Am Dienstag, 6. März 2018, 10:57:27 schrieb Klaas Freitag:
Yes, that is true. But with the pr above you will get both backends recommended I think.
No, only encfs is recommended. That change will pull in cryfs if you uninstall (or lock) encfs though.
The original package has a recommends on the encfs package
Actually the original package *required* encfs. Now it requires one of the two backends, i.e. you don't need encfs if you install cryfs. It does recommend encfs only.
while I believe that upstream recommends cryfs to use, when I am reading [1] correctly.
Well, to me this doesn't really sound like they explicitly recommend cryfs: It is true that EncFS has known security issues thanks to the independent security audit by Taylor Hornby, so you know that it is not safe in certain use-cases. But its huge advantage is that you know what its problems are. For the newer systems like CryFS, there is no known independent security audits (if you find one, please notify me). This means that, at this point, the choice is between a known system with known faults that you will most likely be safe with if you use it correctly, and a new system that does not have those faults, but its faults are unknown.
The pull request https://build.opensuse.org/request/show/583148 also still prefers encfs.
Yes, that's true. And encfs is actually the default backend in Plasma 5.12, see: https://cukic.co/2018/01/28/plasma-vaults-and-different-cryfs-versions/ But according to https://cukic.co/2018/02/02/plasma-vault-update-on-cryfs/, cryfs apparently will become the default in Plasma 5.13. I don't know whether the mentioned fixes are in cryfs 0.9.9 already though. Kind Regards, Wolfgang -- To unsubscribe, e-mail: opensuse-kde+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kde+owner@opensuse.org