Talk:FreeOTFE

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Computer Security / Computing  (Rated B-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
B-Class article B  This article has been rated as B-Class on the project's quality scale.
 Low  This article has been rated as Low-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Computing.
 
WikiProject Computing / Software (Rated B-class)
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
B-Class article B  This article has been rated as B-Class on the project's quality scale.
 ???  This article has not yet received a rating on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Software.
 
Note icon
This article has been automatically rated by a bot or other tool because one or more other projects use this class. Please ensure the assessment is correct before removing the |auto= parameter.

Ease of use[edit]

I think the program is uncomprehendable if you don't take multiple days to learn about the subject first.

Except from that, take a look at these lines:

If you create a hidden volume within an existing volume, be warned: mounting and adding data to the "host" volume may result in the "hidden" volume being overwritten, and its data destroyed.

When creating a hidden volume within an existing volume, ensure that the offset you specify is large enough such that it does not overwrite any of the system areas of that host volume (e.g. the FAT)

I hardly know what they mean, but would I trust my data to a program that apparently can overwrite it?

I thought it to be a simple window that scambles/unscambles data. Something like WinZip, but simpler. It is not. —The preceding unsigned comment was added by Svenpb (talkcontribs).

First, note that Wikipedia talk pages are for discussing the article and not for expressing your opinions on the subject, unless they are relevant to the article.
The fact that hidden volumes can be overwritten is a feature, not a bug — it's called deniable encryption, e.g., hiding the fact that there is a hidden volume in the first place. Several disk encryption utilities have this feature and all of them share this behavior.
If you don't need this feature and want your data to be safe, just don't use the hidden volume feature.
As for being like WinZip — no, tools like this transparently encrypt and decrypt all the data that is stored on the encrypted volume at all times; otherwise, if you're storing unencrypted data on the disk even temporarily, then that makes your data susceptible to forensics. -- intgr 10:39, 9 April 2007 (UTC)

Written like an advertisement[edit]

I have set the "advert" category. The reader is directly addressed as user of the software. The article is full of praise and provides hardly more than feature lists. I am willing to believe that OTFE is a great piece of software, but Wikipedia is not the place to judge this.

--217.226.114.245 (talk) 20:08, 10 January 2008 (UTC)

TBH, a lot of other pages relating to similar products could have the same tag added. But although the article does list some of its features, the subject's certainly encyclopedic.
I've removed the advert tag, and replaced it with a stub tag instead - it would be helpful if someone would flesh it out a bit more.
Thinking about adding some more to it - and looking at a number of the other disk encryption pages; FreeOTFE has a number of features in common with serveral other OTFE systems. I'd suggest removing those features which are common to a number of the disk encryption related articles (e.g. Private Disk, truecrypt, bestcrypt) from those articles, and moving them to a single page listing the differences, rather than duplicating here. XFireRaidX (talk) 21:52, 10 January 2008 (UTC)
ISTM, that's what the Comparison of disk encryption software article is? Nuwewsco (talk) 22:28, 10 January 2008 (UTC)
Yes partially has the kind of thing I was thinking of as a summary but more than that theres more information that could be included eg it would probably be worth moving the "Plausible deniability" and "Other features" sections of truecrypt to the Disk encryption software page instead of copying it here.
It may also be worth moving the "Features" section of the bestcrypt article to Comparison of disk encryption software as well? XFireRaidX (talk) 08:50, 11 January 2008 (UTC)
The correct tag is {{peacock}}. ~ Jafet Speaker of many words 11:03, 18 June 2008 (UTC)

Licence is not Open Source, no free Software[edit]

Please see the licence of FreeOTFE and the Open Source Definition §8. This thing is not compatible to the OSD, though the source code is available. The next issue: The project itself doesn't use it for the software. In each and every file there's just a copyright notice and there in no COPYING or LICENCE file in the whole tarball. But even if that would be the case, the best thing is the 4th point of the licence: If someone reuses reused code, it wouldn't be necessary to make your code available to the public, because only "Any software derived from any part of FreeOTFE or FreeOTFE4PDA and/or its source code must be released into the public domain with full source code." And who is I anyway? This is the most stupid thing I've ever read so far that claims to be a licence.

Because of that, I change the licence to "copyright" and remove all things in the article that would tell the reader that this is Free or Open Source Software. If someone has another point of view, I would be glad to hear about it. --88.70.172.83 (talk) 13:41, 15 December 2008 (UTC) write me here

Clearly it is free software, that's patently obvious. As to it being "copyright" - all opensource software is copyright. If the author didn't own copyright to it, they couldn't licence it in the first place. Besides, looking at the licence, it's pretty clear that if anything, the licence is less restrictive than opensource - it makes any source code changes to it into the public domain. Looking at the source code files, it states "By Sarah Dean", and gives contact details, which seems fair enough. —Preceding unsigned comment added by 62.30.249.131 (talk) 19:09, 15 December 2008 (UTC)

Exactly, looking at teh source code it states Sarah Dean and nothing more or less. Actually there ist no licence for the software itself, it is copyright ONLY. The other things, well you don't know how restictive open source is, do you? Open source is a mark and a definition and this one doesn't meet the definition, because it is product specific. Please read the definition, than you know what I meant. --88.70.172.83 (talk) 22:19, 15 December 2008 (UTC)

Fine that you have been so kind to accept freeware. Two things:
  1. What "docs" do you mean? I searched the whole package for regex *doc* but the only thing I've found was from libtomcrypt, which is really public domain (i.e. no copyright at all). Where else have you found docs? I will not edit this page just for adding this information, but it would be nice to know, if I was wrong and the "licence" applies to the source code. I can't find anything!
  2. It is not only, that this text makes it no open source, it isn't a licence.
    1. A licence is a contract between two legal persons, the owner and the user of something what the licence is about. If an owner gives permission to everybody to use his property, it still is a contract. So at least the owner must include his name as part of the licence, to make the contract valid under the law. "I" is not a name. Since copy- or creator's right (in europe) ends in most countries after some years, the year of the contract must been given, as well.
    2. A licence is part of the thing that the owner gives permission to use. This is the reason, why everybody else puts a notice, or the whole licence (if it's a short one, like some kind of BSD Licence) or even the public domain permission on top of every file of his source code. You cannot use (change) something without regarding and accepting the software licence. And because there is nothing in these files here, they have no licence at all. It is copyright only. That there's a website with a nice text, even if it would be valid, doesn't matter. That brings me back to no. 1. I will also not include this in the article, but I wanted you to understand what I meant.
I hope that this was easy to understand. Regards. --88.70.161.159 (talk) 17:33, 16 December 2008 (UTC)
I don't see how the FreeOTFE licence violates #8 of the Open Source Definition:
"The rights attached to the program must not depend on the program's being part of a particular software distribution. If the program is extracted from that distribution and used or distributed within the terms of the program's license, all parties to whom the program is redistributed should have the same rights as those that are granted in conjunction with the original software distribution."
This requirement just means that the software licence doens't become invalid if you distribute the software without some other software which normally comes bundled with it. There's nothing that prevents FreeOTFE from being distributed with any software distribution (e.g. on a magazine cover disk, or WWW site), similarly there's nothing that mandates that it's distributed with anything. If FreeOTFE's distributed within the terms of its licence, everyone who gets a copy does have the same rights.
Re the licence, it does appear on the FreeOTFE WWW site, and also in both the source and installation packages, but it's an HTML file (".htm"/".html" file), and not a MS Word document (".doc" file). Looking at the URL where the licence can be found ([1]), it's probably stored under the filename "licence.htm" in the installation Nuwewsco (talk) 22:27, 3 January 2009 (UTC)
Just checked: "docs\licence.htm" in both installed and source distributions Nuwewsco (talk) 22:30, 3 January 2009 (UTC)

License change[edit]

It seems like the license has changed and now looks OSD compliant to me. It's a pity the author decided to create another "vanity license" instead of choosing a already approved one. IANAL, but section 4.1.2 looks a little bit problematic as only claims against the Original Author void the license. So I can happily sue anyone that made modifications... Yoghurt (talk) 01:12, 5 January 2009 (UTC)

And that makes it a non OSD licence, since it's not the same licence for the modifier, actually. Maybe we should ask OSI if freeotfe uses it's trademark in a misleading manner. That would bring reliable findings about it's OSD status at least. I think this one is similar to Microsoft's Reciprocal License without adressing the patent issue. -88.70.168.174 (talk) 11:09, 6 January 2009 (UTC)
OSI has no trademark on Open Source, they tried, but couldn't get one. That's the problem nowadays, as everyone can call his license open source, as it has no legal meaning at all (AFAIK, IANAL). But I don't think your statement about it not being OSI compatible is correct. You can use the same license for derivate works, and you license it under the same terms as it was licensed to you. There are some parts in the license that probably would make it non-DFSG-free, though. -- Yoghurt (talk) 16:53, 6 January 2009 (UTC)
What I meant was, that as an author of modifications, the licence doesn't grant you the same rights as sarah dean. That makes it a different licence for the modifier, though it includes the same words. And since it is copyleft, you have to use this one. The only way I can see to modify the program including a disclaimer for your work is with seperate patches. Like before she knows how to keep the rights of her work for her own as shared source. Pubic domain or patches, doesn't matter: Derivative works without lawyer bombs are virtually impossible in this way. --88.70.168.174 (talk) 22:44, 6 January 2009 (UTC)

Anyone know if the author is still alive?[edit]

I have checked and stalked everywhere, EVERYWHERE, for the past 2 years to contact the author for some suggestions and possible help for signing drivers, which would make this software far more usable and valuable.

Although this is irrelevant to Wikipedia, what is relevant is the whereabouts of the author, and whether or not this one-of-a-kind project can be considered abandoned while in a state of custom license. I thought maybe I could read something in this article about Sarah Dean, but no.

All mailboxes are permanently full, causing bounces. Source Forge messaging is disabled. Questions on stack exchange get removed. Anyone got any clue to get more information about this?

Redsandro (talk) 18:30, 31 March 2013 (UTC)


To Redsandro's point, if the project is defunct or the lead-developer has passed it on, that would be good info to add. I was looking for this also.

@Redsandro Have you tried these?

  1. WHOIS the domain freeotfe.ORG (fyi: expires 2013-06-16), there's an admin contact.
  2. Google "David Saunders freeotfe", the first entry is "Appendix B: Credits - FreeOTFE". Use Google-Cache to view the page, there's several credited contributors with contact info. Maybe they can assist? (http://webcache.googleusercontent.com/search?q=cache:6R2MOWeJAHYJ:www.freeotfe.org) 69.248.214.71 (talk) 23:43, 20 April 2013 (UTC)

@all, the freeotfe.org site was down due to non-payment. I donated some money to the host provider and ask them in return to put the site back up for a period of 2 weeks so mirrors can be made. The site is currently up and will go down again on the 05/27/2013. I plan to make a copy of the website and put it up. All efforts to contact the author wasn't successful and at this point, there is a chance that the original author might have deceased. O1001010 (talk) 15:34, 13 May 2013 (UTC)


@anonymous I tried contacting every direct email address on that page. So far I have received bounces from David Saunders, Brian R. Gladman, Peter Thörnqvist, Alexander Okorokov and Brian Smith. There are two addresses left that didn't bounce. Let's hope those mailboxes are still being watched. Redsandro (talk) 21:48, 28 May 2013 (UTC)


@all, @Plastic rat Sorry about the huge delay. About 2 years ago I found the site was down. But the domain name was still up and the hosting company just disabled the site due to non-payment. The hosting company was some company in Singapore. I presented the case and they refused to give me the direct site files. However, after I made a donation to them, they agree to unsuspend the FreeOTFE and Sdean site for 30 days. So I used HTTPTrack and download all the sites and files that the crawler was able to find. I happen to be a big fan of the software as the program allowed security without installing files. I am not sure what I should do with the original files and source codes, but I am thinking some sort of memorial should be set up for SDean and FreeOTFE, and all the files putted back online. O1001010 (talk) 05:21, 1 April 2015 (UTC)

re Truecrypt debacle[edit]

What with whats happening with Truecrypt I suspect this would be an amazing time for Sarah Dean to reappear and update FreeOTFE. If she didnt want to work for free Im sure it could be crowdsourced... Sarah, if you're out there, PLEASE come back!

DoxBox[edit]

Can someone please update this article to add a reference to DoxBox (https://t-d-k.github.io/doxbox/ ) which is a relaunch of FreeOTFE. I am the maintainer of DoxBox. Squte (talk) 23:25, 30 August 2014 (UTC)