
They can no doubt get in back doors on our computers any time.
Why should they care if we encrypt our hard drives? We're on the internet when our computers are on!
Re: Does encryption really matter to the NSA? (Score:1)
Whether they pay you or not, you're helping the NSA by spreading this stupid belief that they're omnipotent.
Re: (Score:2, Offtopic)
Replace the word "republicans" with "ruling class" and you'll be closer to the truth. Why do you think the Demoplicans are any different than the Republicrats?
Re: (Score:3)
"You sound like"
Want the truth? I don't fit into any of the labeled boxes. I'm most comfortable with the libertarian label - but I don't agree with all their shit either.
Why don't you take a good, hard look at the two party system? The two are in collusion to prevent any other party from gaining any power. Look at federal funding. The D's and the R's agreed to split all of the money that the fed has available for elections. They gave a little lip service to the concept of democracy, by saying IF any o
Re: (Score:2)
And, you use the word "conservative" like it's a "bad thing". Apparently, you're one of those divisive liberals, who only sees evil in conservatism, and you want free reign to rebuild the world in some socialistic image.
Sadly - communism doesn't have one single success story to point to. And, we should trust the liberals? They want to take a failed system, and impose it on the United States.
Fuck that - we can fail on our own, and in our own fashion. To hell with modern day American liberalism.
Re: (Score:2)
Re: (Score:2)
Agreed. How do you propose that we convince the majority of Americans to agree? I've often said that I'm willing to vote for people of all parties. I'm even willing to see a member of the Communist Party in congress, if it breaks the grip of the two parties who share a chokehold on the US. It was ONE OF the things that made Obama look good, when he crawled out of the woodwork - he APPEARED to be more independent than other candidates.
We need some Libertarians in Washington, along with some Green/Conserv
Re: (Score:2)
Re: (Score:2)
Because Republicans on the Supreme Court are consistently voting to make the situation worse. Prior to Citizens United, it was possible to at least attempt to address the corruption of the system via the elected legislature (or at least throw the bums out if they won't address it). Now, we apparently have to ammend the Constitution to remove a ridiculous manufactured equivalency between corporate bribery and free speech. It's silly to pretend that that's not the result of a significant difference between
Re: (Score:2)
And - your cherished democrats are somehow different? Presumably because they routinely vote on matters in ways which you approve?
And, what about Joe Mainstream? BOTH sides of the court just fuck him over.
Never heard of it (Score:4, Interesting)
to be honest, and I've been recently reading a lot about potential TrueCrypt replacements. Of course I was looking for FDE mostly, not just a few files.
Re: Never heard of it (Score:2)
Literally the first few words say they released it yesterday.
Re: (Score:2)
Do you call the first version of your software "2.1"?
Re: Never heard of it (Score:4, Funny)
I sure would. Who in their sane mind would buy a 1.0 version?
Re: (Score:2)
Same reasoning Porsche Engineering started their projects with #9 - hence the 356 was really project number 347, and the 911 - originally badged as 901 until a trademark lawsuit - is really project 882.
Re: (Score:1)
Re: (Score:2)
I sure would. Who in their sane mind would buy a 1.0 version?
I tried getting a version 1.0 product one day, but they were up to version 25 before the download finished.
Re: (Score:2)
It's funny... that is the exact version number of my project where I work, which is a new system under development for about 5 years now. It's been that number the entire time.
ChangeLog (was Re: Never heard of it) (Score:2)
Re: (Score:2)
Literally the first few words say they released it yesterday.
The project has been around for some years [looks through his records]. The oldest entry reference I have is to a post in a wishlist bug report [debian.org] dated 31 Jan 2011. Tomb was at 0.9.0 then. (I never did work out what Jaromil actually wanted - advertising?)
Why replace it? (Score:2)
We know the last build of TrueCrypt is secure. Why replace it?
Re: (Score:3)
We know that the developers were pretty sure that the last version of TrueCrypt was still secure. You cannot ever know for certain that a software is really secure. You may convince yourself that it is, or that it isn't, but you never know what the other side has done, or is doing.
The ONLY thing you really know for certain about TrueCrypt, is that the developers felt that their product was being compromised, so they let the world know of their suspicions.
Re: (Score:2)
You can never truly know if something is secure. You can only know that it is insecure, once it is proven as such.
Re: (Score:3)
We know the auditors also think 7.1a is secure. [istruecryp...tedyet.com]
Re: (Score:2)
What we know is the auditors were allowed to say that it's secure.
10 years ago I'd have ridiculed someone concerning his tinfoil hat for such a comment...
Re: (Score:2)
We know that the developers were pretty sure that the last version of TrueCrypt was still secure.
The last version of TrueCrypt passed a public security audit [cryptograp...eering.com] with flying colors.
Re: (Score:2)
I stopped "auditing" the WIndows kernel long ago. I'm much more concerned about the Linux kernel.
Re: (Score:2)
That would be discovered in seconds. Neckbeards look for this constantly. They want to be the first person to proclaim "I told you so!"
Re: (Score:2)
Re: (Score:2)
We know the last build of TrueCrypt is secure. Why replace it?
This article is the first I'd heard of the demise of TrueCrypt. Then article goes on to talk of simplicity.
Not using Linux (games) simplicity to me is to continue using TrueCrypt, even Linux users will need to convert.
I wish them luck in this endeavor though.
Re:Why replace it? And Can it really replace it? (Score:2)
I use Truecrypt for a small (10MB) file which I can mount on Linux, Mac and Windows. The mounted file is a FAT32 partition, because that is the only filesystem that is read/write on any random machine.
Could Tomb replace this setup? What would the advantage be?
(Of course, I could go read the article, but who does that on /.?)
Re: (Score:3)
The stego capabilities of Tomb are interesting. The print to QR code for backups for keys is also much appreciated.
For me, what is important in a TrueCrypt replacement is cross-platform compatibility. I could create a TC volume on a NAS with a Windows box, mount and toss some files into it with my Linux machine, then mount it on a Mac (obviously, not having multiple machines mounting it at the same time) for more items. VeraCrypt has kept this, and has added the ability to use TC volumes under W8.1, a lo
Can you try to get into debian? (Score:2)
From your website, I see that "make install" only installs two files, the executable and the manpage, but I prefer keeping my $PATH mostly filled with applications I can update with my package manager.
Re: (Score:2)
Here is a debian/ packaging setup ready for Tomb, contributed by maintainers of the Freepto distro https://github.com/AvANa-BBS/T... [github.com]
Arch has a package since long already.
Re: (Score:2)
How do you even test your source of entropy reliably? Sure you can do some statistical analysis, but if you don't even trust /dev/random, what do you trust? A chip would be less reliable IMHO than either using the kernel seeding /dev/random (at least you have control over the code) or a HAVEGE type algorithm (prediction at that level requires insane amounts of resources)
Re: (Score:2)
How do you even test your source of entropy reliably? Sure you can do some statistical analysis, but if you don't even trust /dev/random, what do you trust? A chip would be less reliable IMHO than either using the kernel seeding /dev/random (at least you have control over the code) or a HAVEGE type algorithm (prediction at that level requires insane amounts of resources)
If you trust /dev/random you're off to the wrong start (and living in the past) - especially as far as credibility goes. Use /dev/urandom. Given that you only need 256 bits of entropy to get computationally secure numbers for a long, long time - the "how do you test entropy reliably" is a straw man.
There are some case where it's better to use /dev/random. This is not one of them.
Fun facts - dm-crypt uses /dev/urandom, VeraCrypt uses /dev/random and /dev/urandom (on Linux and Mac)
Re: (Score:2)
/dev/urandom will not wait (block) for sufficient entropy and thus is (theoretically) more vulnerable to attacks than using /dev/random. You should ALWAYS use /dev/random if you are worried (paranoid) about the cryptographic strength of your result.
I was talking about seeding your randomness and how to test entropy is definitely a necessity. If you sneak in some vulnerability, most likely you'll want to be able to predict the random numbers generated at certain points in time but still make it look like you
Re: (Score:2)
You'd like proof of entropy in a /. post? What next - pi demonstrated to 10000 places in a Twitter post? Instant education you can sprinkle on your breakfast and some else to feed it to you?
/dev/urandom will not wait (block) for sufficient entropy and thus is (theoretically) more vulnerable to attacks than using /dev/random. You should ALWAYS use /dev/random if you are worried (paranoid) about the cryptographic strength of your result.
Yes /dev/random blocks. It gives out exactly as much randomness as it has entropy in its pool. But that's not always a good thing - which is why cryptography is not intuitive - it's also why cryptographers e.g. Bruce Schneier, choose /dev/urandom as the preferred source of cryptographic randomness on UNIX-like systems..
VeraCrypt (Score:5, Informative)
The successor for TrueCrypt is VeraCrypt [wikipedia.org], as it is a direct fork.
Also, a "linux geek" would have already have taken dm-crypt as an alternative, or performed the instructions in some Full Disk Encryption Howto.
Yes, I did, but this looks handy (Score:2)
As a "linux geek" my drives and files are encrypted using dm-crypt, gpg, etc. However, this script looks like it would be useful for making transferable encrypted archives. How handy.
I do not know what "TrueCrypt" or "VeraCrypt" are. I have never seen them in any repository.
Re: (Score:2)
Isn't it built into the installer nowadays? I installed Debian recently and it offered to encrypt my system, but maybe it skipped the partition that holds /bin and whatnot...
Re: (Score:3, Informative)
You can encrypt everything but bootloader + kernel + initramfs using a typical good distro installer (including Debian's latest).
You can encrypt even that, if you use a bootloader capable of decription, but the bootloader will remain unencrypted.
You can encrypt everything if you use a storage device capable of DRM+crypto, TCG style. But you cannot trust that kind of crap to even operate correctly, let alone implement the crypto (and everything else!) correctly and safely.
So, usually, one tries to use secur
Re:VeraCrypt (Score:5, Informative)
There were two forks coming from TC. CipherShed was another, but it hasn't been updated since pre-alpha, so it is probably good to pronounce it dead, so VeraCrypt is arguably the successor for TrueCrypt as of now.
If I were only worrying about Linux, I'd either use LUKS or perhaps a filesystem based encryption process like EncFS. EncFS doesn't provide as much protection (it does let an attacker know file sizes in a directory), but it is definitely a lot more flexible, and the encrypted files can be backed up and restored with ease.
Don't try to piggyback on TrueCrypts popularity (Score:5, Insightful)
The successor to TrueCrypt will most likely be something derived from the audited TrueCrypt source code. You just won't compare favorably given the single supported platform. You are just going to create a reputation of being one of the lessor choices, which may be entirely unfair.
Don't handicap yourself. Promote your software on its own merits, don't try to piggyback on TrueCrypts popularity, such a strategy will likely backfire.
Re:Don't try to piggyback on TrueCrypts popularity (Score:5, Informative)
I don't know about Mac support, but if Tomb is just a wrapper around LUKS, the volumes it creates should be accessible on Windows as long as you use a filesystem Windows knows about. Ext2IFS doesn't work on anything newer than Windows Vista, so you're most likely looking at FAT32, exFAT, or NTFS if you want your LUKS volume to be portable.
Assuming a suitable LUKS volume, you can mount it on Windows with LibreCrypt [github.com], which is the successor to FreeOTFE (by way of DoxBox). My work machine still has FreeOTFE on it, but I just installed LibreCrypt on Windows 10 at home and the encrypted volume on my flashstick mounted right up.
Re: (Score:2)
We have an issue open to support Tomb volumes, fairly easy to implement https://github.com/t-d-k/Libre... [github.com]
Re: (Score:2)
Don't handicap yourself. Promote your software on its own merits, don't try to piggyback on TrueCrypts popularity, such a strategy will likely backfire.
Fer sure. They are just showing those that don't know that there is a widely used and proven encryption program already out, by bringing it up.
Being a Linux only program and specific versions at that do limit it's usage and spread significantly, to the point of slow obscurity.
why? (Score:1)
Why would I want to use this over just using dm-crypt on a LUKS container directly? One less layer of things to go wrong that way. One less layer of obfuscation.
Minimalism and Simplicity = Good! (Score:3)
Without reading anything besides your summary, it sounds like you're on the right track. "Minimalism" and "simplicity," judiciously applied, usually leads to a good result. As Albert Einstein said, "Everything should be as simple as possible, but not simpler."
You asked for advice and criticism (Score:2)
So far there seems to be a lot of the latter, but not so much of the former.
While I don't use your software, I do appreciate the fact that you're working on it - and I like the philosophical focus on simplicity.
if it's ain't broke, dont fix it. (Score:2)
TrueCrypt (now VeraCrypt) is still alive and kicking. better than that, it's been security audited. so why go from a multiplatform system known to be secure to a bunch of scripts that only work on linux?
stop trying to fix what isn't broken.
Nope. (Score:5, Insightful)
Tomb isn't a successor to TrueCrypt, for me at least. Not even close.
TrueCrypt's selling point is NOT an encrypted container. We can do that any number of ways, not least just encrypted loopback, but all of them leak the same amount of information.
Truecrypt's selling point was full disk encryption and a bootloader that hook BIOS interrupts to allow live, in-memory, OS-agnostic transparent decryption. That's not something you can do with a shell-script.
Anything not full-disk-encryption is worthless is the machine is stolen - it probably takes minutes to find the key in swap-files and unlock the containers if they've been used recently. The plain-text is probably still lurking around on disk as temporary files etc.
The only reason I used TrueCrypt was that you could full-disk encrypt and nobody could get in without modifying the hardware of the machine and then getting me to enter my passphrase. Not something that a thief was going to be able to do. It means it was Data Protection compliant, that you could afford to lose the entire machine and not worry, and that it didn't matter what you did with the machine underneath, what OS, what partitioning, etc. even fake partitions with false copies of Windows, etc. in them.
Sorry, but your slashvertisement is exactly what it says - a shell script around some basic command line utilities. It's nowhere close to a TrueCrypt replacement unless your use-case is extremely trivial and - actually - not that secure at all.
As it is, I don't think there's currently a product I can use that I can trust complete boot-time control of, except for TrueCrypt and it's directly-compatible replacements. I will look at various projects as they evolve but, for me, the winner will be whoever gets a UEFI bootloader first.
Re: (Score:2)
This is explicitly to address cases of stolen laptop, phone, etc.
The fact that is easy to use gpg encrypted keys from a remote ssh shell, a phone over NFC or bluetooth or a usb stick is addressing human-behavior as a vulnerability much more than actual encryption technology, which we assume to be fairly advanced and reliable today at least in case of dm-crypt.
Re: (Score:2)
Not only that but TrueCrypt was designed to do secret volumes within volumes, so if someone coerces your password from you they only get the outer, more innocuous volume. The inner volume containing the real private data is still locked and you can't even prove it's there.
On LUKS (Score:1)
Downside is, is that if the LUKS header gets corrupted or destroyed, the entire partition is lost. It's more serious than an MBR, which is easy to reconstruct.
I wanted the purity and hardcoreness of my key = actual key,
Re: (Score:3)
Downside is, is that if the LUKS header gets corrupted or destroyed, the entire partition is lost.
To be fair - that's the downside of encryption (without regular backups). A single bit of difference means no information recovery.
Using LUKS is unlikely to measurably decrease your chances of being unable to recover information. ie. if the encrypted medium is modified you'll only ever be able to recover data. Data, that doesn't translate into useful information.
Re: (Score:2)
cryptsetup has luksHeaderBackup and luksHeaderRestore commands.
We have an issue open on github, thinkering on how to avoid bit-rot here https://github.com/dyne/Tomb/i... [github.com]
The LUKS header recovery comes handy, a single corrupted bit in the header of a Tomb could be fatal, so there are plans to backup the header also inside the key, perhaps starting from the next major version of Tomb.
To fight bit-rot a filesystem like ZFS is pretty effective, but then that must be the "outer" FS, used by the storage support hosting the tomb.
Re: (Score:1)
Re: (Score:2)
No, this isn't true. Depending on the encryption mode, a corrupted bit should mean one or two blocks being lost (typically 256 bits).
Could you expand on that? Do you mean - "it isn't true that if encrypted data is modified it can still be unencrypted and the information recovered"? It does sound like a self-defeating encryption scheme (see further down as to why your user case may significantly differ). If the point of encryption is to "prevent modification or access to information at any point in time" rather than "to prevent the reading of the drive at one, known, point in time".
Recovering data from a dm-encrypted disk which has damage
recovering plaintext from corrupted ciphertext (Score:1)
In this case 'plain' dm-crypt results in typically 128-256 bits of plaintext not being recovered. This guy [tablix.org] has done some experiments and says in practice it's similar between corrupted encrypted and unencrypted data.
With LUKS, if the corruption is in the data, then the result should be the same as for dm-crypt.
But with LUKS, if the corruption is in the
Re: (Score:2)
The context of the original post was discussing recovering plaintext when a bit of the ciphertext was corrupted - assuming you have the key and no backups.
Um, no - you responded to my post. I responded to a post by bdubSOv1iKIJ403M. No mention of plaintext there.
In this case 'plain' dm-crypt results in typically 128-256 bits of plaintext not being recovered. This guy [tablix.org] has done some experiments and says in practice it's similar between corrupted encrypted and unencrypted data.
Interesting reference. Thanks. I don't have immediate comments on it other than: nothing looks dodgy about his tests; SS writes and erases are quite different from HDD (I don't understand them). I've bookmarked as something to ask some one of the ASD SME's about.
I use LUKS (and dm-crypt) for personal and work computers, with critical information also encrypted - because I don't know of a better option
Re: (Score:1)
The context of the original post was discussing recovering plaintext when a bit of the ciphertext was corrupted - assuming you have the key and no backups.
Um, no - you responded to my post. I responded to a post by bdubSOv1iKIJ403M. No mention of plaintext there.
It's hard to see how else to interpret your post:
To be fair - that's the downside of encryption (without regular backups). A single bit of difference means no information recovery.
Or did you mean a single bit of ciphertext changed would somehow corrupt the rest of the ciphertext?
I've no wish to get involved in a discussion on other aspects of encryption, just wanted to simply correct a false statement, and get something off my chest about the design of LUKS.
Re: (Score:2)
are QRcodes like IPv4 addresses in that we will run out of usable ones for wasting them on our cat's buttcheeks?
No.
QR codes encode arbitary text (in one of several character sets). There is no central registry of what that text means so QR codes in general can't "run out". The ammount of text that can be encoded depends on the size (in "modules") of the QR code, the character set and the desired error correction level.
QR codes used for taking people to websites generally encode URLs. Even a quite long URL can be encoded in a reasonable size QR code though shorter URLs are certainly preferable for more reliable scanni
successor? (Score:3)
TrueCrypt worked flawlessly on Windows, Mac, and Linux.
Anything which supports only one of the three major platforms is no successor of TrueCrypt.
How do you deal with complexity? (Score:2)
I appreciate the considerations about portability of a shell script being critical, yet ZSh interpreters are very portable themselves.
Last day (Score:2)
Last day we released Tomb version 2.1
Hyper cool, friend!
Ban it (Score:1)
All it's good for is empowering terrorists, pedophiles and malcontents. We don't need encryption, honest people does not, and neither we need anonymization tools, guns, or instructions on how to make explosives. You keep blathering about "freedom" but my freedom to be safe is more important to me, and I'm part of the vast majority of sane people who does not see the use for encryption, guns, tor or even general purpose computers that could be used to hack vital infrastructure and cause harm and even death.