Talk:Disk encryption software

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Computing / Software / Security  
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
 ???  This article has not yet received a rating on the project's quality scale.
 ???  This article has not yet received a rating on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Software.
Taskforce icon
This article is supported by WikiProject Computer Security.

Rules for the Cross-Platform section[edit]

A program can be included in the Cross-Platform section only if it runs on more than one operating system. If it is a Windows-only program (such as CrossCrypt or FreeOTFE) that can mount a cross-platform format or a format used on an operating system other than the native for the program then it's still a Windows-only program. Similarly, if a graphics editor runs only on Windows, then it's still a Windows-only program even though it can load/save the png format (which is a cross-platform format). The mere ability to load/save a cross-platform format does not make the program cross-platform. Maxt 18:36, 7 March 2006 (UTC)Maxt

Ah... Thankyou for giving your opinion as a "rule"; Wikipedia operates by consensus - not by one person who just "lays down the law". wrt the change I just reverted - it does look like a version of FreeOTFE was released for the PocketPC about a month ago, making it a cross platform system; see wikipedia Platform (computing) for what a platform is. Cralar 21:18, 11 December 2006 (UTC)
Looks like there's a misunderstanding here. Maxt's assertion above, that legacy support for other volume formats does not make a disk encryption suite "cross-platform" if the same program itself does not run on other platforms, entirely reasonable. At least as far as I understood it, this had nothing to do with the revert – rather, the revert is a question of whether Windows on PC and Windows Mobile on PocketPC (that FreeOTFE4PDA runs on) can be considered different platforms. -- intgr 21:55, 11 December 2006 (UTC)
Looking at the datestamp of the original talk entry from maxt - it looks like it predates the release of FreeOTFE4PDA, so that would make sense. The new version certainly works on a different platform though. Cralar 20:04, 12 December 2006 (UTC)
The Cross-platform section (which I, by the way, created including the subdivisions -- so I defined rules for the section) is subdivided according to operating systems. It can NOT be subdivided according to hardware platforms. To understand why, consider this example: the Linux operating system runs on many hardware platforms, including portable mp3 players, PDAs, etc. Hence, by your logic, any program that runs on Linux belongs to the Cross-platform section. What would be the subdivision? All Linux software would have to be put under the following heading: "PC/PDA/mp3-player/phones/etc/anything". The division of the Cross-platform section must make some sense. Maxt 16:10, 14 December 2006 (UTC)
But technically Windows Mobile/Windows CE can be considered a separate operating system from Windows NT, and while either of the terms does not say much to an average reader, calling it just "PocketPC" will more likely ring a bell. Just my two cents, I am impartial to how this gets resolved.
Also, please note that your rude and tactless "which I, by the way, created including the subdivisions -- so I defined rules for the section" comment is void – nobody owns Wikipedia articles per WP:OWN. See also: WP:CIVIL. -- intgr 16:39, 14 December 2006 (UTC)
I agree with intgr: it's little naive to say that it's the same platform - a bit like claiming that Windows XP is the same as Windows 3.x - software written for the former simply won't run on the latter! If you look at any WWW site which offers software downloads, PocketPC software is always listed separatly to MS Windows (PC) software. This is for good reason - people want software they can use on the platform they own; be that Windows/Linux/some PDA. At the end of the day, this section has to be useful to people to be of any value, and if you're looking for software for your PDA, you're not going to look at a "Windows" section because you certainly wouldn't expect to find anything that you could use - standard Windows software simply won't work on a a Windows Mobile system! The same cannot be said about Linux, where, given the source code, you probably can run it on most, if not all Linux systems. I've reverted the previous edit - I would suggest discussing it further before trying to push what is (from your previous comment) clearly just your own POV —Preceding unsigned comment added by Nuwewsco (talkcontribs) }
Note that you should sign your posts on talk pages with four tildes (~~~~) -- intgr 06:36, 15 December 2006 (UTC)
I'm not sure if you read the substantiation at all. Read this message carefully in its entirety please. The Cross-platform section can NOT be subdivided according to hardware platforms. To understand why, consider this example: the Linux operating system runs on many hardware platforms, including mobile phones, portable mp3 players, PDAs, Pocket PCs, etc. Hence, if the Cross-platform section was subdivided according to hardware platforms, then any program that runs on Linux would have to be moved to the Cross-platform section. Yes, all Linux software would have to be put under the following absurd heading: "PC/PocketPC/PDA/Phone/MP3-Player/Etc". As for the Windows/Windows cross-platform: if a program runs under e.g. Windows 95 and under Windows Vista, it cannot really be considered cross-platform, as Windows 95 and Windows Vista are in fact only two different versions of one operating system (even though the versions are substantially different). The division of the Cross-platform section must make some sense." Maxt 11:49, 15 December 2006 (UTC)
I am fairly sure I read your message correctly, as well as your reasoning behind it. If you read my message carefully enough, you would've realized that ;) [note how annoying comments like this can be – don't use them, they are counterproductive in reaching a consensus].
We are not contesting your "rule" that differences should not be based on hardware platforms. Instead, I am saying that Windows Mobile and desktop versions of Windows are different operating systems, and have never been designed to be compatible, besides WinCE implementing a small subset of the win32 API. Supporting Nuwewsco's claim, only very trivial desktop Windows applications compile correctly with the WinCE SDK, and likely still need some modifications to make them usable. Thus, your comparison involving Windows 95 and Windows Vista is flawed. As the definition of an operating system is somewhat vague, it is unclear where to draw the line between "same operating system" and "different operating system". What kind of criteria would you suggest? -- intgr 13:02, 15 December 2006 (UTC)
Intgr, I was not referring to you. Sorry, if it looked like I was. You apparently have read what I wrote and I thank you for that (it was the other poster who apparently completely ignored what I wrote). As for the Windows/Windows cross-platform question: Windows 9x and XP are mutually incompatible too. For example, you cannot run 9x drivers (.vxd files) on Windows XP (.sys files) and vice versa. That's why you can't run e.g. TrueCrypt on Windows 9x (someone would have to write a completely new driver for it!). It's not caused by just some minor differences -- the driver architecture (model) is fundamentally different between Windows 9x and 2k/XP. Even though these two systems are fundamentally incompatible, they are however, still two editions/versions of one operating system. It would be absurd to claim that a program that supports Windows 9x and Windows Vista is cross-platform. This applies also to programs that run under Windows Mobile and Windows XP. Those are just two flavours of one operating system -- Windows. Maxt 17:45, 15 December 2006 (UTC)
The Windows NT and Windows 9x kernels have indeed been developed separately, and have some incompatible driver APIs (with the notable exception of WDM). However, both of the operating systems aim to be 100% compatible on the "userland" level – they both implement the same user space APIs and have very similar semantics. The code base of most userland components of both operating system families is most likely derived, or maybe even identical for some, and third party applications running on both of these systems might only have trivial low-level differences. Windows CE, however, is fundamentally different; it does not intend to be compatible with either, it merely provides the same "feel" to programmers in its APIs. -- intgr 18:22, 15 December 2006 (UTC)
Actually, I did read Maxt's comments, and I stand by my reply. I understand your comparison between Windows 9x/XP, and I agree with ingr. Let's be realistic here - does it help anyone to place all PocketPC/Windows Mobile software - which cannot be run on a PC - under the single lump category "Windows"? Clearly not - it's no use to anyone. Someone looking for software for their PDA would not expect to find it under a "Windows" section, and someone looking for software for a Windows PC platform (regardles of whether it's 9x/XP) would not expect to find PDA software bundled in a "Windows" section, though would not be too surprised to find 9x and XP software listed together. The same applies for Linux software; clearly it's unhelpful to distinguish between the hardware it runs on, though categorising it together under the "Linux" heading is helpful.
Further, Wikipedia already separates PocketPC and PC based Windows software - see categories Windows software, Linux software and PocketPC software - the PocketPC platform is separatly classified. I would strongly recommend reverting the removal, and reinstating the section added
btw, why did you revert the change I put in without further discussion? Please respect other people's views, and try not to start an edit war Nuwewsco 18:47, 15 December 2006 (UTC)
Wow - that's quite a lot of text for one little edit i made! Looking at the comments above though i still think it should go in but i'll leave it for awhile in case there are any other objections. Cralar 14:15, 16 December 2006 (UTC)
Do you remember the software called Scramdisk? It was free disk encryption software for Windows 9x. It does not run on Windows XP. Why? Because Windows XP is incompatible with Windows 9x. Period. Somebody would have to write a completely new XP driver for Scramdisk (there actually are commercial versions, Scramdisk NT and DriveCrypt, but if you want freeware, you can't run Scramdisk on XP). This is just one example that shows that Windows 9x and XP are fundamentally incompatible (although in some areas they are compatible). That does not make software that runs on 9x and XP cross-platform. It would obviously be absurd to claim that software that runs on 9x and XP is cross-platform. Don't even bother to check compatibility between Windows 3.11 and Vista(!). The same applies to Windows XP/Windows Mobile. They are partially compatible (as are 9x and XP). But they are still two flavours of one operating system. Frankly, you don't really believe that a "Windows X/Windows Y" cross-platform subcategory would survive more than a week on Wikipedia, do you? Maxt 13:35, 18 December 2006 (UTC)
I have already addressed that, but let me elaborate. I stated that the Windows 9x and Windows NT kernels are different, even though both also implement the newer Windows Driver Model API. WDM drivers are binary-compatible between newer versions of 9x and NT kernels – had Scramdisk been implemented on WDM, it would work on Windows XP [note that I'm not sure loopback disks, necessary for encrypted disks, could be implemented in WDM, but I think this is irrelevant anyway]. However, this is the kernel level of compatibility. Linux, for example, breaks kernel APIs/ABIs whenever the developers feel like it, even in minor version changes (refer to /usr/src/linux/Documentation/stable_api_nonsense.txt or [1]).
It's the user space/userland APIs that are supposed to be stable and compatible between operating systems (not kernels) that are designed to be compatible, as the majority of applications only run in user space and don't care about the kernel as long as the userspace<->kernel interface does not change. The win32 user space API is entirely compatible between Windows 9x and NT-based operating systems (more so in win2k and on). The user space APIs between Windows CE and Windows NT/9x kernels are in large part not compatible, and this is so by design, as WinCE is built to run with significantly less resources. In other words: applications have to be ported to run on Windows CE; applications do not have to be ported between NT-based and Windows 9x operating systems. Thus, I consider WinCE to be a different operating system, in addition to also running on a different kernel.
While I personally think that encryption tools that run in kernel mode, should in fact be grouped by kernel families (that is, make distinctions between Windows 9x and Windows NT, and between Linux 2.4 and 2.6 *) and not operating system families, we certainly need to find some common ground before that.
* minor Linux kernel version changes do not have to be taken into account, as out-of-tree modules typically use conditional compilation to support the particular API of the kernel version it's being compiled against -- intgr 14:34, 18 December 2006 (UTC)
Ingtr, I hope you don't have some hidden agenda, because you make the impression. You wrote: "In other words: applications have to be ported to run on Windows CE". I reply: Scramdisk is a Windows 9x application and it would have to be ported to Windows XP as well to run on it. Do you finally get it? Maxt 15:31, 18 December 2006 (UTC)
And I wrote a long explanation of how user-space and kernel-space compatibility are different things, and how "operating system" and "kernel" are different. I think I have been very patient with you. Please give it a deeper look. Particularly, see stable_api_nonsense.txt and how it relates to our discussion, as Linux developers likely don't have the same secret agenda. -- Secret-Agenda-Guy a.k.a intgr 15:37, 18 December 2006 (UTC)
Intgr, I suspect you have some hidden agenda because you twice attempted to "prove" (and editted the TrueCrypt article accordingly) that TrueCrypt is not cross-platform, in two different ways: First, a few weeks ago you wrote in the edit comment the absurd claim that: Windows NT and Linux alone do not qualify "cross-platform". You failed, so you took a second try by saying that two implementations of a program that do not share 100% of a single common code base are not cross-platform (while it's fairly obvious that no cross-platform program can have 100% common shared code for all its ports). In my opinion, you should remove yourself from this discussion (and perhaps editting these entries) as you are obviously pushing your hidden agenda. I'll watch this article closely. Maxt 16:05, 18 December 2006 (UTC)
You still appear not to be taking my responses seriously, throwing baseless accusations based on the fact that I merely did not like the phrase "cross-platform" on the TrueCrypt article that I only reverted once (!). I really do hope that my response on the referenced talk page is thorough and verifiable enough, and that you will take the time to read and understand it: Talk:TrueCrypt#Is TrueCrypt cross-platform or not? (diff) -- intgr 17:08, 18 December 2006 (UTC)
Maxt - I don't think that launching an ad hominem attack on someone simply because they don't agree with you can in any way be considered constructive. Personally, I find it a tad ironic, but that's just my opinion.
Perhaps we can try again looking to find some common ground; do you not agree that anyone looking for software for a PocketPC would look for it under a PocketPC related section, as opposed to Windows, and that most people consider Windows software to be in a different category as PocketPC software? (For example, as already shown by the existing precident set within Wikipedia) Nuwewsco 21:09, 18 December 2006 (UTC)
Given the amount of talk this one's raised, I've put my original edit back in as it seems to have the most support. However, I've added a marker to show that this section is clearly in dispute. Maxt; please don't revert again without further discussion and agreement with others. Cralar 11:50, 20 December 2006 (UTC)
Cralar, most of us already understood that the cross-platform section can't be subdivided according to hardware platforms. Do not redo your edits. They will be reverted. If you want to know why, read this carefuly. The Linux operating system runs on many hardware platforms, including mobile phones, portable mp3 players, PDAs, Pocket PCs, etc. Hence, if the Cross-platform section was subdivided according to hardware platforms, then any program that runs on Linux would have to be moved to the Cross-platform section. Yes, all Linux software would have to be put under the following absurd heading: "'PC/PocketPC/PDA/Phone/MP3-Player/Etc'". Maxt 15:12, 21 December 2006 (UTC)
This is getting silly; I've reverted back to Cralar's edit - this section is clearly in dispute; Maxt is claiming the pocketPC platform should be bundled in with the Windows section, while everyone else in the discussion believes it shouldn't.
Maxt - Note: Nobody's suggested that Linux should be split up into different sections (except you); the dispute is whether the PocketPC platform can be considered separatly to MS Windows; consensus is that it should be.
Can we at least agree to leave the article as-is (marked as in dispute), and follow Wikipedia:Resolving_disputes? Nuwewsco 16:30, 21 December 2006 (UTC)
Maxt: Nuwewsco and I have already stated why we think that the article should say "PocketPC" instead of "Windows CE". You should address why you consider Windows CE the same platform as desktop versions of Windows. The Linux argument is another straw man of yours. -- intgr 18:31, 21 December 2006 (UTC)
TrueCrypt runs on iPod (because Linux runs on iPods). Shall I follow your logic and create a new subsection "PC/PDA/Phone/MP3-Player/Car-computers/Aircraft-Computers/Tank-Computers" and move TrueCrypt to it? Maxt 10:08, 23 December 2006 (UTC)
Maxt: Please stop the edit war and follow the wikipedia dispute resolution process (you have already been asked to once by Nuwewsco). Repeatedly deleting other peoples edits doesn't help anyone; I already gave you the benefit of the doubt by marking the section in question as being in dispute. Your argument centers on not wanting to create multiple sections based on different hardware, but that's not what everyone else is saying. Please explain why you consider Windows CE to be the same platform as the desktop version of Window - before reverting any further edits, and note that you do not own Wikipedia Cralar 10:31, 23 December 2006 (UTC)
If fully agree with Maxt. Cralar, if you add to an article that "1+1=3" and a "disputed" label, you should really expect to see your edit reverted soon. If you want to add that 1+1=3 you must first give good reasons why you think it should be added. Maxt gave very good reasons against including hardware platforms. He also gave very good reasons why a program that runs on two versions of Windows does not qualify as cross-platform. Adm30 10:57, 23 December 2006 (UTC)

The disputed template is valid if there is a dispute; if you read through this thread, you'll find it's more than a little clear that Maxt is disputing the original edit! In a nutshell, PocketPC/Windows Mobile systems are quite clearly different platform to MS Windows on the PC. Without rehashing the same old arguments, please read through the above; there already exists clear precident within Wikipedia showing they are different platforms, and in the definition of what a platform is. All we're trying to do atm is ask Maxt to explain why he believes the PDA version is the same as the desktop version, stop claiming that the section isn't in dispute by repeatedly reverting changes, and follow Wikipedia guidelines Nuwewsco 12:22, 23 December 2006 (UTC)

We must separate two issues in the discussion:
1) Hardware platforms (whether hardware platforms should be included, i.e. PocketPC).
2) Software platforms (whether program that runs under two versions of Windows is cross-platform).
Ad 1) if hardware platforms were included, it would become a total mess, as Maxt has shown above. Result: PocketPC cannot appear in a title of a section of the cross-platform section.
Ad 2) As Maxt wrote, Scramdisk runs on Windows 9x and it does not run Windows XP, because the systems are only partially compatible. This can be said about Windows CE and XP too. They are only partially compatible. However, even if Scramdisk ran on Windows 9x and Windows XP, it would not qualify as cross-platform. This reasoning is equally applicable to Windows XP vs Windows CE. These are all versions of Windows. Result: Windows v. A / Windows v. B section shall not be included in the cross-platform section.
As a side note: according to the website, FreeOTFE, does not appear to run under Windows CE. The name of the product that does is "FreeOTFE4PDA". Both products are entitled to be in the Windows section. Adm30 12:45, 23 December 2006 (UTC)
Adm30: Indeed it seems that you haven't paid attention to the initial conversation before dropping in. I have stated my reasons for believing that Windows CE (which runs on PocketPC) and desktop versions of Windows different platforms. I also have explained why Scramdisk fails to work under NT-based Windows variants – it depends the kernel kernel APIs, unlike 99.9% of desktop software which only relies on the [compatible] user space APIs, so I think the Scramdisk example is not adequate for demonstrating your argument.
It has also been explained that the term "PocketPC" is only used for clarity for people who are not familiar with the name "Windows CE" – PocketPC is not a hardware platform alone, it's a Microsoft trademark and authentic PocketPC units always come with with the Windows CE operating system (see the PocketPC article). Maxt is deliberately misinterpreting our arguments with his Linux example, and he has used this same straw man four times without any reasoning why he considers Windows CE and desktop versions of Windows the same operating system. -- intgr 14:37, 23 December 2006 (UTC)
Just informing people that it turned out Adm30 was just a sock puppet of Maxt: Wikipedia:Requests for checkuser/Case/Maxt. Nice work, Nuwewsco. -- intgr 15:45, 24 December 2006 (UTC)
I would also like to address the "remark" on the article. "For example, even though Windows 3.11 and Windows Server 2003 are substantially mutually incompatible, they are merely two versions of one operating system."
Even though I personally would not consider Windows 3.1 and NT-based Windows versions "one operating system", the above is factually wrong – they are not "mutually incompatible", Windows 3.1 software still runs on Windows Server 2003. :) -- intgr 15:58, 24 December 2006 (UTC)
First, PocketPC is a hardware platform. Quote from PocketPC: "A Pocket PC, abbreviated P/PC or PPC, is a handheld-sized computer that runs a specific version of the Windows CE operating system." In other words PocketPC is a device that runs software. PC is hardware platform as well, and some people tend to say incorrectly that PC = Windows. Second, most Windows Vista software does not run on Windows 3.11 and vice versa. Drivers do not run at all (and drivers are the main parts of disk encryption software, which this article discusses). Windows CE is Windows. The platform is Windows. Partial incompatibility between two versions of Windows does not make them two distinct operating systems. Finally, Adm30 is my girlfriend who lives with me. I didn't know she tried to help me here, so it isn't really fair to call her a sockpupet. I don't know if it's really a mistake that I told her I was becoming annoyed because of this discussion. Her explanation is here: Maxt 10:48, 27 December 2006 (UTC)
Thank you for being respectful and not repeating the same arguments again. I think we are making progress.
"PC is hardware platform as well, and some people tend to say incorrectly that PC = Windows."
The PC is indeed only a hardware platform; Pocket PC, in contrast, is a marketing name to promote handheld devices running exclusively Microsoft's Windows CE operating system. It is therefore not incorrect to say that Pocket PC is a hardware and software platform. As explained above, people are much more likely to be familiar with the name "Pocket PC" than "Windows CE", and there is a strong precedent on Wikipedia for classifying them under "Pocket PC"
"Drivers do not run at all (and drivers are the main parts of disk encryption software, which this article discusses)."
That's precisely why I proposed classifying disk encryption software based on well-defined kernels or kernel APIs, rather than some vague "software platform" or "operating system" terms that usually only refer to userland software compatibility (that is, not drivers or kernel code). It's not only much easier to classify the software this way, it would also be more accurate and useful. While you might not want to put these under the "cross-platform" label, why not drop that entirely? It's just too vague and irrelevant for kernel code (hence our argument on the TrueCrypt article).
"Second, most Windows Vista software does not run on Windows 3.11 and vice versa."
So why do you keep saying that they are the same operating system (or platform)?
"Windows CE is Windows. The platform is Windows. Partial incompatibility between two versions of Windows does not make them two distinct operating systems."
So how do you really draw the line between different platforms or different operating systems? Based on the similarity of their names? Or based on the company that developed them? I have yet to hear of a concrete criteria from you (and I did explicitly ask).
Or if you would base it on the alikeness of the APIs, then, do you also say that all Unix-like operating systems are actually the same operating system, since there are "partial incompatibilities" between them but they are all "alike"? As far as I can tell, some Unix flavors are likely to be more compatible on the source code level than Windows Vista and Windows CE. And Unices are definitely more alike than Windows 3.1 and Windows Vista [or any other NT 4.0-based operating system for that matter].
"I was becoming annoyed because of this discussion."
Perhaps you should stop taking arguments on Wikipedia so seriously.
Here's how I see arguments on Wikipedia: I have a POV, and so does everyone else; I do not think mine is more important than others'. It's my arguments, and not my beliefs, that really speak for how strong or good the POV is. If people reach a consensus on Wikipedia, and even if I don't agree with it, the consensus was probably justified. I think this attitude is essential for building a consensus constructively, and also saving oneself from excessive wikistress.
As for Adm30 being sock puppet or not, you (or she) should probably talk to the admin who did the checkuser, not us. -- intgr 12:31, 27 December 2006 (UTC)

Links to commercial software[edit]

IIRC, it is not allowed to insert links to commercial software that has not "significantly affected the history of mankind" to Wikipedia content. It is considered spam. Am I right? Maxt 19:03, 4 March 2006 (UTC)

Good question, and one that I'm not sure I know the answer to. Wikipedia:External_links doesn't really help much, stating only that "Links that are added to promote a site" shouldn't be included. In honesty, I don't think we should differentiate between commercial and free software in making a decision, and should treat them both equitably. Personally I'm not a huge fan of WP articles which are predominately links to other sites. --Boxflux 21:43, 4 March 2006 (UTC)
Attached the 'possible spam' notice. The notice contains a link to the official guidelines for posting External links, which states that a link must not be included if the linked site "primarily exists to sell products or services". So I was right, and all links to the commercial software (their sites) should be removed. Maxt 14:33, 20 May 2006 (UTC)Maxt
I don't believe the policy is intended to exclude informative, germane links. A link to eBay from Lungfish would be spam; a link from eBay is not. —The preceding unsigned comment was added by (talkcontribs) 10:45, 9 July 2006 (UTC).
Sorry, didn't see that you'd added a comment here when I put mine below. I don't like these 'lists of...' pages on WP which just link to external sites. They are a pain to keep up-to-date and accurate, and they just attract link spammers as you note. I think we should remove all links to external sites - if a program (Windows or Unix) doesn't have a mention on WP then it's probably not notable enough to fall under the banner of "common". --Boxflux 15:52, 21 May 2006 (UTC)
Some data points - List_of_bitmap_graphics_editors as an example contains only internal links vs. List_of_vector_graphics_editors which contains a internal link (valid or not) followed by a relevant external link.
The reason I moved the {{spam}} tag to the top of the section was because it occurred to me that a link-spammer could add a link to any of the 3 sections, not just the Windows one. The whole section of links is potentially likely to be spam, but I'll leave it where it is for the time being. --Boxflux 15:58, 21 May 2006 (UTC)
Ok, I removed all links to commercial software. I left BitLocker Drive Encryption and PGPDisk there. The former has a Wiki entry and its impact may be significant (a reason to keep it?). Older versions of PGPDisk are free, so it could stay there. Maxt 18:24, 22 May 2006 (UTC)Maxt
I like the changes you've made. I'm tempted to say we could go further and remove some of the other links (quote: "which is no longer being developed" and "now considered deprecated" probably mean they don't fall under the heading "common"?). I don't have time to go through all the entries right now, but I'll try to do so tomorrow and see if there are any others we can remove, and hopefully then get rid of the {{spam}} tag too. --Boxflux 08:16, 23 May 2006 (UTC)
Yes, the term "common" does not match deprecated software. Also see my comment on this matter here on this Talk page, entitled "Common disk encryption software". Deprecated software nontheless played some role in the past. Isn't Wikipedia about history too? I'm not sure if obsolence is a reason for complete removal from this article. Maxt 11:18, 23 May 2006 (UTC)Maxt
I've changed "common" to "notable" (for several reasons), but I also removed the abandoned and deprecated software (except for Cryptoloop and CrossCrypt, largely to highlight that they are deprecated). If you want to write the history of drive encryption software, be my guest, but I think that should go in its own section. —The preceding unsigned comment was added by (talkcontribs) 10:45, 9 July 2006 (UTC).

I do not think that all external links to software should be removed simply because it happens to be sold and isn't open source, free or some variant. Such a stance is most likely a political one and a printed encyclopedia would not limit itself to referencing only items which are "free". It is one thing to include a link to the ecommerce "buy it now” or marketing guano, but not all external links to commercial software fall into that category. An encyclopedia article would be biased and less useful to the reader if it did not treat Free Software and commercial software with the same brush. Rearden9 04:36, 24 September 2006 (UTC)

Wiki is and should be solution oriented and not a kind of an academic club! People who use it simply want to be informed about something. provide an image of the current state of something will help. You never know exactly what influences the future (the most) because no one knows what the future will bring us. I found another disk encryption software.
This could be the wiki entry:
WinMagic Inc
Commercial, Windows 2000/XP; boot password, does not support Linux or SCSI drives
What I miss in an article about D E S are other things. What happens if the system crashes? What about sector/file oriented backups (Partition/Disk backups)? What about update capabilities? Is there a recovery option? Will it work? Some of the solutions come with a bootmanager. What else means log on password? What do you do if the recovery solution does not work? Would you write back any MBR code? What about risk management? There is a high risk to loose contact to your decryption code (.bin,.dll)? You simply will not find it.
What are the concepts? This is about system security. I did not read a single word about the recovery mechanism for so far?
Wikipedia is not just a wiki, it's an encyclopedia, thus bound to be academic in nature. Please refer to what Wikipedia is not.
As for your recovery questions, most (nearly all?) disk encryption solutions, do not change the semantics on disk crashes — journaling file systems will be able to recover whether the disk is encrypted or not. The only exception I'm aware of is GBDE, where disk writes are non-atomic due to its design, and thus can cause corruption even with journaling file systems. However, even in this case, recovery does not require any special tools. Typical file system recovery tools can be used. Note that this quality is entirely unrelated to cipher algorithms (DES), hence why it's not discussed there.
Raw disk backups will work just like they do with unencrypted disks. I do not really understand what you mean under "risk management", "update capabilities" or "write back any MBR code" -- intgr 07:33, 4 January 2007 (UTC)

What actually means disk encryption? To start an OS you need a file system. Encrypted file system: OOOH the Fat and Mft (on ext2,3, reiserfs the balanced or unbalanced B-Tree structures or something like that) are probably still there. Only the senseful content has gone! The data! There is a low level file system driver/filter or a kind of a redirector which starts before the file system drivers start. And you have changed the MBR boot code because you have installed a Disk Encryption Software. The pointer to the encryption code will be stored in the MBR. What does the recovery software if this pointer is lost? What if the code of the login code routine is overwritten? What if the PBR code is overwitten? Situation without DES: You write back the MBR code as long as the Partition table is still OK. Why should the Partition table be OK? Will standard recovery software work? The rest of the file system is still there! You would find file structures with encrypted data. You could save them to another location. What would the answer of the DES be????? Could you with the help of some keyfiles decrypt these lost/recovered files????? Think about it! The important expression is "risk management". Is disk encryption in general a good Idea? A weak presentation/diskussion until now! Not at all real world oriented!


As for your recovery questions, most (nearly all?) disk encryption solutions, do not change the semantics on disk crashes — journaling file systems will be able...

I am sorry, but I do not like the word "semantics". The meaning of words like these are often unclear. This should be an encyclopedia! So, uncertainty will not help here. Heisenberg is not on earth at this point in time. Secondly I do not agree. Why? A bootmanager is added to the file system. What does it mean? You don`t know what it actually means? And this is the point. Semantics are not really the point of interest here! It doesn`t matter which platform you use. Windows, unix and linux systems reach a state of Unbootyliciacy (Beg your pardon Beyonce!) Reiserfs will not help here. The question is: How can I recover? Would you think disk encryption software in general would help in system recovery after randomly changing some file system bits? My personal experience says: It would not help and the damage would be worse as compared to the state without disk encryption software. DES changes the ability of system recovery. Plutarchsaid 08:49, 4 January 2007 (UTC)

I don't really know why I'm wasting my time responding to you, but here goes.
"I am sorry, but I do not like the word "semantics"."
What I meant was, in the case of a software crash or a power loss, an encrypted disk behaves just like an ordinary one. Thus, recovery from such a crash will take place in the same way – all recent operating systems with journaling file systems do that implicitly.
"A bootmanager is added to the file system."
Operating systems rely on bootloaders to boot them whether the disk is encrypted or not. As I already explained above, the bootloader can be reinstalled if it has been corrupted. However, why would anyone overwrite the MBR or the bootloader in the first place?
First of all, cipher algorithms such as DES have nothing to do with how the data is organized on the disk. DES is not a disk encryption tool, it is simply an algorithm that can be used in any application that needs encryption; it is a primitive. Obviously the DES article is of no use to you — it discusses the algorithm itself.
Second, "disk encryption" means different things to different people. Wikipedia currently categorizes both filesystem-level encryption and raw volume encryption as "disk encryption". (Raw volume encryption regrettably does not currently have its own article, although there are full disk encryption and OTFE). Encryption layer in storage stack should make the differences clear. However, when talking of disk encryption, people usually mean raw volume encryption. With raw volume encryption, everything, including file system structures, is encrypted. (Obviously, when using pre-boot authentication, the bootloader is not encrypted)
For volume encryption, the only difference between encrypted and unencrypted disks, from the operating system's point of view, is that the encryption key is not typically derived directly from the password, but stored encrypted in a header (superblock in Unix lingo). If you corrupt this, then obviously you're screwed if you don't have any backups. However, this is not a bug, it is a feature – when wiping the superblock, you can quickly (effectively) destroy all the encrypted information. Note that non-encrypted disks also contain critical file system structures that, when overwritten, may stop automatic recovery tools from recovering any data.
The risks are simply unrelated to whether using disk encryption or not. If your users are dumb enough to overwrite MBRs or other essential places on the disk (doing which is nontrivial), then how can you assume that they won't delete anything else crucial? Critical data would be backed up anyway, since nothing can protect you from hardware failures. Backups are essential. Right?
In conclusion: Uninformed users are a risk. Hardware failures are a risk. The risks of disk encryption itself are negligible, and may be beneficial in cases where quick data destruction is necessary. Whether using encryption or not, users should be educated not to run programs that might corrupt their disk, if they don't know what they are doing. Whether using encryption or not, important data would be backed up. -- intgr 09:35, 4 January 2007 (UTC)

Poooh. You are stealing time! It is simply not a question of who blames for it!! It simply happens. As I stated before the article is not real world oriented! The solution is what counts. Not the analysis! Different people think another reason causes the crash. The political debate about this does not provide the solöution of a problem.

Your argumentation: If you corrupt this, then obviously you're screwed if you don't have any backups. However, this is not a bug, it is a feature – when wiping the superblock, you can quickly (effectively) destroy all the encrypted information. Note that non-encrypted disks also contain critical file system structures that, when overwritten, may stop automatic recovery tools from recovering any data.

No. not the user blames for unflushing buffers. ...uninformed users are dumb enough to overwrite MBRs or other essential places on the disk

 It`s the OS or Apps or drivers or anything.

Or the real world (viruses. system crashes or whatever you like). The wikipedia article should be real world oriented. To blame the user for system faults is typically microfrog strategy and should not be part of wikipedia articles. You wrote: The risks are simply unrelated to whether using disk....

Yes, are unrelated to the user! The OSs are still far away from being perfect. And this is how it is. Is it how it should be? Yes! Writing OS code is difficult. There is a lot of code and mistakes simply happen. It is an act of personal strength and company policy to say that there are mistakes. The problems should be solved quickly. And nothing else.

Running/installing bootmanagers in general is a very riskful operation. The DES solutions often are equipped with boot managers. DES (this is not related to the "DES" encryption algorithm in this article) It stands for Disk encryption software, DES!

Risk management: Seems to be unclear... Lemma 1) Never change a winnning team! DES comes into play: You implement software which changes very critical file system areas and you do not know exactly how these areas are changed. Additionally file data loose any kind of recoverable sense. So, simply repeated you increase a risk of loosing data. It is not a single file concerned. You can loose the whole collection of data of multiple disks

intgr: OK. Real world. You are in theory able to recover files after a system crash or virus attack or because the system is lazy (even this is questionable). You don`t have access to the installed decryption software. Which DES software is able to decrypt these kind of encrypted, recovered files? Did you test a single DES Software in the real world? Simply say what are your test results? Not what is expected from theory! Wikipedia should represent the realworld! They like donations in form of money. Otherwise wiki would vanish like a lot of not real world oriented web content. This is the reason for me to visit wikipedia pages. The current article is not real world oriented. Send me an imagefile of an encrypted OS I would change a few bytes and you would see the risk of loosing complete disk information increases just because there is a change of the winning team!

No sementical or sentimental answer requested! Plutarchsaid 11:06, 4 January 2007 (UTC)

I assumed that you were talking about user errors or simple power loss/operating system crashes; yes, no doubt, software has bugs, and bugs in disk encryption software may trash your data since all the data passes through it. It is often impossible to know about software quality in advance, especially with commercial software, and it is even harder to present this information objectively. Thus, for the purpose of an encyclopedia, undocumented bugs do not exist.
Bugs by their nature are unpredictable, and recovering from unpredictable situations with programs, written before the unexpected bug occurs, is questionable at best. Especially so since disk encryption aims to make recovery by a potential adversary impossible. But just as with other unpredictable situations, such as hardware failures and user errors, software bugs can be mitigated with backups. And backups are essential, in the real world. I am surprised that you're throwing around the phrase "risk management" without realizing the importance of backups.
"Wikipedia should represent the realworld! They like donations in form of money. Otherwise wiki would vanish like a lot of not real world oriented web content."
The donations go entirely to sustaining hosting and bandwidth costs — Wikipedia does not employ any editors. All editors are doing it from their own free time, you can't blame them for not writing about something you want to know about! You are of course welcome to improve Wikipedia how you see fit, as long as you conform with the policies.
"No sementical or sentimental answer requested!"
"Semantic" is a well-defined term when used in technical contexts. If you are looking for someone to make fun of, you can look somewhere else. Coupled with your inadequate English grammar and spelling, I am having a hard time taking you seriously in the first place. -- intgr 12:21, 4 January 2007 (UTC)

"Common disk encryption software"[edit]

How do we define "common" in this context? If it means widely used, then only TrueCrypt, PGP, FileVault and dmcrypt could stay there. The other listed pieces of sotware are rather obscure or spam.Maxt 17:48, 20 May 2006 (UTC)Maxt


Also considering adding WinEncrypt which is closed source and free.

I wouldn't be so happy about just adding some closed source encryption software. I looked on the WinEncrypt page trying to find some documentation about what encryption was used. I only found the names of two block ciphers, but nowhere did it mention what mode was used. And only a very restricted version of the software is free. Kasperd 10:16, 28 December 2005 (UTC)

it's documentation states that it uses cbc mode —Preceding unsigned comment added by (talkcontribs)


The CrossCrypt article give the impression, that the software can be used on both Windows and Linux. So either this article is wrong or the CrossCrypt article is wrong. Which is it? 17:17, 7 March 2006 (UTC)

The CrossCrypt article was indeed incorrect. Fixed. CrossCrypt runs only on Windows. It is compatible with a Linux format, but it does not run on Linux. In the Cross-Platform category, only programs that run on more than one operating system shall be included. To illustrate: if a graphics editor runs only on Windows, then it's still a Windows-only program even though it can load/save the png format (which is a cross-platform format). Maxt 18:32, 7 March 2006 (UTC)Maxt

External links[edit]

I just noticed a link to the "Inside NetBSD's CGD" article was added. What kinds of external links should this article have? Maybe also a link to the GBDE article on either or Kasperd 21:49, 28 December 2005 (UTC)

A great how to for dm-crypt [2]

Suggestion for list of software[edit]

I'm not sure I like the huge list of software at the bottom of this article, and, as other editors above have noted, it could be seen as link spam. My suggestion for the large list of links - to keep it in line with Wikipedia's policy - is that we should only link to products which have a page on WP, and avoid linking to external sites at all. Thoughts? --Boxflux 19:47, 20 May 2006 (UTC)

I'm not sure why you are starting a new section here. I started discussion about this already -- see the section 'Links to commercial software' above.Maxt 08:18, 21 May 2006 (UTC)Maxt
Well to be fair to Boxflux, since you moved your discussion to the top of the talk page, rather then leaving it at the bottom as it should be, Boxflux might have assumed your discussion was ancient discussion and thought it best to restart it. It's usually best not to move around discussion unless archiving or sorting. Moving new discussion to the top tends to be a bad idea as a lot of people like me mostly ignore discussion at the top in long talk pages as I assume it has already been resolved and if not, it's probably best to restart it at the bottom anyway. Nil Einne 10:33, 12 December 2006 (UTC)

Volume-level encryption software[edit]

There is a great difference in functionality if the software can encrypt the booting volume, perhaps this can be lifted forward in some way? -- 00:32, 9 June 2006 (UTC)

There is no fundamental (conceptual) difference; it's only a question of whether the tool supports pre-boot authentication or not. The Comparison of disk encryption software article now covers this. -- intgr 07:13, 4 January 2007 (UTC)

Retire the list of software[edit]

Does anyone have feelings against retiring the current "Notable disk encryption software" section from this article? The comparison of disk encryption software article should now address all the purposes that this list does — and while entries in this article just advertise whatever features are considered the most remarkable, the comparison article presents the tools in a more neutral manner, in addition to being more informative.

Note that I am the author of the comparison, so do not blindly trust everything I'm saying. :) -- intgr 21:17, 18 April 2007 (UTC)

Merge On-the-fly encryption into here[edit]

Someone, back in February, suggested merging OTFE into here. I say just do it.--Ishi Gustaedr (talk) 17:46, 15 May 2008 (UTC)

Merging OTFE here might seem logical, but in practice it is not correct. Disk encryption refers to encrypting entire disks or partitions. Some, but not all, OTFE software can be used to encrypt entire disks. OTFE is often used to create "volumes" that contain selected files or folders. -- Eighteights (talk) 17:06, 18 June 2009 (UTC)

Safety of encrypted data[edit]

I would like to see some information on how sensitive disk encryption is to localized data loss. Can most unaffected data be recovered as long as header information is backed up or otherwise available? (talk) 14:10, 27 August 2008 (UTC)